wyskakujace okna yyyXXX.html prosba o sprawdzenie loga
L2MFIX find log 1.04a
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DLLName"="Ati2evxx.dll"
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000001
"Lock"="AtiLockEvent"
"Logoff"="AtiLogoffEvent"
"Logon"="AtiLogonEvent"
"Disconnect"="AtiDisConnectEvent"
"Reconnect"="AtiReConnectEvent"
"Safe"=dword:00000000
"Shutdown"="AtiShutdownEvent"
"StartScreenSaver"="AtiStartScreenSaverEvent"
"StartShell"="AtiStartShellEvent"
"Startup"="AtiStartupEvent"
"StopScreenSaver"="AtiStopScreenSaverEvent"
"Unlock"="AtiUnLockEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Internet Settings]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\enjql1151.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wzcnotif]
"DLLName"="wzcdlg.dll"
"Logon"="WZCEventLogon"
"Logoff"="WZCEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000000
RegDACL 5.1 – Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999–2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!
Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(NI) ALLOW Full access ZARZDZANIE NT\SYSTEM
(IO) ALLOW Full access ZARZDZANIE NT\SYSTEM
(NI) ALLOW Full access ZARZDZANIE NT\SYSTEM
(IO) ALLOW Full access ZARZDZANIE NT\SYSTEM
(ID–CI) DENY ––C––––––– BUILTIN\Administratorzy
(ID–NI) ALLOW Read BUILTIN\Uytkownicy
(ID–IO) ALLOW Read BUILTIN\Uytkownicy
(ID–NI) ALLOW Read BUILTIN\Uytkownicy zaawansowani
(ID–IO) ALLOW Read BUILTIN\Uytkownicy zaawansowani
(ID–NI) ALLOW Full access BUILTIN\Administratorzy
(ID–IO) ALLOW Full access BUILTIN\Administratorzy
(ID–NI) ALLOW Full access ZARZDZANIE NT\SYSTEM
(ID–IO) ALLOW Full access ZARZDZANIE NT\SYSTEM
(ID–IO) ALLOW Full access TWRCA–WACICIEL
**********************************************************************************
useragent:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{2F179D86–EAF0–5A56–CB09–1B8CA0177C19}"=""
**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613–0000–0000–C000–000000000046}"="Karta waciwoci pliku multimedialnego"
"{176d6597–26d3–11d1–b350–080036a75b03}"="ZarzĄdzanie skanerem ICM"
"{1F2E5C40–9550–11CE–99D2–00AA006E086C}"="Strona zabezpiecze NTFS"
"{3EA48300–8CF6–101B–84FB–666CCB9BCD32}"="Strona waciwoci OLE Docfile"
"{40dd6e20–7c17–11ce–a804–00aa003ca9f6}"="Rozszerzenia powoki dla udost©pniania zasobw"
"{41E300E0–78B6–11ce–849B–444553540000}"="PlusPack CPL Extension"
"{42071712–76d4–11d1–8b24–00a0c9068ff3}"="Rozszerzenie CPL karty graficznej"
"{42071713–76d4–11d1–8b24–00a0c9068ff3}"="Rozszerzenie CPL monitora wywietlania"
"{42071714–76d4–11d1–8b24–00a0c9068ff3}"="Rozszerzenie CPL kadrowania wywietlania"
"{4E40F770–369C–11d0–8922–00A024AB2DBB}"="Strona zabezpiecze usugi DS"
"{513D916F–2A8E–4F51–AEAB–0CBC76FB1AF8}"="Strona zgodnoci"
"{56117100–C0CD–101B–81E2–00AA004AE837}"="Program obsugi danych wycinkowych powoki"
"{59099400–57FF–11CE–BD94–0020AF85B590}"="Rozszerzenie Disc Copy"
"{59be4990–f85c–11ce–aff7–00aa003ca9f6}"="Rozszerzenia powoki dla obiektw Microsoft Windows Network"
"{5DB2625A–54DF–11D0–B6C4–0800091AA605}"="ZarzĄdzanie monitorem ICM"
"{675F097E–4C4D–11D0–B6C1–0800091AA605}"="ZarzĄdzanie drukarkĄ ICM"
"{764BF0E1–F219–11ce–972D–00AA00A14F56}"="Rozszerzenia powoki dla kompresji plikw"
"{77597368–7b15–11d0–a0c2–080036af3f03}"="Rozszerzenie powoki drukarek sieci Web"
"{7988B573–EC89–11cf–9C00–00AA00A14F56}"="Disk Quota UI"
"{853FE2B1–B769–11d0–9C4E–00C04FB6C6FA}"="Menu kontekstowe szyfrowania"
"{85BBD920–42A0–1069–A2E4–08002B30309D}"="Aktwka"
"{88895560–9AA2–1069–930E–00AA0030EBC8}"="Rozszerzenie ikony HyperTerminalu"
"{BD84B380–8CA2–1069–AB1D–08000948F534}"="Fonts"
"{DBCE2480–C732–101B–BE72–BA78E9AD5B27}"="Profil ICC"
"{F37C5810–4D3F–11d0–B4BF–00AA00BBB723}"="Strona zabezpiecze drukarek"
"{f81e9010–6ea4–11ce–a7ff–00aa003ca9f6}"="Rozszerzenia powoki dla udost©pniania zasobw"
"{f92e8c40–3d33–11d2–b1aa–080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717–39BF–11D1–8CD9–00C04FC29D45}"="Rozszerzenie Crypto PKO"
"{7444C719–39BF–11D1–8CD9–00C04FC29D45}"="Rozszerzenie Crypto Sign"
"{7007ACC7–3202–11D1–AAD2–00805FC1270E}"="PoĄczenia sieciowe"
"{992CFFA0–F557–101A–88EC–00DD010CCC48}"="PoĄczenia sieciowe"
"{E211B736–43FD–11D1–9EFB–0000F8757FCD}"="&Skanery i aparaty fotograficzne"
"{FB0C9C8A–6C50–11D1–9F1D–0000F8757FCD}"="&Skanery i aparaty fotograficzne"
"{905667aa–acd6–11d2–8080–00805f6596d2}"="&Skanery i aparaty fotograficzne"
"{3F953603–1008–4f6e–A73A–04AAC7A992F1}"="&Skanery i aparaty fotograficzne"
"{83bbcbf3–b28a–4919–a5aa–73027445d672}"="&Skanery i aparaty fotograficzne"
"{F0152790–D56E–4445–850E–4F3117DB740C}"="Remote Sessions CPL Extension"
"{60254CA5–953B–11CF–8C96–00AA00B8708C}"="Rozszerzenia powoki dla hosta skryptw systemu Windows"
"{2206CDB2–19C1–11D1–89E0–00C04FD7A829}"="Microsoft Data Link"
"{DD2110F0–9EEF–11cf–8D8E–00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90–9EDD–11cf–8D8E–00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990–4C6A–11CF–8D87–00AA0060F5BF}"="Zaplanowane zadania"
"{2559a1f7–21d7–11d4–bdaf–00c04f60b9f0}"="Set Program Access and Defaults"
"{5F327514–6C5E–4d60–8F16–D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{0DF44EAA–FF21–4412–828E–260A8728E7F1}"="Pasek zada i menu Start"
"{2559a1f0–21d7–11d4–bdaf–00c04f60b9f0}"="Wyszukaj"
"{2559a1f1–21d7–11d4–bdaf–00c04f60b9f0}"="Pomoc i obsuga techniczna"
"{2559a1f2–21d7–11d4–bdaf–00c04f60b9f0}"="Pomoc i obsuga techniczna"
"{2559a1f3–21d7–11d4–bdaf–00c04f60b9f0}"="Uruchom..."
"{2559a1f4–21d7–11d4–bdaf–00c04f60b9f0}"="Internet"
"{2559a1f5–21d7–11d4–bdaf–00c04f60b9f0}"="E–mail"
"{D20EA4E1–3957–11d2–A40B–0C5020524152}"="Czcionki"
"{D20EA4E1–3957–11d2–A40B–0C5020524153}"="Narz©dzia administracyjne"
"{596AB062–B4D2–4215–9F74–E9109B0A8153}"="Strona waciwoci Poprzednie wersje"
"{9DB7A13C–F208–4981–8353–73CC61AE2783}"="Poprzednie wersje"
"{875CB1A1–0F29–45de–A1AE–CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757–D6E4–4b49–BB41–0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D–D390–480b–92FD–7DDB47101D71}"="Wav Properties Handler"
"{87D62D94–71B3–4b9a–9489–5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45–6E44–43f9–8644–08598F5A74D9}"="Midi Properties Handler"
"{c5a40261–cd64–4ccf–84cb–c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780–7743–11CF–A12B–00AA004AE837}"="Pasek narz©dzi programu Microsoft Internet"
"{22BF0C20–6DA7–11D0–B373–00A0C9034938}"="Stan pobierania"
"{91EA3F8B–C99B–11d0–9815–00C04FD91972}"="Folder powoki zwi©kszonej"
"{6413BA2C–B461–11d1–A18A–080036B11A03}"="Folder powoki zwi©kszonej 2"
"{F61FFEC1–754F–11d0–80CA–00AA005B4383}"="BandProxy"
"{7BA4C742–9E81–11CF–99D3–00AA004AE837}"="Pasek przeglĄdarki Microsoft"
"{30D02401–6A81–11d0–8274–00C04FD5AE38}"="Pasek wyszukiwania"
"{169A0691–8DF9–11d1–A1C4–00C04FD75D13}"="Wyszukiwanie w okienku"
"{07798131–AF23–11d1–9111–00A0C98BA67D}"="Wyszukiwanie w sieci Web"
"{AF4F6510–F982–11d0–8595–00AA004CD6D8}"="Narz©dzie opcji drzewa rejestru"
"{01E04581–4EEE–11d0–BFE9–00AA005B4383}"="&Adres"
"{A08C11D2–A228–11d0–825B–00AA005B4383}"="Pole edycji adresu"
"{00BB2763–6A77–11D0–A535–00C04FD7D062}"="Autouzupenianie Microsoft"
"{7376D660–C583–11d0–A3A5–00C04FD706EC}"="Wyodr©bnianie obrazw Trident"
"{6756A641–DE71–11d0–831B–00AA005B4383}"="Lista autouzupeniania MRU"
"{6935DB93–21E8–4ccc–BEB9–9FE3C77A297A}"="Niestandardowa lista autouzupeniania MRU"
"{7e653215–fa25–46bd–a339–34a2790f3cb7}"="Dost©pny"
"{acf35015–526e–4230–9596–becbe19f0ac9}"="Pasek podr©czny ledzenia"
"{00BB2764–6A77–11D0–A535–00C04FD7D062}"="Lista autouzupeniania historii Microsoft"
"{03C036F1–A186–11D0–824A–00AA005B4383}"="Lista autouzupeniania folderu powoki Microsoft"
"{00BB2765–6A77–11D0–A535–00C04FD7D062}"="Kontener wielu list autouzupeniania Microsoft"
"{ECD4FC4E–521C–11D0–B792–00A0C90312E1}"="Menu witryny paska powoki"
"{3CCF8A41–5C85–11d0–9796–00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C–521C–11D0–B792–00A0C90312E1}"="Pasek pulpitu powoki"
"{ECD4FC4D–521C–11D0–B792–00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04–FEFF–11d1–8ECD–0000F87A470C}"="Pomoc dla uytkownika"
"{EF8AD2D1–AE36–11D1–B2D2–006097DF8C11}"="Globalne ustawienia folderw"
"{EFA24E61–B078–11d0–89E4–00C04FC9E26E}"="Favorites Band"
"{0A89A860–D7B1–11CE–8350–444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40–E76A–11CE–A9BB–00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A–8849–11D1–9D8C–00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40–E3F0–101B–8488–00AA003E56F8}"="InternetShortcut"
"{3C374A40–BAE4–11CF–BF7D–00AA006946EE}"="Microsoft Url History Service"
"{FF393560–C2A7–11CF–BFF4–444553540000}"="Historia"
"{7BD29E00–76C1–11CF–9DD0–00A0C9034933}"="Tymczasowe pliki internetowe"
"{7BD29E01–76C1–11CF–9DD0–00A0C9034933}"="Tymczasowe pliki internetowe"
"{CFBFAE00–17A6–11D0–99CB–00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40–CC59–11d0–A3A5–00C04FD706EC}"="Ekran powitalny pakietu IE4"
"{67EA19A0–CCEF–11d0–8024–00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951–7F78–11D0–A979–00C04FD705A2}"="ISFBand OC"
"{9461b922–3c5a–11d2–bf8b–00c04fb93661}"="Search Assistant OC"
"{3DC7A020–0ACD–11CF–A9BB–00AA004AE837}"="Internet"
"{871C5380–42A0–1069–A2EA–08002B30309D}"="Internet Name Space"
"{EFA24E64–B078–11d0–89E4–00C04FC9E26E}"="Pasek eksploratora"
"{9E56BE60–C50F–11CF–9A2C–00A0C90A90CE}"="Sendmail service"
"{9E56BE61–C50F–11CF–9A2C–00A0C90A90CE}"="Sendmail service"
"{88C6C381–2E85–11D0–94DE–444553540000}"="Folder pami©ci podr©cznej ActiveX"
"{ABBE31D0–6DAE–11D0–BECA–00C04FD940BE}"="Subscription Mgr"
"{F5175861–2688–11d0–9C5E–00AA00A45957}"="Folder subskrypcji"
"{08165EA0–E946–11CF–9C87–00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6–ABCE–11d0–BC4B–00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0–6B4E–11d0–92DB–00A0C90C2BD7}"="TrayAgent"
"{7D559C10–9FE9–11d0–93F7–00AA0059CE02}"="Code Download Agent"
"{E6CC6978–6B6E–11D0–BECA–00C04FD940BE}"="ConnectionAgent"
"{D8BD2030–6FC9–11D0–864F–00AA006809D9}"="PostAgent"
"{7FC0B86E–5FA7–11d1–BC7C–00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7–8B9A–11D1–B8AE–006008059382}"="Meneder aplikacji powoki"
"{0B124F8F–91F0–11D1–B8B5–006008059382}"="Wyliczanie zainstalowanych aplikacji"
"{CFCCC7A0–A282–11D1–9082–006008059382}"="Publikator aplikacji Darwin"
"{e84fda7c–1d6a–45f6–b725–cb260c236066}"="Shell Image Verbs"
"{66e4e4fb–f385–4dd0–8d74–a2efd1bc6178}"="Shell Image Data Factory"
"{00E7B358–F65B–4dcf–83DF–CD026B94BFD4}"="Autoplay for SlideShow"
"{3F30C968–480A–4C6C–862D–EFC0897BB84B}"="GDI+program wyodr©bniajĄcy miniatury plikw"
"{9DBD2C50–62AD–11d0–B806–00C04FD706EC}"="Informacje podsumowujĄce obsugi miniatur (DOCFILES)"
"{EAB841A0–9550–11cf–8C16–00805F1408F3}"="Wyodr©bnianie miniatur HTML"
"{eb9b1153–3b57–4e68–959a–a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB–43F6–46c5–9619–51D571967F7D}"="Kreator publikacji w sieci Web"
"{add36aa8–751a–4579–a266–d66f5202ccbb}"="Zamawianie odbitek w sieci Web"
"{6b33163c–76a5–4b6c–bf21–45de9cd503a1}"="Obiekt powoki kreatora publikacji"
"{58f1f272–9240–4f51–b6d4–fd63d1618591}"="Kreator uzyskiwania profilu usugi Passport"
"{7A9D77BD–5403–11d2–8785–2E0420524153}"="Konta uytkownikw"
"{BD472F60–27FA–11cf–B8B4–444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60–FC0A–11CF–8F0F–00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0–9cc8–11d0–a599–00c04fd64433}"="Plik kanau"
"{f3aa0dc0–9cc8–11d0–a599–00c04fd64434}"="Skrt kanau"
"{f3ba0dc0–9cc8–11d0–a599–00c04fd64435}"="Obiekt obsugi kanau"
"{f3da0dc0–9cc8–11d0–a599–00c04fd64437}"="Channel Menu"
"{f3ea0dc0–9cc8–11d0–a599–00c04fd64438}"="Channel Properties"
"{692F0339–CBAA–47e6–B5B5–3B84DB604E87}"="Extensions Manager Folder"
"{63da6ec0–2e98–11cf–8d82–444553540000}"="FTP Folders Webview"
"{883373C3–BF89–11D1–BE35–080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE–901A–4739–A481–E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210–FD1F–4B19–91DA–67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC–4362–4A12–850B–86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57–2567–4A2C–B881–F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC–BBB3–4D9B–B177–82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E–31C2–11d0–891C–00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0–6E0F–11d2–9601–00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20–2ABC–11d0–88F0–00A024AB2DBB}"="Directory Object Find"
"{F020E586–5264–11d1–A532–0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530–764B–11d0–A1CA–00AA00C16E65}"="Directory Property UI"
"{62AE1F9A–126A–11D0–A14B–0800361B1103}"="Directory Context Menu Verbs"
"{4a7ded0a–ad25–11d0–98a8–0800361b1103}"="MyDocs Properties"
"{750fdf0e–2a26–11d1–a3ea–080036587f03}"="Offline Files Menu"
"{10CFC467–4392–11d2–8DB4–00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70–2A4C–11d2–9039–00C04F8EEB3E}"="Folder plikw trybu offline"
"{143A62C8–C33B–11D1–84FE–00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543–45CC–11CE–B9BF–0080C87CDBA6}"="DfsShell"
"{60fd46de–f830–4894–a628–6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8–8005–11D2–BCF8–00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0–9F37–11CE–AE65–08002B2E1262}"=".CAB file viewer"
"{32714800–2E5F–11d0–8B85–00AA0044F941}"="&Do osb..."
"{8DD448E6–C188–4aed–AF92–44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1–02AE–4a5f–A6E9–D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F–E9DC–4e68–9D7E–42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{57C51AF9–DEF7–11D3–A801–00C04F163490}"="Ghost Shell Extension"
"{BDEADF00–C265–11D0–BCED–00A0C90AB50F}"="Foldery w sieci Web"
"{00020D75–0000–0000–C000–000000000046}"="Microsoft Office Outlook Desktop Icon Handler"
"{0006F045–0000–0000–C000–000000000046}"="Microsoft Office Outlook Custom Icon Handler"
"{42042206–2D85–11D3–8CFF–005004838597}"="Microsoft Office HTML Icon Handler"
"{B41DB860–8EE4–11D2–9906–E49FADC173CA}"="WinRAR shell extension"
"{F0CB00CD–5A07–4D91–97F5–A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{416651E4–9C3C–11D9–8BDE–F66BAD1E3F3A}"="PhoneBrowser"
"{C0C4375A–5B72–4efe–929D–3B848C3A1E91}"="Message View"
"{B209F4A0–D299–4592–BEC7–9EF9F92B65BD}"=""
**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{B209F4A0–D299–4592–BEC7–9EF9F92B65BD}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B209F4A0–D299–4592–BEC7–9EF9F92B65BD}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B209F4A0–D299–4592–BEC7–9EF9F92B65BD}\Implemented Categories\{00021492–0000–0000–C000–000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B209F4A0–D299–4592–BEC7–9EF9F92B65BD}\InprocServer32]
@="C:\\WINDOWS\\system32\\kmdsf.dll"
"ThreadingModel"="Apartment"
**********************************************************************************
Files Found are not all bad files:
C:\WINDOWS\SYSTEM32\
ati2cqag.dll Thu 2005–09–15 2:59:20 A.... 233 472 228,00 K
ati2dvag.dll Thu 2005–09–15 3:58:48 A.... 241 664 236,00 K
ati2edxx.dll Thu 2005–09–15 3:53:24 A.... 39 936 39,00 K
ati2evxx.dll Thu 2005–09–15 3:53:14 A.... 46 080 45,00 K
ati3duag.dll Thu 2005–09–15 3:44:50 A.... 2 429 952 2,32 M
atiddc.dll Thu 2005–09–15 3:51:48 A.... 53 248 52,00 K
atidemgr.dll Thu 2005–09–15 5:55:12 A.... 253 952 248,00 K
atiiiexx.dll Thu 2005–09–15 6:32:28 A.... 307 200 300,00 K
atikvmag.dll Thu 2005–09–15 3:27:18 A.... 147 456 144,00 K
atioglx1.dll Thu 2005–09–15 5:14:50 A.... 6 680 576 6,37 M
atioglxx.dll Thu 2005–09–15 4:13:08 A.... 4 837 376 4,61 M
atipdlxx.dll Thu 2005–09–15 3:53:46 A.... 106 496 104,00 K
atitvo32.dll Thu 2005–09–15 3:04:28 A.... 17 408 17,00 K
ativvaxx.dll Thu 2005–09–15 3:39:22 A.... 602 016 587,91 K
browseui.dll Sat 2005–09–03 0:54:56 A.... 1 020 416 996,50 K
cdfview.dll Sat 2005–09–03 0:54:56 A.... 151 552 148,00 K
cdosys.dll Sat 2005–09–10 2:55:34 A.... 2 067 968 1,97 M
connapi.dll Tue 2005–09–06 10:20:52 A.... 202 240 197,50 K
d40m0e~1.dll Fri 2005–11–18 9:58:46 ..S.R 237 163 231,60 K
d4j00e~1.dll Sat 2005–11–19 14:54:36 ..S.R 237 163 231,60 K
daapi.dll Wed 2005–09–14 9:22:52 A.... 49 664 48,50 K
danim.dll Sat 2005–09–03 0:54:58 A.... 1 055 232 1,00 M
dxtrans.dll Sat 2005–09–03 0:54:58 A.... 205 312 200,50 K
enjql1~1.dll Sat 2005–11–19 14:04:12 ..S.R 237 163 231,60 K
extmgr.dll Sat 2005–09–03 0:54:58 A.... 55 808 54,50 K
gdi32.dll Thu 2005–10–06 4:18:44 A.... 280 064 273,50 K
iepeers.dll Sat 2005–09–03 0:54:58 A.... 251 392 245,50 K
inseng.dll Sat 2005–09–03 0:54:58 A.... 96 768 94,50 K
kmdsf.dll Sat 2005–11–19 15:16:44 ..... 237 163 231,60 K
linkinfo.dll Thu 2005–09–01 3:28:38 A.... 19 968 19,50 K
lsgitc~1.dll Mon 2005–11–14 21:58:08 ..S.R 235 169 229,66 K
m4820e~1.dll Thu 2005–11–17 23:25:12 ..S.R 235 777 230,25 K
mshtml.dll Tue 2005–10–04 17:27:36 A.... 3 013 120 2,87 M
mshtmled.dll Sat 2005–09–03 0:55:02 A.... 448 512 438,00 K
msrating.dll Sat 2005–09–03 0:55:02 A.... 146 432 143,00 K
mstime.dll Sat 2005–09–03 0:55:04 A.... 530 432 518,00 K
n0n60a~1.dll Sat 2005–11–19 14:31:30 ..S.R 237 163 231,60 K
nclapi.dll Tue 2005–09–06 10:25:14 A.... 126 976 124,00 K
ncltools.dll Mon 2005–08–29 9:36:54 A.... 26 624 26,00 K
netman.dll Mon 2005–08–22 19:36:16 A.... 197 632 193,00 K
oemdspif.dll Thu 2005–09–15 3:53:36 A.... 73 728 72,00 K
pngfilt.dll Sat 2005–09–03 0:55:04 A.... 39 424 38,50 K
quartz.dll Tue 2005–08–30 4:56:14 A.... 1 290 752 1,23 M
shdocvw.dll Sat 2005–09–03 0:55:06 A.... 1 483 776 1,41 M
shell32.dll Fri 2005–09–23 4:07:40 A.... 8 479 232 8,09 M
shlwapi.dll Sat 2005–09–03 0:55:06 A.... 473 600 462,50 K
ulrar.dll Thu 2005–11–17 19:29:12 ..S.R 235 777 230,25 K
umpnpmgr.dll Tue 2005–08–23 4:40:06 A.... 123 904 121,00 K
urlmon.dll Sat 2005–09–03 0:55:08 A.... 604 672 590,50 K
wininet.dll Sat 2005–09–03 0:55:08 A.... 660 992 645,50 K
winsrv.dll Thu 2005–09–01 3:28:38 A.... 292 352 285,50 K
51 items found: 51 files (7 H/S), 0 directories.
Total of file sizes: 41 357 914 bytes 39,44 M
Locate .tmp files:
C:\WINDOWS\SYSTEM32\
guard.tmp Sat 2005–11–19 15:17:44 ..S.R 237 163 231,60 K
1 item found: 1 file (1 H/S), 0 directories.
Total of file sizes: 237 163 bytes 231,60 K
**********************************************************************************
Directory Listing of system files:
Wolumin w stacji C to WinXP
Numer seryjny woluminu: 489A–9B91
Katalog: C:\WINDOWS\System32
2005–11–19 15:17 237163 guard.tmp
2005–11–19 15:17 dllcache
2005–11–19 14:54 237163 d4j00e1meh.dll
2005–11–19 14:31 237163 n0n60a5sed.dll
2005–11–19 14:04 237163 enjql1151.dll
2005–11–18 09:58 237163 d40m0ed1eh0.dll
2005–11–17 23:25 235777 m4820eloehqc0.dll
2005–11–17 19:29 235777 ulrar.dll
2005–11–14 21:58 235169 LsgitCheckControl.dll
2005–11–11 15:04 32 {1E1A5002–A1B3–4627–9679–18018AFF9697}.dat
2005–11–11 13:32 32 {2ED53A54–049C–4B43–9A06–9CE19472F6E5}.dat
2005–11–11 13:32 32 {F6CF7B68–272E–4001–8D30–2C1E28351348}.dat
2005–11–11 13:31 32 {741FE20B–6273–4AC8–91D2–AD8A00292270}.dat
2005–11–11 08:26 32 {D6C5B2BF–517B–4C3E–84E8–9DF951642195}.dat
2005–11–11 08:26 32 {C90BF7DE–779C–4680–AB17–3924E8DAF808}.dat
2005–11–11 08:25 32 {5102EF97–4954–4E0B–A530–4FDA2943E2F8}.dat
2005–11–11 08:24 32 {55768556–9536–421C–8B97–782AC6776058}.dat
2005–11–11 00:25 Microsoft
16 plik(w) 1892794 bajtw
2 katalog(w) 18849767424 bajtw wolnych
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DLLName"="Ati2evxx.dll"
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000001
"Lock"="AtiLockEvent"
"Logoff"="AtiLogoffEvent"
"Logon"="AtiLogonEvent"
"Disconnect"="AtiDisConnectEvent"
"Reconnect"="AtiReConnectEvent"
"Safe"=dword:00000000
"Shutdown"="AtiShutdownEvent"
"StartScreenSaver"="AtiStartScreenSaverEvent"
"StartShell"="AtiStartShellEvent"
"Startup"="AtiStartupEvent"
"StopScreenSaver"="AtiStopScreenSaverEvent"
"Unlock"="AtiUnLockEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Internet Settings]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\enjql1151.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wzcnotif]
"DLLName"="wzcdlg.dll"
"Logon"="WZCEventLogon"
"Logoff"="WZCEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000000
RegDACL 5.1 – Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999–2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!
Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(NI) ALLOW Full access ZARZDZANIE NT\SYSTEM
(IO) ALLOW Full access ZARZDZANIE NT\SYSTEM
(NI) ALLOW Full access ZARZDZANIE NT\SYSTEM
(IO) ALLOW Full access ZARZDZANIE NT\SYSTEM
(ID–CI) DENY ––C––––––– BUILTIN\Administratorzy
(ID–NI) ALLOW Read BUILTIN\Uytkownicy
(ID–IO) ALLOW Read BUILTIN\Uytkownicy
(ID–NI) ALLOW Read BUILTIN\Uytkownicy zaawansowani
(ID–IO) ALLOW Read BUILTIN\Uytkownicy zaawansowani
(ID–NI) ALLOW Full access BUILTIN\Administratorzy
(ID–IO) ALLOW Full access BUILTIN\Administratorzy
(ID–NI) ALLOW Full access ZARZDZANIE NT\SYSTEM
(ID–IO) ALLOW Full access ZARZDZANIE NT\SYSTEM
(ID–IO) ALLOW Full access TWRCA–WACICIEL
**********************************************************************************
useragent:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{2F179D86–EAF0–5A56–CB09–1B8CA0177C19}"=""
**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613–0000–0000–C000–000000000046}"="Karta waciwoci pliku multimedialnego"
"{176d6597–26d3–11d1–b350–080036a75b03}"="ZarzĄdzanie skanerem ICM"
"{1F2E5C40–9550–11CE–99D2–00AA006E086C}"="Strona zabezpiecze NTFS"
"{3EA48300–8CF6–101B–84FB–666CCB9BCD32}"="Strona waciwoci OLE Docfile"
"{40dd6e20–7c17–11ce–a804–00aa003ca9f6}"="Rozszerzenia powoki dla udost©pniania zasobw"
"{41E300E0–78B6–11ce–849B–444553540000}"="PlusPack CPL Extension"
"{42071712–76d4–11d1–8b24–00a0c9068ff3}"="Rozszerzenie CPL karty graficznej"
"{42071713–76d4–11d1–8b24–00a0c9068ff3}"="Rozszerzenie CPL monitora wywietlania"
"{42071714–76d4–11d1–8b24–00a0c9068ff3}"="Rozszerzenie CPL kadrowania wywietlania"
"{4E40F770–369C–11d0–8922–00A024AB2DBB}"="Strona zabezpiecze usugi DS"
"{513D916F–2A8E–4F51–AEAB–0CBC76FB1AF8}"="Strona zgodnoci"
"{56117100–C0CD–101B–81E2–00AA004AE837}"="Program obsugi danych wycinkowych powoki"
"{59099400–57FF–11CE–BD94–0020AF85B590}"="Rozszerzenie Disc Copy"
"{59be4990–f85c–11ce–aff7–00aa003ca9f6}"="Rozszerzenia powoki dla obiektw Microsoft Windows Network"
"{5DB2625A–54DF–11D0–B6C4–0800091AA605}"="ZarzĄdzanie monitorem ICM"
"{675F097E–4C4D–11D0–B6C1–0800091AA605}"="ZarzĄdzanie drukarkĄ ICM"
"{764BF0E1–F219–11ce–972D–00AA00A14F56}"="Rozszerzenia powoki dla kompresji plikw"
"{77597368–7b15–11d0–a0c2–080036af3f03}"="Rozszerzenie powoki drukarek sieci Web"
"{7988B573–EC89–11cf–9C00–00AA00A14F56}"="Disk Quota UI"
"{853FE2B1–B769–11d0–9C4E–00C04FB6C6FA}"="Menu kontekstowe szyfrowania"
"{85BBD920–42A0–1069–A2E4–08002B30309D}"="Aktwka"
"{88895560–9AA2–1069–930E–00AA0030EBC8}"="Rozszerzenie ikony HyperTerminalu"
"{BD84B380–8CA2–1069–AB1D–08000948F534}"="Fonts"
"{DBCE2480–C732–101B–BE72–BA78E9AD5B27}"="Profil ICC"
"{F37C5810–4D3F–11d0–B4BF–00AA00BBB723}"="Strona zabezpiecze drukarek"
"{f81e9010–6ea4–11ce–a7ff–00aa003ca9f6}"="Rozszerzenia powoki dla udost©pniania zasobw"
"{f92e8c40–3d33–11d2–b1aa–080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717–39BF–11D1–8CD9–00C04FC29D45}"="Rozszerzenie Crypto PKO"
"{7444C719–39BF–11D1–8CD9–00C04FC29D45}"="Rozszerzenie Crypto Sign"
"{7007ACC7–3202–11D1–AAD2–00805FC1270E}"="PoĄczenia sieciowe"
"{992CFFA0–F557–101A–88EC–00DD010CCC48}"="PoĄczenia sieciowe"
"{E211B736–43FD–11D1–9EFB–0000F8757FCD}"="&Skanery i aparaty fotograficzne"
"{FB0C9C8A–6C50–11D1–9F1D–0000F8757FCD}"="&Skanery i aparaty fotograficzne"
"{905667aa–acd6–11d2–8080–00805f6596d2}"="&Skanery i aparaty fotograficzne"
"{3F953603–1008–4f6e–A73A–04AAC7A992F1}"="&Skanery i aparaty fotograficzne"
"{83bbcbf3–b28a–4919–a5aa–73027445d672}"="&Skanery i aparaty fotograficzne"
"{F0152790–D56E–4445–850E–4F3117DB740C}"="Remote Sessions CPL Extension"
"{60254CA5–953B–11CF–8C96–00AA00B8708C}"="Rozszerzenia powoki dla hosta skryptw systemu Windows"
"{2206CDB2–19C1–11D1–89E0–00C04FD7A829}"="Microsoft Data Link"
"{DD2110F0–9EEF–11cf–8D8E–00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90–9EDD–11cf–8D8E–00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990–4C6A–11CF–8D87–00AA0060F5BF}"="Zaplanowane zadania"
"{2559a1f7–21d7–11d4–bdaf–00c04f60b9f0}"="Set Program Access and Defaults"
"{5F327514–6C5E–4d60–8F16–D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{0DF44EAA–FF21–4412–828E–260A8728E7F1}"="Pasek zada i menu Start"
"{2559a1f0–21d7–11d4–bdaf–00c04f60b9f0}"="Wyszukaj"
"{2559a1f1–21d7–11d4–bdaf–00c04f60b9f0}"="Pomoc i obsuga techniczna"
"{2559a1f2–21d7–11d4–bdaf–00c04f60b9f0}"="Pomoc i obsuga techniczna"
"{2559a1f3–21d7–11d4–bdaf–00c04f60b9f0}"="Uruchom..."
"{2559a1f4–21d7–11d4–bdaf–00c04f60b9f0}"="Internet"
"{2559a1f5–21d7–11d4–bdaf–00c04f60b9f0}"="E–mail"
"{D20EA4E1–3957–11d2–A40B–0C5020524152}"="Czcionki"
"{D20EA4E1–3957–11d2–A40B–0C5020524153}"="Narz©dzia administracyjne"
"{596AB062–B4D2–4215–9F74–E9109B0A8153}"="Strona waciwoci Poprzednie wersje"
"{9DB7A13C–F208–4981–8353–73CC61AE2783}"="Poprzednie wersje"
"{875CB1A1–0F29–45de–A1AE–CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757–D6E4–4b49–BB41–0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D–D390–480b–92FD–7DDB47101D71}"="Wav Properties Handler"
"{87D62D94–71B3–4b9a–9489–5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45–6E44–43f9–8644–08598F5A74D9}"="Midi Properties Handler"
"{c5a40261–cd64–4ccf–84cb–c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780–7743–11CF–A12B–00AA004AE837}"="Pasek narz©dzi programu Microsoft Internet"
"{22BF0C20–6DA7–11D0–B373–00A0C9034938}"="Stan pobierania"
"{91EA3F8B–C99B–11d0–9815–00C04FD91972}"="Folder powoki zwi©kszonej"
"{6413BA2C–B461–11d1–A18A–080036B11A03}"="Folder powoki zwi©kszonej 2"
"{F61FFEC1–754F–11d0–80CA–00AA005B4383}"="BandProxy"
"{7BA4C742–9E81–11CF–99D3–00AA004AE837}"="Pasek przeglĄdarki Microsoft"
"{30D02401–6A81–11d0–8274–00C04FD5AE38}"="Pasek wyszukiwania"
"{169A0691–8DF9–11d1–A1C4–00C04FD75D13}"="Wyszukiwanie w okienku"
"{07798131–AF23–11d1–9111–00A0C98BA67D}"="Wyszukiwanie w sieci Web"
"{AF4F6510–F982–11d0–8595–00AA004CD6D8}"="Narz©dzie opcji drzewa rejestru"
"{01E04581–4EEE–11d0–BFE9–00AA005B4383}"="&Adres"
"{A08C11D2–A228–11d0–825B–00AA005B4383}"="Pole edycji adresu"
"{00BB2763–6A77–11D0–A535–00C04FD7D062}"="Autouzupenianie Microsoft"
"{7376D660–C583–11d0–A3A5–00C04FD706EC}"="Wyodr©bnianie obrazw Trident"
"{6756A641–DE71–11d0–831B–00AA005B4383}"="Lista autouzupeniania MRU"
"{6935DB93–21E8–4ccc–BEB9–9FE3C77A297A}"="Niestandardowa lista autouzupeniania MRU"
"{7e653215–fa25–46bd–a339–34a2790f3cb7}"="Dost©pny"
"{acf35015–526e–4230–9596–becbe19f0ac9}"="Pasek podr©czny ledzenia"
"{00BB2764–6A77–11D0–A535–00C04FD7D062}"="Lista autouzupeniania historii Microsoft"
"{03C036F1–A186–11D0–824A–00AA005B4383}"="Lista autouzupeniania folderu powoki Microsoft"
"{00BB2765–6A77–11D0–A535–00C04FD7D062}"="Kontener wielu list autouzupeniania Microsoft"
"{ECD4FC4E–521C–11D0–B792–00A0C90312E1}"="Menu witryny paska powoki"
"{3CCF8A41–5C85–11d0–9796–00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C–521C–11D0–B792–00A0C90312E1}"="Pasek pulpitu powoki"
"{ECD4FC4D–521C–11D0–B792–00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04–FEFF–11d1–8ECD–0000F87A470C}"="Pomoc dla uytkownika"
"{EF8AD2D1–AE36–11D1–B2D2–006097DF8C11}"="Globalne ustawienia folderw"
"{EFA24E61–B078–11d0–89E4–00C04FC9E26E}"="Favorites Band"
"{0A89A860–D7B1–11CE–8350–444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40–E76A–11CE–A9BB–00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A–8849–11D1–9D8C–00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40–E3F0–101B–8488–00AA003E56F8}"="InternetShortcut"
"{3C374A40–BAE4–11CF–BF7D–00AA006946EE}"="Microsoft Url History Service"
"{FF393560–C2A7–11CF–BFF4–444553540000}"="Historia"
"{7BD29E00–76C1–11CF–9DD0–00A0C9034933}"="Tymczasowe pliki internetowe"
"{7BD29E01–76C1–11CF–9DD0–00A0C9034933}"="Tymczasowe pliki internetowe"
"{CFBFAE00–17A6–11D0–99CB–00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40–CC59–11d0–A3A5–00C04FD706EC}"="Ekran powitalny pakietu IE4"
"{67EA19A0–CCEF–11d0–8024–00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951–7F78–11D0–A979–00C04FD705A2}"="ISFBand OC"
"{9461b922–3c5a–11d2–bf8b–00c04fb93661}"="Search Assistant OC"
"{3DC7A020–0ACD–11CF–A9BB–00AA004AE837}"="Internet"
"{871C5380–42A0–1069–A2EA–08002B30309D}"="Internet Name Space"
"{EFA24E64–B078–11d0–89E4–00C04FC9E26E}"="Pasek eksploratora"
"{9E56BE60–C50F–11CF–9A2C–00A0C90A90CE}"="Sendmail service"
"{9E56BE61–C50F–11CF–9A2C–00A0C90A90CE}"="Sendmail service"
"{88C6C381–2E85–11D0–94DE–444553540000}"="Folder pami©ci podr©cznej ActiveX"
"{ABBE31D0–6DAE–11D0–BECA–00C04FD940BE}"="Subscription Mgr"
"{F5175861–2688–11d0–9C5E–00AA00A45957}"="Folder subskrypcji"
"{08165EA0–E946–11CF–9C87–00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6–ABCE–11d0–BC4B–00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0–6B4E–11d0–92DB–00A0C90C2BD7}"="TrayAgent"
"{7D559C10–9FE9–11d0–93F7–00AA0059CE02}"="Code Download Agent"
"{E6CC6978–6B6E–11D0–BECA–00C04FD940BE}"="ConnectionAgent"
"{D8BD2030–6FC9–11D0–864F–00AA006809D9}"="PostAgent"
"{7FC0B86E–5FA7–11d1–BC7C–00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7–8B9A–11D1–B8AE–006008059382}"="Meneder aplikacji powoki"
"{0B124F8F–91F0–11D1–B8B5–006008059382}"="Wyliczanie zainstalowanych aplikacji"
"{CFCCC7A0–A282–11D1–9082–006008059382}"="Publikator aplikacji Darwin"
"{e84fda7c–1d6a–45f6–b725–cb260c236066}"="Shell Image Verbs"
"{66e4e4fb–f385–4dd0–8d74–a2efd1bc6178}"="Shell Image Data Factory"
"{00E7B358–F65B–4dcf–83DF–CD026B94BFD4}"="Autoplay for SlideShow"
"{3F30C968–480A–4C6C–862D–EFC0897BB84B}"="GDI+program wyodr©bniajĄcy miniatury plikw"
"{9DBD2C50–62AD–11d0–B806–00C04FD706EC}"="Informacje podsumowujĄce obsugi miniatur (DOCFILES)"
"{EAB841A0–9550–11cf–8C16–00805F1408F3}"="Wyodr©bnianie miniatur HTML"
"{eb9b1153–3b57–4e68–959a–a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB–43F6–46c5–9619–51D571967F7D}"="Kreator publikacji w sieci Web"
"{add36aa8–751a–4579–a266–d66f5202ccbb}"="Zamawianie odbitek w sieci Web"
"{6b33163c–76a5–4b6c–bf21–45de9cd503a1}"="Obiekt powoki kreatora publikacji"
"{58f1f272–9240–4f51–b6d4–fd63d1618591}"="Kreator uzyskiwania profilu usugi Passport"
"{7A9D77BD–5403–11d2–8785–2E0420524153}"="Konta uytkownikw"
"{BD472F60–27FA–11cf–B8B4–444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60–FC0A–11CF–8F0F–00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0–9cc8–11d0–a599–00c04fd64433}"="Plik kanau"
"{f3aa0dc0–9cc8–11d0–a599–00c04fd64434}"="Skrt kanau"
"{f3ba0dc0–9cc8–11d0–a599–00c04fd64435}"="Obiekt obsugi kanau"
"{f3da0dc0–9cc8–11d0–a599–00c04fd64437}"="Channel Menu"
"{f3ea0dc0–9cc8–11d0–a599–00c04fd64438}"="Channel Properties"
"{692F0339–CBAA–47e6–B5B5–3B84DB604E87}"="Extensions Manager Folder"
"{63da6ec0–2e98–11cf–8d82–444553540000}"="FTP Folders Webview"
"{883373C3–BF89–11D1–BE35–080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE–901A–4739–A481–E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210–FD1F–4B19–91DA–67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC–4362–4A12–850B–86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57–2567–4A2C–B881–F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC–BBB3–4D9B–B177–82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E–31C2–11d0–891C–00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0–6E0F–11d2–9601–00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20–2ABC–11d0–88F0–00A024AB2DBB}"="Directory Object Find"
"{F020E586–5264–11d1–A532–0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530–764B–11d0–A1CA–00AA00C16E65}"="Directory Property UI"
"{62AE1F9A–126A–11D0–A14B–0800361B1103}"="Directory Context Menu Verbs"
"{4a7ded0a–ad25–11d0–98a8–0800361b1103}"="MyDocs Properties"
"{750fdf0e–2a26–11d1–a3ea–080036587f03}"="Offline Files Menu"
"{10CFC467–4392–11d2–8DB4–00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70–2A4C–11d2–9039–00C04F8EEB3E}"="Folder plikw trybu offline"
"{143A62C8–C33B–11D1–84FE–00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543–45CC–11CE–B9BF–0080C87CDBA6}"="DfsShell"
"{60fd46de–f830–4894–a628–6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8–8005–11D2–BCF8–00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0–9F37–11CE–AE65–08002B2E1262}"=".CAB file viewer"
"{32714800–2E5F–11d0–8B85–00AA0044F941}"="&Do osb..."
"{8DD448E6–C188–4aed–AF92–44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1–02AE–4a5f–A6E9–D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F–E9DC–4e68–9D7E–42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{57C51AF9–DEF7–11D3–A801–00C04F163490}"="Ghost Shell Extension"
"{BDEADF00–C265–11D0–BCED–00A0C90AB50F}"="Foldery w sieci Web"
"{00020D75–0000–0000–C000–000000000046}"="Microsoft Office Outlook Desktop Icon Handler"
"{0006F045–0000–0000–C000–000000000046}"="Microsoft Office Outlook Custom Icon Handler"
"{42042206–2D85–11D3–8CFF–005004838597}"="Microsoft Office HTML Icon Handler"
"{B41DB860–8EE4–11D2–9906–E49FADC173CA}"="WinRAR shell extension"
"{F0CB00CD–5A07–4D91–97F5–A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{416651E4–9C3C–11D9–8BDE–F66BAD1E3F3A}"="PhoneBrowser"
"{C0C4375A–5B72–4efe–929D–3B848C3A1E91}"="Message View"
"{B209F4A0–D299–4592–BEC7–9EF9F92B65BD}"=""
**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{B209F4A0–D299–4592–BEC7–9EF9F92B65BD}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B209F4A0–D299–4592–BEC7–9EF9F92B65BD}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B209F4A0–D299–4592–BEC7–9EF9F92B65BD}\Implemented Categories\{00021492–0000–0000–C000–000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B209F4A0–D299–4592–BEC7–9EF9F92B65BD}\InprocServer32]
@="C:\\WINDOWS\\system32\\kmdsf.dll"
"ThreadingModel"="Apartment"
**********************************************************************************
Files Found are not all bad files:
C:\WINDOWS\SYSTEM32\
ati2cqag.dll Thu 2005–09–15 2:59:20 A.... 233 472 228,00 K
ati2dvag.dll Thu 2005–09–15 3:58:48 A.... 241 664 236,00 K
ati2edxx.dll Thu 2005–09–15 3:53:24 A.... 39 936 39,00 K
ati2evxx.dll Thu 2005–09–15 3:53:14 A.... 46 080 45,00 K
ati3duag.dll Thu 2005–09–15 3:44:50 A.... 2 429 952 2,32 M
atiddc.dll Thu 2005–09–15 3:51:48 A.... 53 248 52,00 K
atidemgr.dll Thu 2005–09–15 5:55:12 A.... 253 952 248,00 K
atiiiexx.dll Thu 2005–09–15 6:32:28 A.... 307 200 300,00 K
atikvmag.dll Thu 2005–09–15 3:27:18 A.... 147 456 144,00 K
atioglx1.dll Thu 2005–09–15 5:14:50 A.... 6 680 576 6,37 M
atioglxx.dll Thu 2005–09–15 4:13:08 A.... 4 837 376 4,61 M
atipdlxx.dll Thu 2005–09–15 3:53:46 A.... 106 496 104,00 K
atitvo32.dll Thu 2005–09–15 3:04:28 A.... 17 408 17,00 K
ativvaxx.dll Thu 2005–09–15 3:39:22 A.... 602 016 587,91 K
browseui.dll Sat 2005–09–03 0:54:56 A.... 1 020 416 996,50 K
cdfview.dll Sat 2005–09–03 0:54:56 A.... 151 552 148,00 K
cdosys.dll Sat 2005–09–10 2:55:34 A.... 2 067 968 1,97 M
connapi.dll Tue 2005–09–06 10:20:52 A.... 202 240 197,50 K
d40m0e~1.dll Fri 2005–11–18 9:58:46 ..S.R 237 163 231,60 K
d4j00e~1.dll Sat 2005–11–19 14:54:36 ..S.R 237 163 231,60 K
daapi.dll Wed 2005–09–14 9:22:52 A.... 49 664 48,50 K
danim.dll Sat 2005–09–03 0:54:58 A.... 1 055 232 1,00 M
dxtrans.dll Sat 2005–09–03 0:54:58 A.... 205 312 200,50 K
enjql1~1.dll Sat 2005–11–19 14:04:12 ..S.R 237 163 231,60 K
extmgr.dll Sat 2005–09–03 0:54:58 A.... 55 808 54,50 K
gdi32.dll Thu 2005–10–06 4:18:44 A.... 280 064 273,50 K
iepeers.dll Sat 2005–09–03 0:54:58 A.... 251 392 245,50 K
inseng.dll Sat 2005–09–03 0:54:58 A.... 96 768 94,50 K
kmdsf.dll Sat 2005–11–19 15:16:44 ..... 237 163 231,60 K
linkinfo.dll Thu 2005–09–01 3:28:38 A.... 19 968 19,50 K
lsgitc~1.dll Mon 2005–11–14 21:58:08 ..S.R 235 169 229,66 K
m4820e~1.dll Thu 2005–11–17 23:25:12 ..S.R 235 777 230,25 K
mshtml.dll Tue 2005–10–04 17:27:36 A.... 3 013 120 2,87 M
mshtmled.dll Sat 2005–09–03 0:55:02 A.... 448 512 438,00 K
msrating.dll Sat 2005–09–03 0:55:02 A.... 146 432 143,00 K
mstime.dll Sat 2005–09–03 0:55:04 A.... 530 432 518,00 K
n0n60a~1.dll Sat 2005–11–19 14:31:30 ..S.R 237 163 231,60 K
nclapi.dll Tue 2005–09–06 10:25:14 A.... 126 976 124,00 K
ncltools.dll Mon 2005–08–29 9:36:54 A.... 26 624 26,00 K
netman.dll Mon 2005–08–22 19:36:16 A.... 197 632 193,00 K
oemdspif.dll Thu 2005–09–15 3:53:36 A.... 73 728 72,00 K
pngfilt.dll Sat 2005–09–03 0:55:04 A.... 39 424 38,50 K
quartz.dll Tue 2005–08–30 4:56:14 A.... 1 290 752 1,23 M
shdocvw.dll Sat 2005–09–03 0:55:06 A.... 1 483 776 1,41 M
shell32.dll Fri 2005–09–23 4:07:40 A.... 8 479 232 8,09 M
shlwapi.dll Sat 2005–09–03 0:55:06 A.... 473 600 462,50 K
ulrar.dll Thu 2005–11–17 19:29:12 ..S.R 235 777 230,25 K
umpnpmgr.dll Tue 2005–08–23 4:40:06 A.... 123 904 121,00 K
urlmon.dll Sat 2005–09–03 0:55:08 A.... 604 672 590,50 K
wininet.dll Sat 2005–09–03 0:55:08 A.... 660 992 645,50 K
winsrv.dll Thu 2005–09–01 3:28:38 A.... 292 352 285,50 K
51 items found: 51 files (7 H/S), 0 directories.
Total of file sizes: 41 357 914 bytes 39,44 M
Locate .tmp files:
C:\WINDOWS\SYSTEM32\
guard.tmp Sat 2005–11–19 15:17:44 ..S.R 237 163 231,60 K
1 item found: 1 file (1 H/S), 0 directories.
Total of file sizes: 237 163 bytes 231,60 K
**********************************************************************************
Directory Listing of system files:
Wolumin w stacji C to WinXP
Numer seryjny woluminu: 489A–9B91
Katalog: C:\WINDOWS\System32
2005–11–19 15:17 237163 guard.tmp
2005–11–19 15:17 dllcache
2005–11–19 14:54 237163 d4j00e1meh.dll
2005–11–19 14:31 237163 n0n60a5sed.dll
2005–11–19 14:04 237163 enjql1151.dll
2005–11–18 09:58 237163 d40m0ed1eh0.dll
2005–11–17 23:25 235777 m4820eloehqc0.dll
2005–11–17 19:29 235777 ulrar.dll
2005–11–14 21:58 235169 LsgitCheckControl.dll
2005–11–11 15:04 32 {1E1A5002–A1B3–4627–9679–18018AFF9697}.dat
2005–11–11 13:32 32 {2ED53A54–049C–4B43–9A06–9CE19472F6E5}.dat
2005–11–11 13:32 32 {F6CF7B68–272E–4001–8D30–2C1E28351348}.dat
2005–11–11 13:31 32 {741FE20B–6273–4AC8–91D2–AD8A00292270}.dat
2005–11–11 08:26 32 {D6C5B2BF–517B–4C3E–84E8–9DF951642195}.dat
2005–11–11 08:26 32 {C90BF7DE–779C–4680–AB17–3924E8DAF808}.dat
2005–11–11 08:25 32 {5102EF97–4954–4E0B–A530–4FDA2943E2F8}.dat
2005–11–11 08:24 32 {55768556–9536–421C–8B97–782AC6776058}.dat
2005–11–11 00:25 Microsoft
16 plik(w) 1892794 bajtw
2 katalog(w) 18849767424 bajtw wolnych
Odpowiedzi: 1
http://forum.centrumxp.pl/viewtopic.php?t=43523
Strona 1 / 1