wklejto.pl

Dodane przez: moria (2008-07-09 23:51) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
\"Silent Runners.vbs\", revision 58, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by \"{++}\"
 
 
Startup items buried in registry:
---------------------------------
 
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\ {++}
\"CTFMON.EXE\" = \"C:\\WINDOWS\\system32\\ctfmon.exe\" [MS]
\"Odkurzacz-MCD\" = \"E:\\Programy_moje\\Odkurzacz_10.9\\Odkurzacz\\odk_mcd.exe\" [\"Franmo Software\"]
\"PowerArchiver Tray\" = \"E:\\Programy_moje\\PowerArchiver2007\\PASTARTER.EXE\" [\"ConeXware, Inc.\"]
\"SpybotSD TeaTimer\" = \"E:\\Programy_moje\\Spy&Bot\\Spybot - Search & Destroy\\TeaTimer.exe\" [\"Safer Networking Limited\"]
 
HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ {++}
\"NVMixerTray\" = \"\"C:\\Program Files\\NVIDIA Corporation\\NvMixer\\NVMixerTray.exe\"\" [\"NVIDIA Corporation\"]
\"ATIPTA\" = \"\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\"\" [\"ATI Technologies, Inc.\"]
\"HPDJ Taskbar Utility\" = \"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb09.exe\" [\"HP\"]
\"HP Software Update\" = \"\"C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd.exe\"\" [\"Hewlett-Packard\"]
\"HP Component Manager\" = \"\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\"\" [\"Hewlett-Packard Company\"]
\"DeviceDiscovery\" = \"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpotdd01.exe\" [\"Hewlett-Packard\"]
\"avast!\" = \"E:\\PROGRA~1\\Avast\\ashDisp.exe\" [\"ALWIL Software\"]
\"SiteAdvisor\" = \"C:\\Program Files\\SiteAdvisor\\6253\\SiteAdv.exe\" [file not found]
 
HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnceEx\\ {++}
\"Flag\" = dword:0x00000002
 
HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\\(Default) = (no title provided)
  -> {HKLM...CLSID} = \"AcroIEHlprObj Class\"
                   \\InProcServer32\\(Default) = \"C:\\Program Files\\Adobe\\Acrobat 7.0\\ActiveX\\AcroIEHelper.dll\" [\"Adobe Systems Incorporated\"]
{089FD14D-132B-48FC-8861-0048AE113215}\\(Default) = (no title provided)
  -> {HKLM...CLSID} = (no title provided)
                   \\InProcServer32\\(Default) = \"C:\\Program Files\\SiteAdvisor\\6261\\SiteAdv.dll\" [\"McAfee, Inc.\"]
{53707962-6F74-2D53-2644-206D7942484F}\\(Default) = (no title provided)
  -> {HKLM...CLSID} = \"Spybot-S&D IE Protection\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\Spy&Bot\\Spybot - Search & Destroy\\SDHelper.dll\" [\"Safer Networking Limited\"]
 
HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\
\"{88895560-9AA2-1069-930E-00AA0030EBC8}\" = \"Rozszerzenie ikony HyperTerminalu\"
  -> {HKLM...CLSID} = \"HyperTerminal Icon Ext\"
                   \\InProcServer32\\(Default) = \"C:\\WINDOWS\\system32\\hticons.dll\" [\"Hilgraeve, Inc.\"]
\"{472083B0-C522-11CF-8763-00608CC02F24}\" = \"avast\"
  -> {HKLM...CLSID} = \"avast\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\Avast\\ashShell.dll\" [\"ALWIL Software\"]
\"{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\" = \"OpenOffice.org Column Handler\"
  -> {HKLM...CLSID} = (no title provided)
                   \\InProcServer32\\(Default) = \"\"C:\\Program Files\\OpenOffice.ux.pl 2.0.2\\program\\shlxthdl.dll\"\" [\"Sun Microsystems, Inc.\"]
\"{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\" = \"OpenOffice.org Infotip Handler\"
  -> {HKLM...CLSID} = (no title provided)
                   \\InProcServer32\\(Default) = \"\"C:\\Program Files\\OpenOffice.ux.pl 2.0.2\\program\\shlxthdl.dll\"\" [\"Sun Microsystems, Inc.\"]
\"{63542C48-9552-494A-84F7-73AA6A7C99C1}\" = \"OpenOffice.org Property Sheet Handler\"
  -> {HKLM...CLSID} = (no title provided)
                   \\InProcServer32\\(Default) = \"\"C:\\Program Files\\OpenOffice.ux.pl 2.0.2\\program\\shlxthdl.dll\"\" [\"Sun Microsystems, Inc.\"]
\"{3B092F0C-7696-40E3-A80F-68D74DA84210}\" = \"OpenOffice.org Thumbnail Viewer\"
  -> {HKLM...CLSID} = (no title provided)
                   \\InProcServer32\\(Default) = \"\"C:\\Program Files\\OpenOffice.ux.pl 2.0.2\\program\\shlxthdl.dll\"\" [\"Sun Microsystems, Inc.\"]
\"{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}\" = \"jetAudio\"
  -> {HKLM...CLSID} = \"JetFlExt\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\jetAudio\\JetFlExt.dll\" [\"JetAudio, Inc.\"]
\"{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}\" = \"Microsoft Office OneNote Namespace Extension for Windows Desktop Search\"
  -> {HKLM...CLSID} = \"Microsoft Office OneNote Namespace Extension for Windows Desktop Search\"
                   \\InProcServer32\\(Default) = \"E:\\PROGRA~1\\MICROS~1\\Office12\\ONFILTER.DLL\" [MS]
\"{42042206-2D85-11D3-8CFF-005004838597}\" = \"Microsoft Office HTML Icon Handler\"
  -> {HKLM...CLSID} = (no title provided)
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\Microsoft_Office_2007\\Office12\\msohevi.dll\" [MS]
\"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\" = \"Microsoft Office Metadata Handler\"
  -> {HKLM...CLSID} = \"Microsoft Office Metadata Handler\"
                   \\InProcServer32\\(Default) = \"C:\\PROGRA~1\\COMMON~1\\MICROS~1\\OFFICE12\\msoshext.dll\" [MS]
\"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}\" = \"Microsoft Office Thumbnail Handler\"
  -> {HKLM...CLSID} = \"Microsoft Office Thumbnail Handler\"
                   \\InProcServer32\\(Default) = \"C:\\PROGRA~1\\COMMON~1\\MICROS~1\\OFFICE12\\msoshext.dll\" [MS]
\"{23170F69-40C1-278A-1000-000100020000}\" = \"7-Zip Shell Extension\"
  -> {HKLM...CLSID} = \"7-Zip Shell Extension\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\7-ZIP\\7-zip.dll\" [\"Igor Pavlov\"]
 
HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad\\
\"WPDShServiceObj\" = \"{AAA288BA-9A4C-45B0-95D7-94D524869DB5}\"
  -> {HKLM...CLSID} = \"WPDShServiceObj Class\"
                   \\InProcServer32\\(Default) = \"C:\\WINDOWS\\system32\\WPDShServiceObj.dll\" [MS]
 
HKLM\\SYSTEM\\CurrentControlSet\\Control\\Session Manager\\
<<!>> \"BootExecute\" = \"autocheck autochk *\"| [file not found]
 
HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\
<<!>> AtiExtEvent\\DLLName = \"Ati2evxx.dll\" [\"ATI Technologies Inc.\"]
 
HKLM\\SOFTWARE\\Classes\\PROTOCOLS\\Filter\\
<<!>> text/xml\\CLSID = \"{807563E5-5146-11D5-A672-00B0D022E945}\"
  -> {HKLM...CLSID} = \"Microsoft Office InfoPath XML Mime Filter\"
                   \\InProcServer32\\(Default) = \"C:\\PROGRA~1\\COMMON~1\\MICROS~1\\OFFICE12\\MSOXMLMF.DLL\" [MS]
 
HKLM\\SOFTWARE\\Classes\\Folder\\shellex\\ColumnHandlers\\
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\\(Default) = \"OpenOffice.org Column Handler\"
  -> {HKLM...CLSID} = (no title provided)
                   \\InProcServer32\\(Default) = \"\"C:\\Program Files\\OpenOffice.ux.pl 2.0.2\\program\\shlxthdl.dll\"\" [\"Sun Microsystems, Inc.\"]
{F9DB5320-233E-11D1-9F84-707F02C10627}\\(Default) = \"PDF Column Info\"
  -> {HKLM...CLSID} = \"PDF Shell Extension\"
                   \\InProcServer32\\(Default) = \"C:\\Program Files\\Adobe\\Acrobat 7.0\\ActiveX\\PDFShell.dll\" [\"Adobe Systems, Inc.\"]
 
HKLM\\SOFTWARE\\Classes\\*\\shellex\\ContextMenuHandlers\\
7-Zip\\(Default) = \"{23170F69-40C1-278A-1000-000100020000}\"
  -> {HKLM...CLSID} = \"7-Zip Shell Extension\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\7-ZIP\\7-zip.dll\" [\"Igor Pavlov\"]
avast\\(Default) = \"{472083B0-C522-11CF-8763-00608CC02F24}\"
  -> {HKLM...CLSID} = \"avast\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\Avast\\ashShell.dll\" [\"ALWIL Software\"]
PowerArchiver\\(Default) = \"{d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e}\"
  -> {HKLM...CLSID} = \"PowerArchiver Shell Extensions\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\PowerArchiver2007\\PASHLEXT.DLL\" [\"ConeXware, Inc.\"]
 
HKLM\\SOFTWARE\\Classes\\Directory\\shellex\\ContextMenuHandlers\\
7-Zip\\(Default) = \"{23170F69-40C1-278A-1000-000100020000}\"
  -> {HKLM...CLSID} = \"7-Zip Shell Extension\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\7-ZIP\\7-zip.dll\" [\"Igor Pavlov\"]
jetAudio\\(Default) = \"{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}\"
  -> {HKLM...CLSID} = \"JetFlExt\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\jetAudio\\JetFlExt.dll\" [\"JetAudio, Inc.\"]
 
HKLM\\SOFTWARE\\Classes\\Folder\\shellex\\ContextMenuHandlers\\
avast\\(Default) = \"{472083B0-C522-11CF-8763-00608CC02F24}\"
  -> {HKLM...CLSID} = \"avast\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\Avast\\ashShell.dll\" [\"ALWIL Software\"]
jetAudio\\(Default) = \"{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}\"
  -> {HKLM...CLSID} = \"JetFlExt\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\jetAudio\\JetFlExt.dll\" [\"JetAudio, Inc.\"]
PowerArchiver\\(Default) = \"{d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e}\"
  -> {HKLM...CLSID} = \"PowerArchiver Shell Extensions\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\PowerArchiver2007\\PASHLEXT.DLL\" [\"ConeXware, Inc.\"]
 
 
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
 
Note: detected settings may not have any effect.
 
HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\
 
\"shutdownwithoutlogon\" = (REG_DWORD) dword:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}
 
\"undockwithoutlogon\" = (REG_DWORD) dword:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}
 
 
Active Desktop and Wallpaper:
-----------------------------
 
Active Desktop may be disabled at this entry:
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ShellState
 
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\\Software\\Microsoft\\Internet Explorer\\Desktop\\General\\
\"Wallpaper\" = \"C:\\WINDOWS\\system32\\config\\systemprofile\\Ustawienia lokalne\\Dane aplikacji\\Microsoft\\Wallpaper1.bmp\"
 
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\\Control Panel\\Desktop\\
\"Wallpaper\" = \"C:\\Documents and Settings\\Dorota\\Dane aplikacji\\Ashampoo Photo Commander 5\\Ashampoo Photo Commander 5 Wallpaper.bmp\"
 
 
Enabled Screen Saver:
---------------------
 
HKCU\\Control Panel\\Desktop\\
\"SCRNSAVE.EXE\" = \"C:\\WINDOWS\\system32\\sstext3d.scr\" [MS]
 
 
Windows Portable Device AutoPlay Handlers
-----------------------------------------
 
HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\AutoplayHandlers\\Handlers\\
 
AshampooPhotoCommanderAutoplay\\
\"Provider\" = \"Ashampoo Photo Commander\"
\"InvokeProgID\" = \"APC.AUTOPLAY\"
\"InvokeVerb\" = \"open\"
HKCU\\Software\\Classes\\APC.AUTOPLAY\\shell\\open\\command\\(Default) = \"\"E:\\Programy_moje\\Ashampoo_Photo_Commander\\Ashampoo Photo Commander 5\\apc.exe\" -t=\"%1\"\" [\"Nikolaus Brennig\"]
 
ASHAshampoo_Burning_Studio_2008BURNONARRIVAL\\
\"Provider\" = \"Ashampoo Burning Studio 2008\"
\"InvokeProgID\" = \"Ashampoo.BurningStudio2008\"
\"InvokeVerb\" = \"autoplay-burn\"
HKLM\\SOFTWARE\\Classes\\Ashampoo.BurningStudio2008\\shell\\autoplay-burn\\Command\\(Default) = \"E:\\Programy_moje\\AshampooBurningStudio_2008\\Ashampoo Burning Studio 2008\\burningstudio.exe\" -autoplay -selectdrive \"%l\"\" [file not found]
 
ASHAshampoo_Burning_Studio_2008COPYONARRIVAL\\
\"Provider\" = \"Ashampoo Burning Studio 2008\"
\"InvokeProgID\" = \"Ashampoo.BurningStudio2008\"
\"InvokeVerb\" = \"autoplay-copy\"
HKLM\\SOFTWARE\\Classes\\Ashampoo.BurningStudio2008\\shell\\autoplay-copy\\Command\\(Default) = \"E:\\Programy_moje\\AshampooBurningStudio_2008\\Ashampoo Burning Studio 2008\\burningstudio.exe\" -autoplay -selectdrive \"%l\" -copy\" [file not found]
 
ASHAshampoo_Burning_Studio_2008RIPONARRIVAL\\
\"Provider\" = \"Ashampoo Burning Studio 2008\"
\"InvokeProgID\" = \"Ashampoo.BurningStudio2008\"
\"InvokeVerb\" = \"autoplay-rip\"
HKLM\\SOFTWARE\\Classes\\Ashampoo.BurningStudio2008\\shell\\autoplay-rip\\Command\\(Default) = \"E:\\Programy_moje\\AshampooBurningStudio_2008\\Ashampoo Burning Studio 2008\\burningstudio.exe\" -autoplay -selectdrive \"%l\" -rip\" [file not found]
 
ASHAshampoo_Burning_Studio_6BURNONARRIVAL\\
\"Provider\" = \"Ashampoo Burning Studio 6\"
\"InvokeProgID\" = \"Ashampoo.BurningStudio6\"
\"InvokeVerb\" = \"autoplay-burn\"
HKLM\\SOFTWARE\\Classes\\Ashampoo.BurningStudio6\\shell\\autoplay-burn\\Command\\(Default) = \"\"E:\\Programy_moje\\Ashampoo Burning Studio 6\\burningstudio.exe\" -autoplay -selectdrive \"%l\"\" [\"ashampoo Technology GmbH & Co. KG\"]
 
ASHAshampoo_Burning_Studio_6COPYONARRIVAL\\
\"Provider\" = \"Ashampoo Burning Studio 6\"
\"InvokeProgID\" = \"Ashampoo.BurningStudio6\"
\"InvokeVerb\" = \"autoplay-copy\"
HKLM\\SOFTWARE\\Classes\\Ashampoo.BurningStudio6\\shell\\autoplay-copy\\Command\\(Default) = \"\"E:\\Programy_moje\\Ashampoo Burning Studio 6\\burningstudio.exe\" -autoplay -selectdrive \"%l\" -copy\" [\"ashampoo Technology GmbH & Co. KG\"]
 
ASHAshampoo_Burning_Studio_6RIPONARRIVAL\\
\"Provider\" = \"Ashampoo Burning Studio 6\"
\"InvokeProgID\" = \"Ashampoo.BurningStudio6\"
\"InvokeVerb\" = \"autoplay-rip\"
HKLM\\SOFTWARE\\Classes\\Ashampoo.BurningStudio6\\shell\\autoplay-rip\\Command\\(Default) = \"\"E:\\Programy_moje\\Ashampoo Burning Studio 6\\burningstudio.exe\" -autoplay -selectdrive \"%l\" -rip\" [\"ashampoo Technology GmbH & Co. KG\"]
 
DMFMADFolder\\
\"Provider\" = \"Ulead DVD MovieFactory 3\"
\"ProgID\" = \"Shell.HWEventHandlerShellExecute\"
\"InitCmdLine\" = \"C:\\Program Files\\Ulead Systems\\Ulead DVD MovieFactory 3 SE\\DVDMF.exe\"
HKLM\\SOFTWARE\\Classes\\Shell.HWEventHandlerShellExecute\\CLSID\\(Default) = \"{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}\"
  -> {HKLM...CLSID} = \"ShellExecute HW Event Handler\"
                   \\LocalServer32\\(Default) = \"rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}\" [MS]
 
DVDDecrypterPlayDVDMovieOnArrival\\
\"Provider\" = \"DVD Decrypter\"
\"InvokeProgID\" = \"DVDDecrypter\"
\"InvokeVerb\" = \"PlayDVDMovieOnArrival_Decrypt\"
HKLM\\SOFTWARE\\Classes\\DVDDecrypter\\shell\\PlayDVDMovieOnArrival_Decrypt\\Command\\(Default) = \"\"E:\\Programy_moje\\DVD_Decrypter\\DVD Decrypter\\DVDDecrypter.exe\" /MODE READ /SOURCE \"%1\"\" [\"LIGHTNING UK!\"]
 
JABurnCDAudioOnArrival\\
\"Provider\" = \"jetAudio\"
\"InvokeProgID\" = \"jetAudio.MediaHandler\"
\"InvokeVerb\" = \"burncd\"
HKLM\\SOFTWARE\\Classes\\jetAudio.MediaHandler\\shell\\burncd\\command\\(Default) = \"\"E:\\Programy_moje\\jetAudio\\jetAudio.exe\" /burncd \"%1\"\" [\"JetAudio, Inc.\"]
 
JACreateAlbumOnArrival\\
\"Provider\" = \"jetAudio\"
\"InvokeProgID\" = \"jetAudio.MediaHandler\"
\"InvokeVerb\" = \"createalbum\"
HKLM\\SOFTWARE\\Classes\\jetAudio.MediaHandler\\shell\\createalbum\\command\\(Default) = \"\"E:\\Programy_moje\\jetAudio\\jetAudio.exe\" /createalbum \"%1\"\" [\"JetAudio, Inc.\"]
 
JAPlayCDAudioOnArrival\\
\"Provider\" = \"jetAudio\"
\"InvokeProgID\" = \"jetAudio.MediaHandler\"
\"InvokeVerb\" = \"playcd\"
HKLM\\SOFTWARE\\Classes\\jetAudio.MediaHandler\\shell\\playcd\\command\\(Default) = \"\"E:\\Programy_moje\\jetAudio\\jetAudio.exe\" /playcd \"%1\"\" [\"JetAudio, Inc.\"]
 
JAPlayDVDMovieOnArrival\\
\"Provider\" = \"jetAudio\"
\"InvokeProgID\" = \"jetAudio.MediaHandler\"
\"InvokeVerb\" = \"playdvd\"
HKLM\\SOFTWARE\\Classes\\jetAudio.MediaHandler\\shell\\playdvd\\command\\(Default) = \"\"E:\\Programy_moje\\jetAudio\\jetAudio.exe\" /playdvd \"%1\"\" [\"JetAudio, Inc.\"]
 
JAPlayMediaOnArrival\\
\"Provider\" = \"jetAudio\"
\"InvokeProgID\" = \"jetAudio.MediaHandler\"
\"InvokeVerb\" = \"playmedia\"
HKLM\\SOFTWARE\\Classes\\jetAudio.MediaHandler\\shell\\playmedia\\DropTarget\\CLSID = \"{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}\"
  -> {HKLM...CLSID} = \"JetFlExt\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\jetAudio\\JetFlExt.dll\" [\"JetAudio, Inc.\"]
 
JARipCDAudioOnArrival\\
\"Provider\" = \"jetAudio\"
\"InvokeProgID\" = \"jetAudio.MediaHandler\"
\"InvokeVerb\" = \"ripcd\"
HKLM\\SOFTWARE\\Classes\\jetAudio.MediaHandler\\shell\\ripcd\\command\\(Default) = \"\"E:\\Programy_moje\\jetAudio\\jetAudio.exe\" /ripcd \"%1\"\" [\"JetAudio, Inc.\"]
 
MSWMEncVCArrival\\
\"Provider\" = \"Windows Media Encoder 9 Series\"
\"ProgID\" = \"Shell.HWEventHandlerShellExecute\"
\"InitCmdLine\" = \"C:\\Program Files\\Windows Media Components\\Encoder\\WMEnc.exe\"
HKLM\\SOFTWARE\\Classes\\Shell.HWEventHandlerShellExecute\\CLSID\\(Default) = \"{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}\"
  -> {HKLM...CLSID} = \"ShellExecute HW Event Handler\"
                   \\LocalServer32\\(Default) = \"rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}\" [MS]
 
MSWPDShellNamespaceHandler\\
\"Provider\" = \"@%SystemRoot%\\System32\\WPDShextRes.dll,-501\"
\"CLSID\" = \"{A55803CC-4D53-404c-8557-FD63DBA95D24}\"
\"InitCmdLine\" = \" \"
  -> {HKLM...CLSID} = \"WPDShextAutoplay\"
                   \\LocalServer32\\(Default) = \"C:\\WINDOWS\\system32\\WPDShextAutoplay.exe\" [MS]
 
 
Startup items in \"Dorota\" & \"All Users\" startup folders:
--------------------------------------------------------
 
C:\\Documents and Settings\\All Users\\Menu Start\\Programy\\Autostart
\"Adobe Reader Speed Launch\" -> shortcut to: \"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\reader_sl.exe\" [\"Adobe Systems Incorporated\"]
 
 
Winsock2 Service Provider DLLs:
-------------------------------
 
Namespace Service Providers
 
HKLM\\SYSTEM\\CurrentControlSet\\Services\\Winsock2\\Parameters\\NameSpace_Catalog5\\Catalog_Entries\\ {++}
000000000001\\LibraryPath = \"%SystemRoot%\\System32\\mswsock.dll\" [MS]
000000000002\\LibraryPath = \"%SystemRoot%\\System32\\winrnr.dll\" [MS]
000000000003\\LibraryPath = \"%SystemRoot%\\System32\\mswsock.dll\" [MS]
 
Transport Service Providers
 
HKLM\\SYSTEM\\CurrentControlSet\\Services\\Winsock2\\Parameters\\Protocol_Catalog9\\Catalog_Entries\\ {++}
0000000000##\\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\\system32\\mswsock.dll [MS], 01 - 03, 06 - 17
%SystemRoot%\\system32\\rsvpsp.dll [MS], 04 - 05
 
 
Toolbars, Explorer Bars, Extensions:
------------------------------------
 
Toolbars
 
HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar\\
\"{0BF43445-2F28-4351-9252-17FE6E806AA0}\" = \"McAfee SiteAdvisor\"
  -> {HKLM...CLSID} = \"McAfee SiteAdvisor\"
                   \\InProcServer32\\(Default) = \"C:\\Program Files\\SiteAdvisor\\6261\\SiteAdv.dll\" [\"McAfee, Inc.\"]
 
Explorer Bars
 
HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Explorer Bars\\
 
HKLM\\SOFTWARE\\Classes\\CLSID\\{720E6864-6D18-48EC-A154-A0E4E50670E4}\\(Default) = \"&Ramka Tłumaczenia\"
Implemented Categories\\{00021494-0000-0000-C000-000000000046}\\ [horizontal bar]
InProcServer32\\(Default) = \"E:\\Programy_moje\\Tłumacz_Rosyjski\\InternetTranslatorRusPol.dll\" [\"Techland\"]
 
HKLM\\SOFTWARE\\Classes\\CLSID\\{959F1BF8-8EF0-4139-A147-FD3FF0044C3A}\\(Default) = \"&Słownik Podręczny\"
Implemented Categories\\{00021493-0000-0000-C000-000000000046}\\ [vertical bar]
InProcServer32\\(Default) = \"E:\\Programy_moje\\Tłumacz_Rosyjski\\InternetTranslatorRusPol.dll\" [\"Techland\"]
 
HKLM\\SOFTWARE\\Classes\\CLSID\\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\\(Default) = \"&Poszukaj\"
Implemented Categories\\{00021493-0000-0000-C000-000000000046}\\ [vertical bar]
InProcServer32\\(Default) = \"E:\\PROGRA~1\\MICROS~1\\Office12\\REFIEBAR.DLL\" [MS]
 
Extensions (Tools menu items, main toolbar menu buttons)
 
HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Extensions\\
{2670000A-7350-4F3C-8081-5663EE0C6C49}\\
\"ButtonText\" = \"Wyślij do programu OneNote\"
\"MenuText\" = \"Wyślij &do programu OneNote\"
\"CLSIDExtension\" = \"{48E73304-E1D6-4330-914C-F5F514E3486C}\"
  -> {HKLM...CLSID} = \"Send to OneNote from Internet Explorer button\"
                   \\InProcServer32\\(Default) = \"E:\\PROGRA~1\\MICROS~1\\Office12\\ONBttnIE.dll\" [MS]
 
{92780B25-18CC-41C8-B9BE-3C9C571A8263}\\
\"ButtonText\" = \"Research\"
 
{94C70A96-012C-4171-98FC-C1971511F20D}\\
\"MenuText\" = \"@E:\\Programy_moje\\Tłumacz_Rosyjski\\InternetTranslatorRusPol.dll,-103\"
\"CLSIDExtension\" = \"{94C70A96-012C-4171-98FC-C1971511F20D}\"
  -> {HKLM...CLSID} = \"InternetTranslatorProperties Class\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\Tłumacz_Rosyjski\\InternetTranslatorRusPol.dll\" [\"Techland\"]
 
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\\
\"MenuText\" = \"Spybot - Search && Destroy Configuration\"
\"CLSIDExtension\" = \"{53707962-6F74-2D53-2644-206D7942484F}\"
  -> {HKLM...CLSID} = \"Spybot-S&D IE Protection\"
                   \\InProcServer32\\(Default) = \"E:\\Programy_moje\\Spy&Bot\\Spybot - Search & Destroy\\SDHelper.dll\" [\"Safer Networking Limited\"]
 
{E2E2DD38-D088-4134-82B7-F2BA38496583}\\
\"MenuText\" = \"@xpsp3res.dll,-20001\"
\"Exec\" = \"%windir%\\Network Diagnostic\\xpnetdiag.exe\" [MS]
 
{FB5F1910-F110-11D2-BB9E-00C04F795683}\\
\"ButtonText\" = \"Messenger\"
\"MenuText\" = \"Windows Messenger\"
\"Exec\" = \"C:\\Program Files\\Messenger\\msmsgs.exe\" [MS]
 
 
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
 
Ati HotKey Poller, Ati HotKey Poller, \"C:\\WINDOWS\\system32\\Ati2evxx.exe\" [\"ATI Technologies Inc.\"]
avast! Antivirus, avast! Antivirus, \"\"E:\\Programy_moje\\Avast\\ashServ.exe\"\" [\"ALWIL Software\"]
avast! iAVS4 Control Service, aswUpdSv, \"\"E:\\Programy_moje\\Avast\\aswUpdSv.exe\"\" [\"ALWIL Software\"]
avast! Mail Scanner, avast! Mail Scanner, \"\"E:\\Programy_moje\\Avast\\ashMaiSv.exe\" /service\" [\"ALWIL Software\"]
avast! Web Scanner, avast! Web Scanner, \"\"E:\\Programy_moje\\Avast\\ashWebSv.exe\" /service\" [\"ALWIL Software\"]
DiskMagik Service, DiskMgkS, \"E:\\Programy_moje\\DiscMagik_2.2.0\\DiskMgkS.exe\" [\"RoseCity Software\"]
Machine Debug Manager, MDM, \"\"C:\\Program Files\\Common Files\\Microsoft Shared\\VS7DEBUG\\MDM.EXE\"\" [MS]
Ulead Burning Helper, UleadBurningHelper, \"C:\\Program Files\\Common Files\\Ulead Systems\\DVD\\ULCDRSvr.exe\" [\"Ulead Systems, Inc.\"]
User Profile Hive Cleanup, UPHClean, \"C:\\Program Files\\UPHClean\\uphclean.exe\" [MS]
Usługa SiteAdvisor, SiteAdvisor Service, \"\"C:\\Program Files\\SiteAdvisor\\6261\\SAService.exe\"\" [\"McAfee, Inc.\"]
 
 
Print Monitors:
---------------
 
HKLM\\SYSTEM\\CurrentControlSet\\Control\\Print\\Monitors\\
hpzlnt09\\Driver = \"hpzlnt09.dll\" [\"HP\"]
Send To Microsoft OneNote Monitor\\Driver = \"msonpmon.dll\" [MS]
 
 
---------- (launch time: 2008-07-09 23:52:28)
<<!>>: Suspicious data at a malware launch point.
 
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
  launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
  DLL launch points, use the -supp parameter or answer \"No\" at the
  first message box and \"Yes\" at the second message box.
---------- (total run time: 41 seconds, including 7 seconds for message boxes)
 
Wygenerowano w 0.154s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!