ComboFix 12-01-07.03 - ja 2012-01-08 15:03:39.5.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.1014.670 [GMT 1:00] Uruchomiony z: c:\documents and settings\ja\Pulpit\ComboFix.exe Użyto następujących komend :: c:\documents and settings\ja\Pulpit\CFScript.txt FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\ja\Pulpit\Internet Explorer.lnk . . --------------- FCopy --------------- . c:\windows\system32\dllcache\mswsock.dll --> c:\windows\system32\mswsock.dll . ((((((((((((((((((((((((( Pliki utworzone od 2011-12-08 do 2012-01-08 ))))))))))))))))))))))))))))))) . . 2012-01-08 13:41 . 2012-01-08 13:41 -------- d-----w- c:\program files\StrongRecovery 2012-01-08 13:31 . 2012-01-08 13:31 -------- d-----w- c:\program files\ElcomSoft 2012-01-08 13:24 . 2012-01-08 13:24 -------- d-----w- c:\documents and settings\ja\Dane aplikacji\PandoraRecovery 2012-01-08 13:24 . 2012-01-08 13:41 -------- d-----w- c:\program files\Pandora Recovery 2012-01-07 20:11 . 2012-01-07 20:11 -------- d-----w- c:\windows\Internet Logs 2012-01-07 12:39 . 2010-11-05 08:20 1938272 ----a-w- c:\windows\system32\drivers\athw.sys 2012-01-06 23:45 . 2008-04-14 20:24 188544 -c--a-w- c:\windows\system32\dllcache\acpi.sys 2012-01-06 23:45 . 2004-08-18 01:00 47616 -c--a-w- c:\windows\system32\dllcache\i8042prt.sys 2012-01-06 23:25 . 2012-01-06 23:25 -------- d-----w- c:\documents and settings\ja\Ustawienia lokalne\Dane aplikacji\Opera 2012-01-06 23:10 . 2012-01-06 23:10 -------- d-----w- C:\_OTL 2012-01-06 22:25 . 2012-01-06 22:34 -------- d-----w- c:\program files\RegCleaner 2012-01-06 18:23 . 2012-01-06 18:23 -------- d-----w- c:\documents and settings\ja\Dane aplikacji\VSRevoGroup 2012-01-04 17:02 . 2012-01-04 17:54 -------- d-----w- C:\sh4ldr 2012-01-04 17:02 . 2012-01-04 17:02 -------- d-----w- c:\program files\Enigma Software Group 2012-01-04 17:01 . 2012-01-04 17:01 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2012-01-04 16:33 . 2012-01-04 17:53 -------- d-----w- c:\program files\VS Revo Group 2012-01-03 19:34 . 2012-01-03 19:34 -------- d-----w- c:\documents and settings\ja\Ustawienia lokalne\Dane aplikacji\GHISLER 2012-01-03 19:16 . 2012-01-03 19:16 -------- d-----w- C:\totalcmd 2012-01-03 19:16 . 2008-08-08 06:04 545 ----a-w- c:\windows\UC.PIF 2012-01-03 19:16 . 2008-08-08 06:04 545 ----a-w- c:\windows\RAR.PIF 2012-01-03 19:16 . 2008-08-08 06:04 545 ----a-w- c:\windows\NOCLOSE.PIF 2012-01-03 19:16 . 2008-08-08 06:04 545 ----a-w- c:\windows\LHA.PIF 2012-01-03 19:16 . 2008-08-08 06:04 545 ----a-w- c:\windows\ARJ.PIF 2012-01-03 18:07 . 2012-01-06 22:44 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy 2012-01-03 14:07 . 2012-01-03 14:07 -------- d-----w- c:\program files\Avira 2012-01-03 14:04 . 2012-01-03 14:04 -------- d-----w- c:\documents and settings\Administrator . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-23 18:52 . 2011-11-23 18:52 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-23 14:40 . 2003-04-16 12:00 1859840 ----a-w- c:\windows\system32\win32k.sys 2011-11-21 20:55 . 2011-11-21 20:55 493520 ----a-w- c:\program files\FacebookVideoCallSetup_v1.2.203.0.exe 2011-11-01 20:36 . 2009-03-11 13:50 81920 ------w- c:\windows\system32\ieencode.dll 2011-11-01 20:36 . 2003-04-16 12:00 669696 ----a-w- c:\windows\system32\wininet.dll 2011-11-01 20:36 . 2003-04-16 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx 2011-11-01 20:34 . 2009-03-11 13:50 370688 ------w- c:\windows\system32\html.iec 2011-11-01 16:07 . 2003-04-16 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:32 . 2003-04-16 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:49 . 2003-04-16 12:00 2194048 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 10:49 . 2002-09-20 17:12 2070656 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-18 11:13 . 2003-04-16 12:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-10 14:22 . 2008-09-03 18:39 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-02-06 20:48 . 2011-02-06 20:44 24928216 ----a-w- c:\program files\gg10.exe 2010-09-25 19:42 . 2010-09-25 19:42 6275448 ----a-w- c:\program files\Silverlight.exe 2010-09-06 09:36 . 2010-09-06 09:28 874272 ----a-w- c:\program files\jxpiinstall.exe 2010-06-10 17:45 . 2010-06-10 17:45 13854808 ----a-w- c:\program files\iplasetup.exe 2009-04-02 13:11 . 2009-04-02 13:11 1976104 ----a-w- c:\program files\SkypeSetup1.exe 2008-12-10 20:09 . 2008-12-10 20:09 10478280 ----a-w- c:\program files\XLVIEWER.EXE 2008-11-05 22:14 . 2008-11-05 22:08 22380328 ----a-w- c:\program files\SkypeSetup.exe 2008-11-04 09:31 . 2008-11-04 09:30 1851544 ----a-w- c:\program files\install_flash_player.exe 2008-11-03 09:44 . 2008-11-03 09:44 8218784 ----a-w- c:\program files\Firefox Setup 3.0.3.exe 2008-10-29 19:10 . 2008-10-29 19:10 4350416 ----a-w- c:\program files\gg77.exe 2011-12-07 16:22 . 2011-12-07 16:22 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys [-] 2003-04-16 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [-] 2002-08-28 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys . [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys . [-] 2003-04-16 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [-] 2003-04-16 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys . [-] 2008-04-14 . 2AECA45D4AEAACBDCB77AD11184E4601 . 24960 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys [-] 2008-04-14 . 2AECA45D4AEAACBDCB77AD11184E4601 . 24960 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys [-] 2003-04-16 . FF7EFE2843AC5DCA6AE0DDA14593FE70 . 23808 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\kbdclass.sys . [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys . [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys . [-] 2003-04-16 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [-] 2003-04-16 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys . [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys . [-] 2008-04-14 . B98ED6D85339A66A73F32FB569EB6C01 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll [-] 2008-04-14 . B98ED6D85339A66A73F32FB569EB6C01 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll . [-] 2008-04-14 . 88296F7943F30A1EE3AF735440B92268 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe [-] 2008-04-14 . 88296F7943F30A1EE3AF735440B92268 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe . [-] 2008-04-14 . 4FE97D0B1B182DF2A9BDD4C02155EF5E . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll [-] 2008-04-14 . 4FE97D0B1B182DF2A9BDD4C02155EF5E . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll . [-] 2008-04-14 21:50 . 8A7426E69FFA30EE4DC76CA3E3999121 . 822272 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll [-] 2008-04-14 21:50 . 8A7426E69FFA30EE4DC76CA3E3999121 . 822272 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll . [-] 2008-04-14 . 78200FAA6FD9C69394134C238C87FB7F . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll [-] 2008-04-14 . 78200FAA6FD9C69394134C238C87FB7F . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [-] 2008-04-14 . 78200FAA6FD9C69394134C238C87FB7F . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll . [-] 2009-02-09 . C9E5AC78D9A00B1DE8CE2AD1BDDE7E42 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . A37311D9D628C1042A2836731787F0F3 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . A37311D9D628C1042A2836731787F0F3 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll [-] 2008-04-14 . 02396DAB9DD407B06539981F477F3FEC . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll . [-] 2009-02-09 . 02A467E27AF55F7064C5B251E587315F . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [-] 2009-02-09 . 02A467E27AF55F7064C5B251E587315F . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe [-] 2009-02-09 . 8816E60BF654353E8E0D35ED98875445 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2008-04-14 . 3E3AE424E27C4CEFE4CAB368C7B570EA . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe . [-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe [-] 2008-04-14 . DD69EC597AB942C39B950D9C3CE1375D . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe . [-] 2008-04-14 . 51FD2E13D723857B9CA239AE77150F48 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . 51FD2E13D723857B9CA239AE77150F48 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe . [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys . [-] 2010-08-23 . 8B9ED4A686777261B9AFADD2A6D981A0 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2010-08-23 . 8B9ED4A686777261B9AFADD2A6D981A0 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll [-] 2010-08-23 . C29639BA7410BCEF8898CBCB07A59CB1 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [-] 2008-04-14 . 0BE00656B7CAEDE754AEE4D7AD13B687 . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [-] 2008-04-14 . 737739FACEAD60683AA8D7FF7602FD14 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [-] 2003-04-16 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll [-] 2003-04-16 . B51906C9D0E79E01D18FEA13651AC18B . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll . [-] 2008-04-14 . 6B105FE95F2E9F0B6346044BA59D41C9 . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [-] 2008-04-14 . 6B105FE95F2E9F0B6346044BA59D41C9 . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll . [-] 2008-07-07 20:29 . 6AFF804839C85859E0247164FBE5F5BB . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2008-07-07 20:29 . 6AFF804839C85859E0247164FBE5F5BB . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:25 . 5BB3E442E43C7BB0F38203F23C920D3C . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-04-14 21:50 . BE1B1412A3D488C50B8F67F792196108 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll . [-] 2008-04-14 . 2E9A03268E609917B83921EE16FD9CFB . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll [-] 2008-04-14 . 2E9A03268E609917B83921EE16FD9CFB . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll . [-] 2009-03-21 . 77C951B64413E80EEC0359426DCA938B . 1018368 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . 77C951B64413E80EEC0359426DCA938B . 1018368 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll [-] 2009-03-21 . 6CFFFD4A53F08D1BE0222D859BF93B29 . 1020416 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2008-04-14 . FCE4ECC34A36EDACF03DBE8DE5E28910 . 1018368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll . [-] 2008-04-14 . EA8DF0AF49E2616F55BF327549E44368 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll [-] 2008-04-14 . EA8DF0AF49E2616F55BF327549E44368 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll . [-] 2008-04-14 . A9C89DBAD5EFF7A06B58302778674507 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll [-] 2008-04-14 . A9C89DBAD5EFF7A06B58302778674507 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll . [-] 2008-04-14 . 411864012AC39F2B57319AEF64D336DF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [-] 2008-04-14 . 411864012AC39F2B57319AEF64D336DF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [-] 2008-04-14 . 11F8B9042B6F4320B6D4E528664AD693 . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll [-] 2003-04-16 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2003-04-16 . 1B2C477D8847E4123DD8761D2E9008F7 . 323072 . . [7.0.2600.1106] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll . [-] 2008-06-20 . BF80D884E1C60DED1C7CEA3EC6F9DC28 . 246784 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll [-] 2008-06-20 . BF80D884E1C60DED1C7CEA3EC6F9DC28 . 246784 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-04-14 . 612E31FCAC1040EDD78ECAC81C9F859F . 246784 . . [5.1.2600.5512] . . c:\windows\system32\mswsock.dll [-] 2008-04-14 . 612E31FCAC1040EDD78ECAC81C9F859F . 246784 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\mswsock.dll . [-] 2008-04-14 . 9858AD0A3FCD83C3B100EDD5852DE540 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll [-] 2008-04-14 . 9858AD0A3FCD83C3B100EDD5852DE540 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll . [-] 2008-04-14 . 414C17A2958AEDAC700BBAAFBF999F94 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll [-] 2008-04-14 . 414C17A2958AEDAC700BBAAFBF999F94 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll . [-] 2008-04-14 . 3F74B6B4E2721272A117D25990141F73 . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll [-] 2008-04-14 . 3F74B6B4E2721272A117D25990141F73 . 186368 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll . [-] 2008-04-14 . 71C6AB6EB8CF1190BAC7075F82BD8F05 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll [-] 2008-04-14 . 71C6AB6EB8CF1190BAC7075F82BD8F05 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll . [-] 2008-04-14 . 8607D35D92528E2DF386F19A960D23CE . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe [-] 2008-04-14 . 8607D35D92528E2DF386F19A960D23CE . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe . [-] 2008-04-14 . 2340E6977548038C88E39A9ECBB3FADC . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [-] 2008-04-14 . 2340E6977548038C88E39A9ECBB3FADC . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll . [-] 2008-04-14 . A435C5C069AFD901751AC323AD238793 . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . A435C5C069AFD901751AC323AD238793 . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll . [-] 2008-04-14 . 2A5B37D520508BE6570A3EA79695F5B5 . 26624 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe [-] 2008-04-14 . 2A5B37D520508BE6570A3EA79695F5B5 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe . [-] 2008-04-14 . C0AA2AB856680C44739B41E01F5BD4E9 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [-] 2008-04-14 . C0AA2AB856680C44739B41E01F5BD4E9 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll . [-] 2008-04-14 . F43B5623C5CA5BF6D9678FCF19642422 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll [-] 2008-04-14 . F43B5623C5CA5BF6D9678FCF19642422 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll . [-] 2008-04-14 . C791ED9EAC5E76D9525E157B1D7A599A . 1035264 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . C791ED9EAC5E76D9525E157B1D7A599A . 1035264 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe . [-] 2008-04-14 . FD317A23C3EB2A856E74279FBE04B9C2 . 149504 . . [5.1.2600.5512] . . c:\windows\regedit.exe [-] 2008-04-14 . FD317A23C3EB2A856E74279FBE04B9C2 . 149504 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe . [-] 2010-04-16 . 514F80DF6DCF9BBA1D67CA16BC667787 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll [-] 2010-04-16 . 514F80DF6DCF9BBA1D67CA16BC667787 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll [-] 2010-04-16 . 9B5F828F0D6A7AEA167F7D85CF693BD0 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll [-] 2008-04-14 . CD7F574A9ABDECAB9561DB0B2F7F2143 . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll . [-] 2008-04-14 . CD928E84EF8FAB1BFB5791E28F7D4E0B . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll [-] 2008-04-14 . CD928E84EF8FAB1BFB5791E28F7D4E0B . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll [-] 2008-04-14 . CD928E84EF8FAB1BFB5791E28F7D4E0B . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\ksuser.dll . [-] 2008-04-14 . 1BD41EDA5B869AFC99895C39A8DE36E1 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . 1BD41EDA5B869AFC99895C39A8DE36E1 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe . [-] 2009-07-27 . 55AAE86C7C2CADF6972ACD1D76C24A98 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll [-] 2009-07-27 . 55AAE86C7C2CADF6972ACD1D76C24A98 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll [-] 2009-07-27 . 232D5719F86E05B7FE34F038D4FC84B2 . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll [-] 2008-04-14 . 8AD90ED829B8404D962545ED3EFB1129 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll . [-] 2008-04-14 . 316D0E66074AE4CDE641C50D3A1C5148 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 316D0E66074AE4CDE641C50D3A1C5148 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll . [-] 2008-04-14 . CC07DA5A1CB214ADDFA50B2FA6935F18 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [-] 2008-04-14 . CC07DA5A1CB214ADDFA50B2FA6935F18 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe . [-] 2008-04-14 . 24ED6935771359A5AEF1FE8BF0C56F39 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [-] 2008-04-14 . 24ED6935771359A5AEF1FE8BF0C56F39 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll . [-] 2008-04-14 . 35FCCFD093582FA9098762E6F84EE119 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll [-] 2008-04-14 . 35FCCFD093582FA9098762E6F84EE119 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll . [-] 2008-04-14 . A9ED600F08A92143253C10EDB5651ECF . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [-] 2008-04-14 . A9ED600F08A92143253C10EDB5651ECF . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys . [-] 2008-04-14 . B472B59EF98469C91651B751D3442CB8 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll [-] 2008-04-14 . B472B59EF98469C91651B751D3442CB8 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll . [-] 2008-04-14 . DD73C11A5C4D14945846384B90A61A4B . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [-] 2008-04-14 . DD73C11A5C4D14945846384B90A61A4B . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll . [-] 2008-04-14 . 2C0B1224AA36B4CA1753302BAA855882 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll [-] 2008-04-14 . 2C0B1224AA36B4CA1753302BAA855882 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll . [-] 2008-04-14 . 52E0505408EDD4AB5CCC7F83B67B4299 . 296448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll [-] 2008-04-14 . 52E0505408EDD4AB5CCC7F83B67B4299 . 296448 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll . [-] 2008-04-14 . 2DEE3DC6EB17D7BB774CE05695BA26D6 . 346112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll [-] 2008-04-14 . 2DEE3DC6EB17D7BB774CE05695BA26D6 . 346112 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll . [-] 2003-04-16 . 66A42B7DB194E24B973BBCCE840A0F3F . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys . [-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys [-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys . [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys . [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys . [-] 2008-04-14 . BEE2EC1B76C4E57D1AD6A673ECD775CB . 35328 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\iprip.dll [-] 2008-04-14 . BEE2EC1B76C4E57D1AD6A673ECD775CB . 35328 . . [5.1.2600.5512] . . c:\windows\system32\iprip.dll . [-] 2010-09-18 07:18 . 576D37910F472BB5E62EF14D4B274599 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll [-] 2010-09-18 06:53 . E7A93F4C5154D34F61328D34DE02CD61 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll [-] 2010-09-18 06:53 . E7A93F4C5154D34F61328D34DE02CD61 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll [-] 2008-04-14 21:50 . E43B998C777D43FB8624741B4567BCD9 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll . [-] 2008-04-14 . 36F3AB18B1BE303DA51DE90A67DE3942 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll [-] 2008-04-14 . 36F3AB18B1BE303DA51DE90A67DE3942 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll . [-] 2008-04-14 21:50 . 0A824C0FB380CE41D1C5B8E14E006142 . 52736 . . [9.0.1.56] . . c:\windows\system32\dllcache\mspmsnsv.dll [-] 2005-01-28 12:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll [-] 2005-01-28 12:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\system32\MsPMSNSv.dll . [-] 2008-04-14 21:50 . 3FB5399DBB7001A80D58EDAD64C98225 . 435712 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [-] 2008-04-14 21:50 . 3FB5399DBB7001A80D58EDAD64C98225 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll . [-] 2008-04-14 . E96A6BAEE0B2A14A38B45830D6E30697 . 186880 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll [-] 2008-04-14 . E96A6BAEE0B2A14A38B45830D6E30697 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll . [-] 2008-04-14 . 4F2DA211B394AF150F00254F346857CD . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll [-] 2008-04-14 . 4F2DA211B394AF150F00254F346857CD . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll . [-] 2008-04-14 . 8881A14051D739A8422C521A83D614DA . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll [-] 2008-04-14 . 8881A14051D739A8422C521A83D614DA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll . [-] 2008-04-14 . 277389C269541D4B474BA72CA98A39E4 . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll [-] 2008-04-14 . 277389C269541D4B474BA72CA98A39E4 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll . [-] 2008-04-14 21:50 . 24B2954CAA69D904C1F39A3AC1421044 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll [-] 2008-04-14 21:50 . 24B2954CAA69D904C1F39A3AC1421044 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll . [-] 2008-04-14 . 2095C42F0026BA1D0F6A4DC07CAEE871 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll [-] 2008-04-14 . 2095C42F0026BA1D0F6A4DC07CAEE871 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll . [-] 2008-04-14 . 5B9FC235221DC3F48DA7318CB0BD4888 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll [-] 2008-04-14 . 5B9FC235221DC3F48DA7318CB0BD4888 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll . [-] 2008-04-14 . AF3C3F051675CF688EAD4065FE11542D . 93184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\iexplore.exe . [-] 2008-04-14 . 316D0E66074AE4CDE641C50D3A1C5148 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 316D0E66074AE4CDE641C50D3A1C5148 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll . [-] 2008-04-14 . A672CA3981352F8E9C30FEA056E80A62 . 176128 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll [-] 2008-04-14 . A672CA3981352F8E9C30FEA056E80A62 . 176128 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll . [-] 2008-04-14 . 41508EA375C97DC2B56E5F1AFC067187 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll [-] 2008-04-14 . 41508EA375C97DC2B56E5F1AFC067187 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll . [-] 2008-04-14 . 30A2A72C04597972CF325F2A28410B63 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll [-] 2008-04-14 . 30A2A72C04597972CF325F2A28410B63 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll . [-] 2008-04-14 . D6804AD9DBDF13DF147A371EB881020F . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll [-] 2008-04-14 . D6804AD9DBDF13DF147A371EB881020F . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\System32\igfxtray.exe" [2007-08-24 135168] "HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2007-08-24 159744] "Persistence"="c:\windows\System32\igfxpers.exe" [2007-08-24 131072] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-07-16 768520] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "RTHDCPL"="RTHDCPL.EXE" [2007-10-25 16855552] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programy\Autostart\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "g:\\operausb1160en\\operausb1160en\\opera.exe"= . R2 Iprip;Odbiornik RIP;c:\windows\System32\svchost.exe -k netsvcs [2003-04-16 14336] R4 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys --> c:\windows\system32\DRIVERS\avkmgr.sys [?] S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?] S3 AR9271;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athuw.sys --> c:\windows\system32\DRIVERS\athuw.sys [?] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] . --- Inne Usługi/Sterowniki w Pamięci --- . *Deregistered* - avipbb *Deregistered* - ssmdrv . Zawartość folderu 'Zaplanowane zadania' . 2012-01-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-507921405-2111687655-725345543-1004Core.job - c:\documents and settings\ja\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [2011-11-21 20:55] . 2012-01-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-507921405-2111687655-725345543-1004UA.job - c:\documents and settings\ja\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [2011-11-21 20:55] . . ------- Skan uzupełniający ------- . uStart Page = about:blank TCP: DhcpNameServer = 192.0.2.2 192.168.1.1 FF - ProfilePath - c:\documents and settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\5rz9xv2i.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-01-08 15:07 Windows 5.1.2600 Dodatek Service Pack 3 NTFS . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . skanowanie ukrytych plików ... . skanowanie pomyślnie ukończone ukryte pliki: 0 . ************************************************************************** . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\10.0] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\9.0] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}] @DACL=(02 0000) "Priority"=dword:00000001 "AutoInsert"=dword:00000001 "Name"="WMPlayer Spectrum Analyzer DMO" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}] @DACL=(02 0000) "Priority"=dword:fffffffb "AutoInsert"=dword:00000001 "Name"="WMPlayer SRSWow DMO" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}] @DACL=(02 0000) "Priority"=dword:fffffffe "AutoInsert"=dword:00000001 "Name"="WMPlayer Video Processing DMO" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}] @DACL=(02 0000) "Priority"=dword:00000002 "AutoInsert"=dword:00000000 "Name"="Speaker Enhancement DMO" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}] @DACL=(02 0000) "Priority"=dword:00000003 "AutoInsert"=dword:00000001 "Name"="WMPlayer Equalizer DMO" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Automenu] @DACL=(02 0000) "classid"="clsid:6B28F900-8D64-4B80-9963-CC52DDD1FBB4" "visible"="false" "tabstop"="false" "width"="1" "height"="1" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\BalanceSlider] @DACL=(02 0000) "classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A" "toolTip"="res://wmploc.dll/RT_STRING/#1845" "min"="-100" "max"="100" "value"="wmpprop:player.settings.balance" "value_onchange"="player.settings.balance=value;" "accName"="res://wmploc.dll/RT_STRING/#2112" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2108" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\browser] @DACL=(02 0000) "classid"="clsid:8856F961-340A-11D0-A96B-00C04FD705A2" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Button] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2114" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ButtonGroup] @DACL=(02 0000) "classid"="clsid:AE3B6831-25A9-11d3-BD41-00C04F6EA5AE" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\CloseButton] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "upToolTip"="res://wmploc.dll/RT_STRING/#1812" "onclick"="view.close();" "accName"="res://wmploc.dll/RT_STRING/#2134" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2135" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\CurrentPositionText] @DACL=(02 0000) "classid"="clsid:DDDA102E-0E17-11D3-A2E2-00C04F79F88E" "tabStop"="true" "justification"="right" "value"="wmpprop:player.controls.currentPositionString" "accName"="res://wmploc.dll/RT_STRING/#2103" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\CustomSlider] @DACL=(02 0000) "classid"="clsid:95F45AA3-ED0A-11D2-BA67-0000F80855E6" "cursor"="hand" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\DropDownPlaylist] @DACL=(02 0000) "classid"="clsid:5F9CFD93-8CAD-11d3-9A7E-00C04F8EFB70" "playlistItemsVisible"="false" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\DurationText] @DACL=(02 0000) "classid"="clsid:DDDA102E-0E17-11D3-A2E2-00C04F79F88E" "tabStop"="true" "justification"="right" "value"="wmpprop:player.currentMedia.DurationString" "accName"="res://wmploc.dll/RT_STRING/#2104" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\EditBox] @DACL=(02 0000) "classid"="clsid:6342FCED-25EA-4033-BDDB-D049A14382D3" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Alchemy] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Ambience] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Bars] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Dotplane] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Plenoptic] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Spikes] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\EqualizerSettings] @DACL=(02 0000) "classid"="clsid:93EB32F5-87B1-45ad-ACC6-0F2483DB83BB" "tabStop"="false" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\FFWDButton] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "enabled"="wmpenabled:player.controls.fastforward" "upToolTip"="res://wmploc.dll/RT_STRING/#1804" "onclick"="player.controls.FastForward()" "accName"="res://wmploc.dll/RT_STRING/#2120" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2121" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ImageButton] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "cursor"="hand" "accName"="res://wmploc.dll/RT_STRING/#2140" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ItemsPlaylist] @DACL=(02 0000) "classid"="clsid:5F9CFD93-8CAD-11d3-9A7E-00C04F8EFB70" "backgroundcolor"="black" "foregroundcolor"="white" "columnsVisible"="false" "columns"="name=Name;Duration=Time" "dropDownVisible"="false" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\LibraryTree] @DACL=(02 0000) "classid"="clsid:D9DE732A-AEE9-4503-9D11-5605589977A8" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ListBox] @DACL=(02 0000) "classid"="clsid:FC1880CF-83B9-43A7-A066-C44CE8C82583" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\menu] @DACL=(02 0000) "classid"="clsid:BAB3768B-8883-4AEC-9F9B-E14C947913EF" "visible"="false" "tabstop"="false" "width"="1" "height"="1" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\MinimizeButton] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "upToolTip"="res://wmploc.dll/RT_STRING/#1811" "onclick"="view.minimize();" "accName"="res://wmploc.dll/RT_STRING/#2132" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2133" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\MuteButton] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "upToolTip"="res://wmploc.dll/RT_STRING/#1807" "downToolTip"="res://wmploc.dll/RT_STRING/#1808" "sticky"="true" "down"="wmpprop:player.settings.mute" "onClick"="player.settings.mute=down;" "accName"="res://wmploc.dll/RT_STRING/#2130" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2131" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\NextButton] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "enabled"="wmpenabled:player.controls.next" "upToolTip"="res://wmploc.dll/RT_STRING/#1806" "onclick"="player.controls.Next()" "accName"="res://wmploc.dll/RT_STRING/#2124" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2125" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\PauseButton] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "enabled"="wmpenabled:player.controls.pause" "upToolTip"="res://wmploc.dll/RT_STRING/#1801" "onclick"="player.controls.pause()" "accName"="res://wmploc.dll/RT_STRING/#2116" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2117" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\PlayButton] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "enabled"="wmpenabled:player.controls.play" "upToolTip"="res://wmploc.dll/RT_STRING/#1800" "onclick"="player.controls.play()" "accName"="res://wmploc.dll/RT_STRING/#2115" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2117" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Playlist] @DACL=(02 0000) "classid"="clsid:5F9CFD93-8CAD-11d3-9A7E-00C04F8EFB70" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\plugin] @DACL=(02 0000) "classid"="clsid:AA1AC37B-49A8-4B41-AF69-B0176C5FFC33" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\PopUp] @DACL=(02 0000) "classid"="clsid:FC1880CF-83B9-43A7-A066-C44CE8C82583" "popup"="true" "visible"="false" "backgroundColor"="menu" "foregroundColor"="menutext" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\PrevButton] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "enabled"="wmpenabled:player.controls.previous" "upToolTip"="res://wmploc.dll/RT_STRING/#1805" "onclick"="player.controls.Previous()" "accName"="res://wmploc.dll/RT_STRING/#2126" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2127" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ProgressBar] @DACL=(02 0000) "classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\RepeatButton] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "upToolTip"="res://wmploc.dll/RT_STRING/#1816" "downToolTip"="res://wmploc.dll/RT_STRING/#1817" "sticky"="true" "down"="jscript:player.settings.GetMode(\"loop\");" "onClick"="player.settings.setMode(\"loop\", down);" "accName"="res://wmploc.dll/RT_STRING/#2138" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2139" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ReturnButton] @DACL=(02 0000) "upToolTip"="res://wmploc.dll/RT_STRING/#1813" "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "onclick"="view.returnToMediaCenter();" "accName"="res://wmploc.dll/RT_STRING/#2128" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2129" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\REWButton] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "enabled"="wmpenabled:player.controls.fastreverse" "upToolTip"="res://wmploc.dll/RT_STRING/#1803" "onclick"="player.controls.FastReverse()" "accName"="res://wmploc.dll/RT_STRING/#2122" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2123" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\SeekSlider] @DACL=(02 0000) "classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A" "toolTip"="res://wmploc.dll/RT_STRING/#1809" "min"="0" "max"="wmpprop:player.currentmedia.duration" "value"="wmpprop:player.controls.currentposition" "ondragend"="player.controls.currentposition=value;" "foregroundProgress"="wmpprop:player.network.downloadProgress" "useForegroundProgress"="true" "accName"="res://wmploc.dll/RT_STRING/#2109" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2108" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ShuffleButton] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "upToolTip"="res://wmploc.dll/RT_STRING/#1814" "downToolTip"="res://wmploc.dll/RT_STRING/#1815" "sticky"="true" "down"="jscript:player.settings.GetMode(\"shuffle\");" "onClick"="player.settings.setMode(\"shuffle\", down);" "accName"="res://wmploc.dll/RT_STRING/#2136" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2137" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Slider] @DACL=(02 0000) "classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2108" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\StatusText] @DACL=(02 0000) "classid"="clsid:DDDA102E-0E17-11D3-A2E2-00C04F79F88E" "tabStop"="true" "value"="wmpprop:player.status" "accName"="res://wmploc.dll/RT_STRING/#2102" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\StopButton] @DACL=(02 0000) "classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A" "enabled"="wmpenabled:player.controls.stop" "upToolTip"="res://wmploc.dll/RT_STRING/#1802" "onclick"="player.controls.stop()" "accName"="res://wmploc.dll/RT_STRING/#2118" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2119" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\taskcenter] @DACL=(02 0000) "classid"="clsid:395BF287-6477-495f-8427-2C09A23C3248" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Text] @DACL=(02 0000) "classid"="clsid:DDDA102E-0E17-11D3-A2E2-00C04F79F88E" "tabStop"="false" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\TrackNameText] @DACL=(02 0000) "classid"="clsid:DDDA102E-0E17-11D3-A2E2-00C04F79F88E" "tabStop"="true" "value"="wmpprop:player.currentmedia.name" "accName"="res://wmploc.dll/RT_STRING/#2105" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Video] @DACL=(02 0000) "classid"="clsid:61CECF11-FC3A-11D2-A1CD-005004602752" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\VideoSettings] @DACL=(02 0000) "classid"="clsid:AE7BFAFE-DCC8-4a73-92C8-CC300CA88859" "tabStop"="false" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\VolumeSlider] @DACL=(02 0000) "classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A" "min"="0" "max"="100" "value"="wmpprop:player.settings.volume" "value_onchange"="if (value!=player.settings.volume){player.settings.volume=value;player.settings.mute=false;}" "toolTip"="res://wmploc.dll/RT_STRING/#1810" "accName"="res://wmploc.dll/RT_STRING/#2110" "accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2111" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\WMPEffects] @DACL=(02 0000) "classid"="clsid:47DEA830-D619-4154-B8D8-6B74845D6A2D" "tabStop"="false" "width"="250" "height"="200" "horizontalAlignment"="stretch" "verticalAlignment"="stretch" "currentEffectType"="wmpprop:mediacenter.effectType" "currentPreset"="wmpprop:mediacenter.effectPreset" "currentEffectType_onchange"="mediacenter.effectType = currentEffectType;" "currentPreset_onchange"="mediacenter.effectPreset = currentPreset;" "onclick"="next();" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\WMPVideo] @DACL=(02 0000) "classid"="clsid:61CECF11-FC3A-11D2-A1CD-005004602752" "horizontalAlignment"="stretch" "verticalAlignment"="stretch" "zoom"="wmpprop:mediacenter.videoZoom" "stretchToFit"="wmpprop:mediacenter.videoStretchToFit" "backgroundColor"="black" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Publish\{1AC8AC62-67E9-4676-BA08-194A6916B145}] @DACL=(02 0000) @="WMPlayer CD Burn Publish Provider" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Publish\{9AB5C98B-AA7B-4ff4-A8EB-9D8E23C0D59E}] @DACL=(02 0000) @="WMPlayer Downlevel CD Burn Publish Provider" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Publish\{F6402585-08FB-498E-877D-2D8EDF05219F}] @DACL=(02 0000) @="WMPlayer WMDM Publish Provider" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\services] @DACL=(02 0000) "NoServices"=dword:00000000 . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ShimInclusionList\FIREFOX.EXE] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ShimInclusionList\MSN6.EXE] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ShimInclusionList\NETSCAPE.EXE] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ShimInclusionList\NETSCP.EXE] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ShimInclusionList\NETSCP6.EXE] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ShimInclusionList\WAOL.EXE] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\SmartPlaylist] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}] @DACL=(02 0000) "Capabilities"=dword:00000004 "FriendlyName"="res://wmploc.dll/RT_STRING/#1491" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}] @DACL=(02 0000) "Capabilities"=dword:00000004 "FriendlyName"="res://wmploc.dll/RT_STRING/#1495" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}] @DACL=(02 0000) "Capabilities"=dword:00000004 "FriendlyName"="res://wmploc.dll/RT_STRING/#1496" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}] @DACL=(02 0000) "Capabilities"=dword:00000004 "FriendlyName"="res://wmploc.dll/RT_STRING/#1497" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}] @DACL=(02 0000) "Capabilities"=dword:00000003 "FriendlyName"="Viz Plug-in" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}] @DACL=(02 0000) "Capabilities"=dword:00000004 "FriendlyName"="res://wmploc.dll/RT_STRING/#1494" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}] @DACL=(02 0000) "Description"="Captions plugin description" "Capabilities"=dword:000000f0 "FriendlyName"="Captions plugin name" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}] @DACL=(02 0000) "Capabilities"=dword:00000003 "FriendlyName"="res://wmploc.dll/RT_STRING/#209" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}] @DACL=(02 0000) "Description"="Media Information description" "Capabilities"=dword:00000005 "FriendlyName"="res://wmploc.dll/RT_STRING/#1407" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}] @DACL=(02 0000) "Capabilities"=dword:00000004 "FriendlyName"="res://wmploc.dll/RT_STRING/#1490" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}] @DACL=(02 0000) "Description"="Banner plugin description" "Capabilities"=dword:000000f0 "FriendlyName"="Banner plugin name" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}] @DACL=(02 0000) "Capabilities"=dword:00000004 "FriendlyName"="res://wmploc.dll/RT_STRING/#1493" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}] @DACL=(02 0000) "Capabilities"=dword:00000004 "FriendlyName"="res://wmploc.dll/RT_STRING/#1492" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}] @DACL=(02 0000) "Capabilities"=dword:00000003 "FriendlyName"="Video Plug-in" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}] @DACL=(02 0000) "FriendlyName"="WM View plugin name" "Description"="WM View plugin description" "Capabilities"=dword:000000f0 . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}] @DACL=(02 0000) "Capabilities"=dword:00000003 "FriendlyName"="Border Plug-in" . [HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}] @DACL=(02 0000) "FriendlyName"="res://wmploc.dll/RT_STRING/#5822" "Description"="res://wmploc.dll/RT_STRING/#5823" "Capabilities"=dword:00000003 . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDeviceClasses] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDevices] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SCP\SCPTRANS] @DACL=(02 0000) "ProgID"="MsScp.SCPTRANS.1" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList] @DACL=(02 0000) "SanDiskIM"="SanDisk ;ImageMate III ;2.3" "SanDiskIMb"="E-USB Fl;ash ; " "Lexmark"="Parallel; Flash Unit;" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SP\WMDMCESP] @DACL=(02 0000) "ProgID"="WMDMCESP.WMDMCESP" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SP\WPDSp] @DACL=(02 0000) "PnPAware"=dword:00000001 "ProgID"="WPDSp.WPDServiceProvider" . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'lsass.exe'(524) c:\windows\system32\mswsock.dll . Czas ukończenia: 2012-01-08 15:09:45 ComboFix-quarantined-files.txt 2012-01-08 14:09 ComboFix2.txt 2012-01-07 00:34 . Przed: 14 584 516 608 bajtów wolnych Po: 14 569 267 200 bajtów wolnych . - - End Of File - - C637E54CE5E2F28A502A49B04A1008AE