REGLOOKS logfile - version 0.985 Scan started: 2009-12-29 16:14:52,56 --- INFORMATION --- Manufacturer: PCF - Model: GA-945GZM-S2 Operating System: Microsoft Windows XP Home Edition -- 5.1.2600 -- Dodatek Service Pack 2 -- Processor: Intel® Pentium® D CPU 2.66GHz Work Station Bootmode: Fail-safe with network boot Total RAM: 1023 MB (free 570 MB - 55%) Computername: OEM-BD000E2535A Domain: MSHOME Processor: Intel® Pentium® D CPU 2.66GHz Work Station Bootmode: Fail-safe with network boot Total RAM: 1023 MB (free 570 MB - 55%) Computername: OEM-BD000E2535A Domain: MSHOME User: OEM (Administrator account) Bootdevice: \Device\HarddiskVolume1 Systemdrive: C: Windowsdirectory: C:\WINDOWS Systemdirectory: C:\WINDOWS\system32 Internet Explorer Version: 6.0.2900.2180 Antivirus Program: AVG Anti-Virus Free 9.0 [Enabled - Updated] --- SIGCHECK --- C:\WINDOWS\explorer.exe -- [1033728] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\appmgmts.dll NOT found C:\WINDOWS\system32\browser.dll -- [77312] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\comres.dll -- [822272] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\comctl32.dll -- [611328] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\cryptsvc.dll -- [60416] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\ctfmon.exe -- [15360] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\es.dll -- [253952] -- [2008-07-07 21:33] -- sigcheck OK C:\WINDOWS\system32\eventlog.dll -- [55808] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\ias.dll NOT found C:\WINDOWS\system32\imm32.dll -- [110080] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\kernel32.dll -- [1014784] -- [2009-03-21 15:21] -- sigcheck OK C:\WINDOWS\system32\linkinfo.dll -- [18944] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\lpk.dll -- [22016] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\lsass.exe -- [13312] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\mfc40u.dll -- [924432] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\msgsvc.dll -- [33792] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\mshtml.dll -- [3084288] -- [2009-10-29 06:48] -- sigcheck OK C:\WINDOWS\system32\mspmsnsv.dll -- [25088] -- [2005-01-28 13:44] -- sigcheck OK C:\WINDOWS\system32\mswsock.dll -- [246784] -- [2008-06-20 18:42] -- sigcheck OK C:\WINDOWS\system32\netlogon.dll -- [407040] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\netman.dll -- [198144] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\ntkrnlpa.exe -- [2017280] -- [2009-08-04 18:07] -- sigcheck OK C:\WINDOWS\system32\ntmssvc.dll -- [435712] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\ntoskrnl.exe -- [2137600] -- [2009-08-04 18:07] -- sigcheck OK C:\WINDOWS\system32\pchsvc.dll NOT found C:\WINDOWS\system32\powrprof.dll -- [17408] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\qmgr.dll -- [382464] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\rasauto.dll -- [89088] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\regsvc.dll -- [59904] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\rpcss.dll -- [399360] -- [2009-02-09 11:22] -- sigcheck OK C:\WINDOWS\system32\scecli.dll -- [185344] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\schedsvc.dll -- [192000] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\services.exe -- [111104] -- [2009-02-09 11:10] -- sigcheck OK C:\WINDOWS\system32\sfc.dll -- [5120] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\sfcfiles.dll -- [1548288] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\spoolsv.exe -- [57856] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\srsvc.dll -- [171008] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\ssdpsrv.dll -- [71680] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\svchost.exe -- [14336] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\tapisrv.dll -- [246272] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\termsrv.dll -- [296448] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\upnphost.dll -- [185856] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\user32.dll -- [578560] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\userinit.exe -- [25088] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\wininet.dll -- [664576] -- [2009-10-29 06:48] -- sigcheck OK C:\WINDOWS\system32\winlogon.exe -- [504832] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\ws2_32.dll -- [82944] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\wscntfy.exe -- [13824] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\wuauclt.exe -- [53472] -- [2009-08-06 19:24] -- sigcheck OK C:\WINDOWS\system32\xmlprov.dll -- [129536] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\drivers\acpiec.sys -- [12032] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\drivers\aec.sys -- [142464] -- [2004-08-03 22:39] -- sigcheck OK C:\WINDOWS\system32\drivers\asyncmac.sys -- [14336] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\drivers\atapi.sys -- [95360] -- [2004-08-03 22:59] -- sigcheck OK C:\WINDOWS\system32\drivers\beep.sys -- [4224] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\drivers\classpnp.sys -- [49664] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\drivers\disk.sys -- [36352] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\drivers\iaStor.sys NOT found C:\WINDOWS\system32\drivers\ip6fw.sys -- [29056] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\drivers\kbdclass.sys -- [24960] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\drivers\ndis.sys -- [182912] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\drivers\ntfs.sys -- [574592] -- [2006-03-02 13:00] -- sigcheck OK C:\WINDOWS\system32\drivers\tcpip.sys -- [360320] -- [2008-06-20 11:45] -- sigcheck OK --- SSODL regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectD?elayLoad] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" -- File: %SystemRoot%\system32\SHELL32.dll -- [?] "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" -- File: %SystemRoot%\system32\SHELL32.dll -- [?] "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" -- File: %SystemRoot%\system32\webcheck.dll -- [?] "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" -- File: C:\WINDOWS\system32\stobject.dll -- [122368] -- [2006-03-02 13:00] --- STS regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTask?Scheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Moduł wstępnego ładowania interfejsu Browseui" -- File: %SystemRoot%\system32\browseui.dll -- [?] "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Demon buforu kategorii składników" -- File: %SystemRoot%\system32\browseui.dll -- [?] --- USERINIT regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," File: C:\WINDOWS\system32\userinit.exe -- [25088] -- [2006-03-02 13:00] --- SHELL regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"="Explorer.exe" File: C:\WINDOWS\Explorer.exe -- [1033728] -- [2006-03-02 13:00] --- SYSTEM regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" --- APPINIT_DLLS regkey --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" --- NOTIFY regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] -- File: C:\WINDOWS\system32\avgrsstx.dll -- [12464] -- [2009-12-26 21:11] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] -- File: C:\WINDOWS\system32\crypt32.dll -- [601088] -- [2006-03-02 13:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] -- File: C:\WINDOWS\system32\cryptnet.dll -- [63488] -- [2006-03-02 13:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] -- File: C:\WINDOWS\system32\cscdll.dll -- [102400] -- [2006-03-02 13:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] -- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2006-03-02 13:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] -- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2006-03-02 13:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] -- File: C:\WINDOWS\system32\sclgntfy.dll -- [22016] -- [2006-03-02 13:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] -- File: C:\WINDOWS\system32\WlNotify.dll -- [93184] -- [2006-03-02 13:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] -- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2006-03-02 13:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] -- File: C:\WINDOWS\system32\wlnotify.dll -- [93184] -- [2006-03-02 13:00] --- RUN / LOAD regkeys --- [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] "load"="" --- SHELLEXECUTEHOOKS regkey --- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecu?tehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" -- File: shell32.dll -- [?] --- HKLM AUTORUN regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor] "AutoRun"="" --- HKCU AUTORUN regkeys --- [HKEY_CURRENT_USER\Software\Microsoft\Command Processor] no AutoRun regkey found --- HKLM\RUN regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL" -- File: RTHDCPL.EXE -- [?] "nwiz" -- File: C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install -- [?] "NvMediaCenter" -- File: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit -- [?] "NvCplDaemon" -- File: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup -- [?] "WinampAgent" -- File "C:\Program Files\Winamp\winampa.exe" -- [37888] -- [2009-07-01 17:37] "Adobe Reader Speed Launcher" -- File "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" -- [35696] -- [2009-10-03 04:08] "Adobe ARM" -- File "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" -- [935288] -- [2009-09-04 12:08] "AVG9_TRAY" -- File C:\PROGRA~1\AVG\AVG9\avgtray.exe -- [2033432] -- [2009-12-26 21:17] --- HKLM\RUNONCE regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] no runonce values found --- HKLM\RUNONCEEX regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] no runonceex values found --- HKLM\RUNSERVICES regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] key not found --- HKLM\RUNSERVICESONCE regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] key not found --- HKCU\RUN regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File C:\WINDOWS\system32\ctfmon.exe -- [15360] -- [2006-03-02 13:00] "Gadu-Gadu" -- File: "C:\Program Files\Gadu-Gadu\gg.exe" /tray -- [?] "Skype" -- File: "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [?] "MSMSGS" -- File: "C:\Program Files\Messenger\msmsgs.exe" /background -- [?] "PC Suite Tray" -- File: "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [?] --- HKCU\RUNONCE regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] no runonce values found --- HKCU\RUNONCEEX regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] key not found --- HKCU\RUNSERVICES regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] key not found --- HKCU\RUNSERVICESONCE regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] key not found --- HKU\.DEFAULT\Run regkeys - Default user --- [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2006-03-02 13:00] --- HKU\S-1-5-18\Run regkeys - user SYSTEM --- [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2006-03-02 13:00] --- HKU\S-1-5-19\Run regkeys - User Lokale service --- [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2006-03-02 13:00] --- HKU\S-1-5-20\Run regkeys - User Lokale service --- [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File C:\WINDOWS\system32\CTFMON.EXE -- [15360] -- [2006-03-02 13:00] --- HKLM\Explorer\Run regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\R?un] key not found --- HKCU\Explorer\Run regkeys --- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Ru?n] key not found --- Image File Execution regkeys --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] no debuggers found --- BROWSER HELPER OBJECTS regkeys --- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] -- File: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll -- [75128] -- [2009-02-27 13:07] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] -- File: C:\Program Files\AVG\AVG9\avgssie.dll -- [1484056] -- [2009-12-26 21:17] --- TOOLBAR regkeys --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] no toolbars found --- HKLM\URLSEARCHHOOKS regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks] key not found --- HKCU\URLSEARCHHOOKS regkeys --- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] {CFBFAE00-17A6-11D0-99CB-00C04FD64497} -- File: %SystemRoot%\system32\shdocvw.dll -- [?] --- SRCEENSAVER regkey --- [HKEY_CURRENT_USER\Control Panel\Desktop] "SCRNSAVE.EXE" -- File C:\WINDOWS\system32\logon.scr -- [220672] -- [2006-03-02 13:00] --- ALTERNATESHELL regkey --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot] File: C:\WINDOWS\system32\cmd.exe -- [395776] -- [2006-03-02 13:00] --- SECURITYPROVIDERS regkey --- [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" File: C:\WINDOWS\system32\msapsspc.dll -- [86016] -- [2006-03-02 13:00] File: C:\WINDOWS\system32\schannel.dll -- [168448] -- [2009-06-25 09:48] File: C:\WINDOWS\system32\digest.dll -- [68608] -- [2006-03-02 13:00] File: C:\WINDOWS\system32\msnsspc.dll -- [290816] -- [2006-03-02 13:00] --- Active Setup\Installed Components regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] -- File: %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] -- File: RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -- File: %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{036FD544-AED6-3F33-856D-A2292D0CF471}] -- filepath not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -- File: %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -- File: "%ProgramFiles%\Outlook Express\setup50.exe" /APPWowE /CALLER:WINNT /user /install -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -- File: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] -- File: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -- File: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] -- File: regsvr32.exe /s /n /i:U shell32.dll -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] -- File: %SystemRoot%\system32\ie4uinit.exe -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] -- File: %SystemRoot%\system32\ie4uinit.exe -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -- File: c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install -- [?] --- Services regkey --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ambfilt] -- File: system32\drivers\Ambfilt.sys -- [?] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVG] -- filepath not found [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avg9wd] -- File: "C:\Program Files\AVG\AVG9\avgwdsvc.exe" -- [285392] -- [2009-12-26 21:11] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgLdx86] -- File: \SystemRoot\System32\Drivers\avgldx86.sys -- [?] --- SAFEBOOT MINIMAL SERVICES --- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal Wdf01000.sys --- SAFEBOOT Network SERVICES --- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network DnsCache Wdf01000.sys --- BOOTEXECUTE regkey --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager] "BootExecute"= autocheck autochk *\0\0 --- PENDINGFILERENAMEOPERATIONS regkey --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager] PendingFileRenameOperations key not found --- WOW-CMDLINE regkeys --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW] "cmdline" = %SystemRoot%\system32\ntvdm.exe "cmdline" = %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386 --- NETSVCS regkey --- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- NETSVCS 0WmdmPmSN --- DNS SERVER regkeys --- no "NameServer" values found --- File associations --- .BAT files: ("%1" %*) .COM files: ("%1" %*) .EXE files: ("%1" %*) .HLP files: (%SystemRoot%\System32\winhlp32.exe %1) .INF files: (%SystemRoot%\System32\NOTEPAD.EXE %1) .INI files: (%SystemRoot%\System32\NOTEPAD.EXE %1) .JS files: (%SystemRoot%\System32\WScript.exe "%1" %*) .PIF files: ("%1" %*) .REG files: (regedit.exe "%1") .SCR files: ("%1" /S) .TXT files: (%SystemRoot%\system32\NOTEPAD.EXE %1) .VBS files: (%SystemRoot%\System32\WScript.exe "%1" %*) --- STARTUP FOLDERS --- C:\Documents and Settings\OEM\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2009-11-10 18:15] C:\Documents and Settings\OEM\Menu Start\Programy\Autostart\logoff.lnk -- [1199] -- [2009-12-25 15:58] C:\Documents and Settings\OEM\Menu Start\Programy\Autostart\MorphVOXJr.lnk -- [1715] -- [2009-12-20 16:07] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2009-11-10 18:15] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk -- [1745] -- [2009-12-21 18:54] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RaConfig.lnk -- [610] -- [2009-11-10 18:22] C:\WINDOWS\system32\config\systemprofile\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2009-11-10 18:15] C:\WINDOWS\system32\config\systemprofile\Menu Start\Programy\Autostart\desktop.ini -- [84] -- [2009-11-10 18:15] --- TASK SCHEDULER JOBS --- no .job files found Scan completed: 2009-12-29 16:15:37,59 FINISHED