Results of system analysis

AVZ 4.32 http://z-oleg.com/secur/avz/

Process List

File namePIDDescriptionCopyrightMD5Information
c:\program files\avg\avg9\avgchsvx.exe
Script: Quarantine, Delete, Delete via BC, Terminate		3224AVG Cache ServerCopyright © 2010 AVG Technologies CZ, s.r.o.??1075.34 kb, rsAh,
created: 1.1.2008 1:17:39,
modified: 2.4.2010 9:52:35
Command line:
c:\program files\avg\avg9\avgchsvx.exe
Script: Quarantine, Delete, Delete via BC, Terminate		3192AVG Cache ServerCopyright © 2010 AVG Technologies CZ, s.r.o.??1075.34 kb, rsAh,
created: 1.1.2008 1:17:39,
modified: 2.4.2010 9:52:35
Command line:
c:\program files\avg\avg9\avgcsrvx.exe
Script: Quarantine, Delete, Delete via BC, Terminate		3260AVG Scanning Core Module - Server PartCopyright © 2010 AVG Technologies CZ, s.r.o.??693.77 kb, rsAh,
created: 1.1.2008 1:17:33,
modified: 1.1.2008 1:17:33
Command line:
c:\program files\avg\avg9\avgnsx.exe
Script: Quarantine, Delete, Delete via BC, Terminate		604AVG Network scanner ServiceCopyright © 2010 AVG Technologies CZ, s.r.o.??603.27 kb, rsAh,
created: 1.1.2008 1:17:56,
modified: 1.1.2008 1:17:57
Command line:
c:\program files\avg\avg9\avgrsx.exe
Script: Quarantine, Delete, Delete via BC, Terminate		316AVG Resident Shield ServiceCopyright © 2010 AVG Technologies CZ, s.r.o.??496.27 kb, rsAh,
created: 1.1.2008 1:17:57,
modified: 1.1.2008 1:17:57
Command line:
c:\progra~1\avg\avg9\avgtray.exe
Script: Quarantine, Delete, Delete via BC, Terminate		2876AVG Tray MonitorCopyright © 2010 AVG Technologies CZ, s.r.o.??2015.84 kb, rsAh,
created: 1.1.2008 1:18:05,
modified: 2.4.2010 9:52:57
Command line:
"C:\PROGRA~1\AVG\AVG9\avgtray.exe"
c:\program files\avg\avg9\avgupd.exe
Script: Quarantine, Delete, Delete via BC, Terminate		2444AVG Update moduleCopyright © 2010 AVG Technologies CZ, s.r.o.??1014.34 kb, rsAh,
created: 30.1.2010 17:24:14,
modified: 2.4.2010 9:51:51
Command line:
c:\program files\avg\avg9\avgwdsvc.exe
Script: Quarantine, Delete, Delete via BC, Terminate		208AVG Watchdog ServiceCopyright © 2010 AVG Technologies CZ, s.r.o.??300.84 kb, rsAh,
created: 1.1.2008 1:17:50,
modified: 1.1.2008 1:17:50
Command line:
c:\documents and settings\administrator\plocha\avz4\avz4\avz.exe
Script: Quarantine, Delete, Delete via BC, Terminate		4024???????????? ??????? AVZ???????????? ??????? AVZ??733.00 kb, rsAh,
created: 8.4.2010 20:19:13,
modified: 21.8.2009 14:40:32
Command line:
"C:\Documents and Settings\Administrator\Plocha\avz4\avz4\avz.exe"
c:\program files\canon\myprinter\bjmyprt.exe
Script: Quarantine, Delete, Delete via BC, Terminate		2884Canon My PrinterCopyright 2004-2009 CANON INC. All Rights Reserved.??1937.32 kb, rsAh,
created: 6.2.2010 21:58:35,
modified: 27.7.2009 4:10:00
Command line:
"C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" /logon
c:\windows\system32\ctfmon.exe
Script: Quarantine, Delete, Delete via BC, Terminate		1500CTF Loader© Microsoft Corporation. All rights reserved.??39.50 kb, rsAh,
created: 17.8.2004 14:49:24,
modified: 14.4.2008 9:52:18
Command line:
"C:\WINDOWS\system32\ctfmon.exe"
c:\program files\faronics\deep freeze\install c-0\dfserv.exe
Script: Quarantine, Delete, Delete via BC, Terminate		1048Deep Freeze 6.53 serviceCopyright © 1999-2009 Faronics Corporation??1031.50 kb, rsAh,
created: 5.8.2009 18:38:58,
modified: 5.8.2009 18:38:58
Command line:
c:\windows\explorer.exe
Script: Quarantine, Delete, Delete via BC, Terminate		1376Průzkumník Windows© Microsoft Corporation. Všechna práva vyhrazena.??1505.00 kb, rsAh,
created: 17.8.2004 14:49:24,
modified: 14.4.2008 9:52:24
Command line:
C:\WINDOWS\Explorer.EXE
c:\program files\mozilla firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC, Terminate		3088Firefox©Firefox and Mozilla Developers, according to the MPL 1.1/GPL 2.0/LGPL 2.1 licenses, as applicable.??888.96 kb, rsAh,
created: 19.12.2009 21:20:15,
modified: 8.4.2010 20:15:31
Command line:
"C:\Program Files\Mozilla Firefox\firefox.exe"
c:\program files\faronics\deep freeze\install c-0\_$df\frzstate2k.exe
Script: Quarantine, Delete, Delete via BC, Terminate		2052Deep Freeze 6.53 utilityCopyright © 1999-2009 Faronics Corporation??1780.12 kb, rsAh,
created: 8.4.2010 20:14:53,
modified: 8.4.2010 20:14:53
Command line:
"C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe" 1 106917
c:\program files\gigabyte\gamer hud\hud.exe
Script: Quarantine, Delete, Delete via BC, Terminate		2460  ??1895.50 kb, rsAh,
created: 26.6.2008 16:49:44,
modified: 26.6.2008 16:49:44
Command line:
"C:\Program Files\GIGABYTE\Gamer HUD\HUD.exe"
c:\program files\canon\ijplm\ijplmsvc.exe
Script: Quarantine, Delete, Delete via BC, Terminate		1516Inkjet Printer/Scanner/Fax Extended Servey Program ServiceCopyright CANON INC. 2006-2009 All Rights Reserved??113.38 kb, rsAh,
created: 6.2.2010 22:04:56,
modified: 10.2.2009 18:01:49
Command line:
c:\program files\common files\installshield\updateservice\issch.exe
Script: Quarantine, Delete, Delete via BC, Terminate		2936InstallShield Update Service SchedulerCopyright (C) 1990-2004 InstallShield Software Corporation??68.00 kb, rsAh,
created: 16.2.2010 16:31:29,
modified: 13.4.2004 7:07:18
Command line:
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
c:\program files\java\jre6\bin\jqs.exe
Script: Quarantine, Delete, Delete via BC, Terminate		1684Java(TM) Quick Starter ServiceCopyright © 2004??149.78 kb, rsAh,
created: 4.1.2010 22:26:36,
modified: 4.1.2010 22:26:36
Command line:
c:\program files\java\jre6\bin\jusched.exe
Script: Quarantine, Delete, Delete via BC, Terminate		2868Java(TM) Platform SE binaryCopyright © 2004??145.78 kb, rsAh,
created: 4.1.2010 22:26:36,
modified: 4.1.2010 22:26:36
Command line:
"C:\Program Files\Java\jre6\bin\jusched.exe"
c:\windows\system32\lsass.exe
Script: Quarantine, Delete, Delete via BC, Terminate		872LSA Shell (Export Version)© Microsoft Corporation. All rights reserved.??13.00 kb, rsAh,
created: 17.8.2004 14:49:24,
modified: 14.4.2008 9:52:30
Command line:
c:\windows\system32\nvsvc32.exe
Script: Quarantine, Delete, Delete via BC, Terminate		1088NVIDIA Driver Helper Service, Version 177.83(C) NVIDIA Corporation. All rights reserved.??160.07 kb, rsAh,
created: 16.3.2010 3:37:50,
modified: 2.8.2008 6:20:00
Command line:
c:\windows\system32\pnkbstra.exe
Script: Quarantine, Delete, Delete via BC, Terminate		504  ??73.30 kb, rsAh,
created: 19.12.2009 22:07:29,
modified: 23.2.2010 22:26:24
Command line:
PresentationFontCache.exe
Script: Quarantine, Delete, Delete via BC, Terminate		3032  ??error getting file info
Command line:
c:\windows\rthdcpl.exe
Script: Quarantine, Delete, Delete via BC, Terminate		280Realtek HD Audio Control PanelCopyright (c) 2004 Realtek Semiconductor Corp.??15888.00 kb, rsAh,
created: 19.12.2009 20:34:19,
modified: 30.10.2006 19:49:54
Command line:
"C:\WINDOWS\RTHDCPL.EXE"
c:\windows\system32\rundll32.exe
Script: Quarantine, Delete, Delete via BC, Terminate		3956Run a DLL as an App© Microsoft Corporation. Všechna práva vyhrazena.??34.00 kb, rsAh,
created: 17.8.2004 14:49:28,
modified: 14.4.2008 9:52:44
Command line:
"C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
c:\windows\system32\services.exe
Script: Quarantine, Delete, Delete via BC, Terminate		860Services and Controller app© Microsoft Corporation. Všechna práva vyhrazena.??108.50 kb, rsAh,
created: 17.8.2004 14:49:28,
modified: 9.2.2009 13:25:57
Command line:
c:\windows\system32\spoolsv.exe
Script: Quarantine, Delete, Delete via BC, Terminate		1964Spooler SubSystem App© Microsoft Corporation. All rights reserved.??56.50 kb, rsAh,
created: 17.8.2004 14:49:28,
modified: 14.4.2008 9:52:50
Command line:
c:\windows\system32\svchost.exe
Script: Quarantine, Delete, Delete via BC, Terminate		1116Generic Host Process for Win32 Services© Microsoft Corporation. All rights reserved.??14.00 kb, rsAh,
created: 17.8.2004 14:49:28,
modified: 14.4.2008 9:52:50
Command line:
c:\windows\system32\svchost.exe
Script: Quarantine, Delete, Delete via BC, Terminate		1224Generic Host Process for Win32 Services© Microsoft Corporation. All rights reserved.??14.00 kb, rsAh,
created: 17.8.2004 14:49:28,
modified: 14.4.2008 9:52:50
Command line:
c:\windows\system32\svchost.exe
Script: Quarantine, Delete, Delete via BC, Terminate		1280Generic Host Process for Win32 Services© Microsoft Corporation. All rights reserved.??14.00 kb, rsAh,
created: 17.8.2004 14:49:28,
modified: 14.4.2008 9:52:50
Command line:
c:\windows\system32\winlogon.exe
Script: Quarantine, Delete, Delete via BC, Terminate		816Windows NT Logon Application© Microsoft Corporation. Všechna práva vyhrazena.??534.50 kb, rsAh,
created: 17.8.2004 14:49:28,
modified: 14.4.2008 9:52:54
Command line:
c:\windows\system32\wbem\wmiapsrv.exe
Script: Quarantine, Delete, Delete via BC, Terminate		4028WMI Performance Adapter Service© Microsoft Corporation. Všechna práva vyhrazena.??123.50 kb, rsAh,
created: 19.12.2009 20:17:27,
modified: 14.4.2008 9:52:54
Command line:
c:\windows\system32\wuauclt.exe
Script: Quarantine, Delete, Delete via BC, Terminate		2268Windows Update© Microsoft Corporation. All rights reserved.??52.22 kb, rsAh,
created: 19.12.2009 20:18:33,
modified: 6.8.2009 20:24:06
Command line:
Detected:44, recognized as trusted 23
Module nameHandleDescriptionCopyrightMD5Used by processes
C:\Program Files\AVG\AVG9\avgcclix.dll
Script: Quarantine, Delete, Delete via BC		268435456AVG Scanning Core Module - Client PartCopyright © 2010 AVG Technologies CZ, s.r.o.--316
C:\Program Files\AVG\AVG9\avgcertx.dll
Script: Quarantine, Delete, Delete via BC		1853358080AVG Cert SDKCopyright © 2010 AVG Technologies CZ, s.r.o.--3224, 3260
C:\Program Files\AVG\AVG9\avgcfgx.dll
Script: Quarantine, Delete, Delete via BC		1787953152AVG Configuration ModuleCopyright © 2010 AVG Technologies CZ, s.r.o.--2876, 2444, 3088
C:\Program Files\AVG\AVG9\avgchclx.dll
Script: Quarantine, Delete, Delete via BC		1852833792AVG Cache Manager Module - Client PartCopyright © 2010 AVG Technologies CZ, s.r.o.--3260
C:\Program Files\AVG\AVG9\avgchjwx.dll
Script: Quarantine, Delete, Delete via BC		1854341120AVG Scanning Cache ModuleCopyright © 2010 AVG Technologies CZ, s.r.o.--3224
C:\Program Files\AVG\AVG9\avgchsvx.exe
Script: Quarantine, Delete, Delete via BC		4194304AVG Cache ServerCopyright © 2010 AVG Technologies CZ, s.r.o.??3224
C:\Program Files\AVG\AVG9\avgclitx.dll
Script: Quarantine, Delete, Delete via BC		1789329408AVG Scanning Core Module - Lite VersionCopyright © 2010 AVG Technologies CZ, s.r.o.--3224
C:\Program Files\AVG\AVG9\avgcorex.dll
Script: Quarantine, Delete, Delete via BC		1789984768AVG Scanning Core ModuleCopyright © 2010 AVG Technologies CZ, s.r.o.--3260
C:\Program Files\AVG\AVG9\avgcsrvx.exe
Script: Quarantine, Delete, Delete via BC		4194304AVG Scanning Core Module - Server PartCopyright © 2010 AVG Technologies CZ, s.r.o.??3260
C:\Program Files\AVG\AVG9\avginet.dll
Script: Quarantine, Delete, Delete via BC		1806303232AVG Update downloaderCopyright © 2010 AVG Technologies CZ, s.r.o.--2444
C:\Program Files\AVG\AVG9\avglngx.dll
Script: Quarantine, Delete, Delete via BC		1807548416AVG Language ModuleCopyright © 2010 AVG Technologies CZ, s.r.o.--2876, 3088
C:\Program Files\AVG\AVG9\avglogx.dll
Script: Quarantine, Delete, Delete via BC		1808072704AVG Logging LibraryCopyright © 2010 AVG Technologies CZ, s.r.o.--3224, 3260, 316, 2876, 2444, 3088
C:\Program Files\AVG\AVG9\avglvex.dll
Script: Quarantine, Delete, Delete via BC		74448896AVG Prevalence Reporting LibraryCopyright © 2010 AVG Technologies CZ, s.r.o.--3088
C:\Program Files\AVG\AVG9\avgrsx.exe
Script: Quarantine, Delete, Delete via BC		4194304AVG Resident Shield ServiceCopyright © 2010 AVG Technologies CZ, s.r.o.??316
C:\Program Files\AVG\AVG9\avgse.dll
Script: Quarantine, Delete, Delete via BC		1815281664AVG Shell ExtensionCopyright © 2010 AVG Technologies CZ, s.r.o.--1376
C:\Program Files\AVG\AVG9\AVGUIRES.DLL
Script: Quarantine, Delete, Delete via BC		1829437440AVG User Interface Resource LibraryCopyright © 2010 AVG Technologies CZ, s.r.o.--2876
C:\Program Files\AVG\AVG9\avgupd.dll
Script: Quarantine, Delete, Delete via BC		1833041920AVG Update library moduleCopyright © 2010 AVG Technologies CZ, s.r.o.--2444
C:\Program Files\AVG\AVG9\avgupd.exe
Script: Quarantine, Delete, Delete via BC		4194304AVG Update moduleCopyright © 2010 AVG Technologies CZ, s.r.o.??2444
C:\Program Files\AVG\AVG9\avgxpl.dll
Script: Quarantine, Delete, Delete via BC		1840840704LinkScanner SDKCopyright © 2010 AVG Technologies CZ, s.r.o.--3088
C:\Program Files\AVG\AVG9\Firefox\components\avgssff.dll
Script: Quarantine, Delete, Delete via BC		1818624000Safe Search for FirefoxCopyright © 2010 AVG Technologies CZ, s.r.o.--3088
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
Script: Quarantine, Delete, Delete via BC		4194304Inkjet Printer/Scanner/Fax Extended Servey Program ServiceCopyright CANON INC. 2006-2009 All Rights Reserved??1516
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
Script: Quarantine, Delete, Delete via BC		4194304Canon My PrinterCopyright 2004-2009 CANON INC. All Rights Reserved.??2884
C:\Program Files\Canon\MyPrinter\BJMyRes.dll
Script: Quarantine, Delete, Delete via BC		268435456Canon My PrinterCopyright 2004-2009 CANON INC. All Rights Reserved.--2884
C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
Script: Quarantine, Delete, Delete via BC		4194304Deep Freeze 6.53 utilityCopyright © 1999-2009 Faronics Corporation??2052
C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe
Script: Quarantine, Delete, Delete via BC		4194304Deep Freeze 6.53 serviceCopyright © 1999-2009 Faronics Corporation??1048
C:\Program Files\GIGABYTE\Gamer HUD\GBNVAPI.DLL
Script: Quarantine, Delete, Delete via BC		3670016  --2460
C:\Program Files\GIGABYTE\Gamer HUD\HUD.exe
Script: Quarantine, Delete, Delete via BC		4194304  ??2460
C:\Program Files\Java\jre6\bin\jqs.exe
Script: Quarantine, Delete, Delete via BC		4194304Java(TM) Quick Starter ServiceCopyright © 2004??1684
C:\Program Files\Java\jre6\bin\jusched.exe
Script: Quarantine, Delete, Delete via BC		4194304Java(TM) Platform SE binaryCopyright © 2004??2868
C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
Script: Quarantine, Delete, Delete via BC		19988480 License: MPL 1.1/GPL 2.0/LGPL 2.1--3088
C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
Script: Quarantine, Delete, Delete via BC		20054016 License: MPL 1.1/GPL 2.0/LGPL 2.1--3088
C:\Program Files\Mozilla Firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC		4194304Firefox©Firefox and Mozilla Developers, according to the MPL 1.1/GPL 2.0/LGPL 2.1 licenses, as applicable.??3088
C:\Program Files\Mozilla Firefox\freebl3.dll
Script: Quarantine, Delete, Delete via BC		63504384NSS freebl Library --3088
C:\Program Files\Mozilla Firefox\js3250.dll
Script: Quarantine, Delete, Delete via BC		5111808  --3088
C:\Program Files\Mozilla Firefox\MOZCRT19.dll
Script: Quarantine, Delete, Delete via BC		2014511104User-Generated Microsoft (R) C/C++ Runtime LibraryCopyright (C) Microsoft Corporation.--3088
C:\Program Files\Mozilla Firefox\nspr4.dll
Script: Quarantine, Delete, Delete via BC		3473408NSPR Library --3088
C:\Program Files\Mozilla Firefox\nss3.dll
Script: Quarantine, Delete, Delete via BC		6160384NSS Base Library --3088
C:\Program Files\Mozilla Firefox\nssckbi.dll
Script: Quarantine, Delete, Delete via BC		67108864NSS Builtin Trusted Root CAs --3088
C:\Program Files\Mozilla Firefox\nssdbm3.dll
Script: Quarantine, Delete, Delete via BC		63373312Legacy Database Driver --3088
C:\Program Files\Mozilla Firefox\nssutil3.dll
Script: Quarantine, Delete, Delete via BC		3801088NSS Utility Library --3088
C:\Program Files\Mozilla Firefox\plc4.dll
Script: Quarantine, Delete, Delete via BC		3932160PLC Library --3088
C:\Program Files\Mozilla Firefox\plds4.dll
Script: Quarantine, Delete, Delete via BC		3997696PLDS Library --3088
C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
Script: Quarantine, Delete, Delete via BC		42598400Default Plug-inCopyright © 1995-2000--3088
C:\Program Files\Mozilla Firefox\smime3.dll
Script: Quarantine, Delete, Delete via BC		3670016NSS S/MIME Library --3088
C:\Program Files\Mozilla Firefox\softokn3.dll
Script: Quarantine, Delete, Delete via BC		63176704NSS PKCS #11 Library --3088
C:\Program Files\Mozilla Firefox\sqlite3.dll
Script: Quarantine, Delete, Delete via BC		2949120SQLite Database Library --3088
C:\Program Files\Mozilla Firefox\ssl3.dll
Script: Quarantine, Delete, Delete via BC		6815744NSS SSL Library --3088
C:\Program Files\Mozilla Firefox\xpcom.dll
Script: Quarantine, Delete, Delete via BC		4063232 License: MPL 1.1/GPL 2.0/LGPL 2.1--3088
C:\Program Files\Mozilla Firefox\xul.dll
Script: Quarantine, Delete, Delete via BC		268435456 License: MPL 1.1/GPL 2.0/LGPL 2.1--3088
C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
Script: Quarantine, Delete, Delete via BC		1612120064 Copyright © 2008 by Sun Microsystems, Inc.--1376
C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll
Script: Quarantine, Delete, Delete via BC		1603207168STLportCopyright (C) Boris Fomitchev--1376
C:\Program Files\WinRAR\rarext.dll
Script: Quarantine, Delete, Delete via BC		268435456  --1376
C:\PROGRA~1\AVG\AVG9\avgtray.exe
Script: Quarantine, Delete, Delete via BC		4194304AVG Tray MonitorCopyright © 2010 AVG Technologies CZ, s.r.o.??2876
C:\WINDOWS\Explorer.EXE
Script: Quarantine, Delete, Delete via BC		16777216Průzkumník Windows© Microsoft Corporation. Všechna práva vyhrazena.??1376
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
Script: Quarantine, Delete, Delete via BC		15007744Microsoft .NET Runtime Common Language Runtime - WorkStation© Microsoft Corporation. All rights reserved.--1684
C:\WINDOWS\system32\avgrsstx.dll
Script: Quarantine, Delete, Delete via BC		1813708800AVG Resident Shield StarterCopyright © 2010 AVG Technologies CZ, s.r.o.--816
C:\WINDOWS\system32\BatMeter.dll
Script: Quarantine, Delete, Delete via BC		1957429248Battery Meter Helper DLL© Microsoft Corporation. Všechna práva vyhrazena.--1376
C:\WINDOWS\system32\comctl32.dll
Script: Quarantine, Delete, Delete via BC		1566179328Common Controls Library© Microsoft Corporation. All rights reserved.--2444, 1048, 1376, 2460, 1516, 1684, 2868, 872, 1088, 504, 280, 3956, 1964, 1116, 1224, 1280, 816, 4028
C:\WINDOWS\system32\comdlg32.dll
Script: Quarantine, Delete, Delete via BC		1983447040Common Dialogs DLL© Microsoft Corporation. Všechna práva vyhrazena.--4024, 1376, 3088, 2052, 1684, 280, 816
C:\WINDOWS\system32\COMRes.dll
Script: Quarantine, Delete, Delete via BC		34865152 Copyright (C) Microsoft Corp. 1995-1999--4024, 1376, 3088, 1684, 1964, 1116, 1224, 1280, 816, 4028, 2268
C:\WINDOWS\system32\credui.dll
Script: Quarantine, Delete, Delete via BC		39976960Credential Manager User Interface© Microsoft Corporation. Všechna práva vyhrazena.--1376, 1280
C:\WINDOWS\system32\CRYPTUI.dll
Script: Quarantine, Delete, Delete via BC		1986396160Microsoft Trust UI Provider© Microsoft Corporation. Všechna práva vyhrazena.--1376, 3088, 1280
C:\WINDOWS\System32\CSCDLL.dll
Script: Quarantine, Delete, Delete via BC		1985871872Offline Network Agent© Microsoft Corporation. Všechna práva vyhrazena.--4024, 1376, 3088, 816
C:\WINDOWS\System32\cscui.dll
Script: Quarantine, Delete, Delete via BC		36438016Client Side Caching UI© Microsoft Corporation. Všechna práva vyhrazena.--4024, 1376, 3088, 816
C:\WINDOWS\system32\ctfmon.exe
Script: Quarantine, Delete, Delete via BC		4194304CTF Loader© Microsoft Corporation. All rights reserved.??1500
C:\WINDOWS\system32\hnetcfg.dll
Script: Quarantine, Delete, Delete via BC		1770717184Home Networking Configuration Manager© Microsoft Corporation. Všechna práva vyhrazena.--2444, 3088, 1684, 872, 504, 1280
C:\WINDOWS\system32\LogonDll.dll
Script: Quarantine, Delete, Delete via BC		268435456  --816
C:\WINDOWS\system32\midimap.dll
Script: Quarantine, Delete, Delete via BC		2008809472Microsoft MIDI Mapper© Microsoft Corporation. Všechna práva vyhrazena.--1376, 3088, 280, 816
C:\WINDOWS\system32\MSGINA.dll
Script: Quarantine, Delete, Delete via BC		1972699136Windows NT Logon GINA DLL© Microsoft Corporation. Všechna práva vyhrazena.--1376, 816
C:\WINDOWS\system32\MSUTB.dll
Script: Quarantine, Delete, Delete via BC		1611792384MSUTB Server DLL© Microsoft Corporation. Všechna práva vyhrazena.--1500, 1376
C:\WINDOWS\system32\MSVFW32.dll
Script: Quarantine, Delete, Delete via BC		1973747712Microsoft Video for Windows DLL© Microsoft Corporation. Všechna práva vyhrazena.--2876
C:\WINDOWS\system32\msxml3.dll
Script: Quarantine, Delete, Delete via BC		1955921920MSXML 3.0 SP10Copyright (C) Microsoft Corporation. 1981-2007--1280
C:\WINDOWS\system32\mydocs.dll
Script: Quarantine, Delete, Delete via BC		1916731392My Documents Folder UI© Microsoft Corporation. Všechna práva vyhrazena.--1376
C:\WINDOWS\system32\NETSHELL.dll
Script: Quarantine, Delete, Delete via BC		37617664Network Connections Shell© Microsoft Corporation. Všechna práva vyhrazena.--1376, 1280
C:\WINDOWS\system32\ntshrui.dll
Script: Quarantine, Delete, Delete via BC		1989672960Shell extensions for sharing© Microsoft Corporation. Všechna práva vyhrazena.--1376
C:\WINDOWS\system32\NVRSCS.DLL
Script: Quarantine, Delete, Delete via BC		11730944NVIDIA Czech language resource library(C) NVIDIA Corporation. All rights reserved.--3956
C:\WINDOWS\system32\odbcint.dll
Script: Quarantine, Delete, Delete via BC		528744448Microsoft Data Access - ODBC ResourcesCopyright (C) Microsoft Corporation 1990-2000--1376, 1684, 816
C:\WINDOWS\system32\ole32.dll
Script: Quarantine, Delete, Delete via BC		2001534976Microsoft OLE for Windows© Microsoft Corporation. Všechna práva vyhrazena.--2876, 2444, 4024, 2884, 1500, 1048, 1376, 3088, 2052, 2460, 1684, 2868, 872, 1088, 280, 3956, 1964, 1116, 1224, 1280, 816, 4028, 2268
C:\WINDOWS\system32\psbase.dll
Script: Quarantine, Delete, Delete via BC		17956864Protected Storage default provider© Microsoft Corporation. Všechna práva vyhrazena.--872
C:\WINDOWS\System32\RASDLG.dll
Script: Quarantine, Delete, Delete via BC		60096512Remote Access Common Dialog API© Microsoft Corporation. Všechna práva vyhrazena.--1280
C:\WINDOWS\system32\RUNDLL32.EXE
Script: Quarantine, Delete, Delete via BC		16777216Run a DLL as an App© Microsoft Corporation. Všechna práva vyhrazena.??3956
C:\WINDOWS\system32\SETUPAPI.dll
Script: Quarantine, Delete, Delete via BC		9961472Windows Setup API© Microsoft Corporation. Všechna práva vyhrazena.--2444, 4024, 1376, 3088, 2460, 1684, 872, 1088, 280, 3956, 1116, 1224, 1280, 816
C:\WINDOWS\system32\sfc_os.dll
Script: Quarantine, Delete, Delete via BC		1992622080Ochrana souborů systému Windows© Microsoft Corporation. Všechna práva vyhrazena.--1964, 1280, 816
C:\WINDOWS\system32\shdoclc.dll
Script: Quarantine, Delete, Delete via BC		1904214016Shell Doc Object and Control Library© Microsoft Corporation. Všechna práva vyhrazena.--1376
C:\WINDOWS\system32\SHELL32.dll
Script: Quarantine, Delete, Delete via BC		2090598400Windows Shell Common Dll© Microsoft Corporation. Všechna práva vyhrazena.--2876, 2444, 4024, 2884, 1500, 1376, 3088, 2052, 2460, 1516, 1684, 2868, 872, 1088, 504, 280, 3956, 1964, 1116, 1224, 1280, 816, 4028, 2268
C:\WINDOWS\system32\srclient.dll
Script: Quarantine, Delete, Delete via BC		1549074432SR CLIENT DLL© Microsoft Corporation. Všechna práva vyhrazena.--2444
C:\WINDOWS\system32\sti.dll
Script: Quarantine, Delete, Delete via BC		1941307392Still Image Devices client DLL © Microsoft Corporation. Všechna práva vyhrazena.--1376, 1224
C:\WINDOWS\system32\stobject.dll
Script: Quarantine, Delete, Delete via BC		1977090048Systray shell service object© Microsoft Corporation. Všechna práva vyhrazena.--1376
C:\WINDOWS\System32\SXS.DLL
Script: Quarantine, Delete, Delete via BC		2120810496Fusion 2.5© Microsoft Corporation. Všechna práva vyhrazena.--1280, 816
C:\WINDOWS\system32\themeui.dll
Script: Quarantine, Delete, Delete via BC		1610743808Windows Theme API© Microsoft Corporation. Všechna práva vyhrazena.--1376
C:\WINDOWS\System32\unimdm.tsp
Script: Quarantine, Delete, Delete via BC		1474756608Unimodem 5 Service Provider© Microsoft Corporation. Všechna práva vyhrazena.--1280
C:\WINDOWS\system32\USER32.dll
Script: Quarantine, Delete, Delete via BC		2117468160Windows XP USER API Client DLL© Microsoft Corporation. Všechna práva vyhrazena.--3224, 2876, 2444, 4024, 2884, 1500, 1048, 1376, 3088, 2052, 2460, 1516, 2936, 1684, 2868, 872, 1088, 504, 280, 3956, 860, 1964, 1116, 1224, 1280, 816, 4028, 2268
C:\WINDOWS\system32\USERENV.dll
Script: Quarantine, Delete, Delete via BC		1989869568Userenv© Microsoft Corporation. Všechna práva vyhrazena.--1500, 1376, 3088, 2052, 1684, 872, 1088, 3956, 860, 1964, 1116, 1224, 1280, 816, 4028, 2268
C:\WINDOWS\system32\uxtheme.dll
Script: Quarantine, Delete, Delete via BC		1529151488Microsoft UxTheme Library© Microsoft Corporation. Všechna práva vyhrazena.--3224, 2876, 4024, 2884, 1500, 1048, 1376, 3088, 2052, 2460, 2868, 872, 1088, 280, 3956, 1964, 1116, 1224, 1280, 816, 4028, 2268
C:\WINDOWS\system32\webcheck.dll
Script: Quarantine, Delete, Delete via BC		1957691392Web Site Monitor© Microsoft Corporation. Všechna práva vyhrazena.--1376
C:\WINDOWS\system32\wiashext.dll
Script: Quarantine, Delete, Delete via BC		1515782144Imaging Devices Shell Folder UI© Microsoft Corporation. Všechna práva vyhrazena.--1376
C:\WINDOWS\system32\winlogon.exe
Script: Quarantine, Delete, Delete via BC		16777216Windows NT Logon Application© Microsoft Corporation. Všechna práva vyhrazena.??816
C:\WINDOWS\system32\wintrust.dll
Script: Quarantine, Delete, Delete via BC		1992425472Microsoft Trust Verification APIs© Microsoft Corporation. Všechna práva vyhrazena.--4024, 1376, 3088, 1088, 504, 280, 1964, 1116, 1224, 1280, 816, 2268
C:\WINDOWS\system32\wpdshext.dll
Script: Quarantine, Delete, Delete via BC		371261440Portable Devices Shell Extension© Microsoft Corporation. All rights reserved.--1376
C:\WINDOWS\system32\wuapi.dll
Script: Quarantine, Delete, Delete via BC		1349124096Windows Update Client API© Microsoft Corporation. All rights reserved.--3088
C:\WINDOWS\system32\xpsp2res.dll
Script: Quarantine, Delete, Delete via BC		131006464Zprávy aktualizace Service Pack 2© Microsoft Corporation. Všechna práva vyhrazena.--4024, 1376, 3088, 1964, 1116, 1224, 1280, 816, 4028, 2268
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL
Script: Quarantine, Delete, Delete via BC		2016280576MFCDLL Shared Library - Retail Version© Microsoft Corporation. All rights reserved.--2876
Modules found:368, recognized as trusted 266

Kernel Space Modules Viewer

ModuleBase addressSize in memoryDescriptionManufacturer
C:\WINDOWS\System32\Drivers\avgldx86.sys
Script: Quarantine, Delete, Delete via BC		B475A000034000 (212992)AVG AVI Loader DriverCopyright © 2010 AVG Technologies CZ, s.r.o.
C:\WINDOWS\System32\Drivers\avgmfx86.sys
Script: Quarantine, Delete, Delete via BC		B8460000006000 (24576)AVG Resident Shield Minifilter DriverCopyright © 2010 AVG Technologies CZ, s.r.o.
C:\WINDOWS\System32\Drivers\avgtdix.sys
Script: Quarantine, Delete, Delete via BC		B48C100003A000 (237568)AVG Network connection watcherCopyright © 2010 AVG Technologies CZ, s.r.o.
C:\WINDOWS\system32\Drivers\DeepFrz.sys
Script: Quarantine, Delete, Delete via BC		B7CF0000024000 (147456)Deep Freeze 6.53 driverCopyright © 1999-2009 Faronics Corporation
C:\WINDOWS\System32\Drivers\dump_atapi.sys
Script: Quarantine, Delete, Delete via BC		B467E000018000 (98304)
C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Script: Quarantine, Delete, Delete via BC		B866E000002000 (8192)
C:\WINDOWS\gdrv.sys
Script: Quarantine, Delete, Delete via BC		B3995000003000 (12288)GIGABYTE ToolsCopyright (C) Microsoft Corp. 1981-1999
C:\WINDOWS\System32\LGDispDrv.dll
Script: Quarantine, Delete, Delete via BC		BD012000007000 (28672)Monitor Rotation Driver for 32 bit WIN2K & WINXPLG Soft India Copyright © 2007-2008
Modules found - 125, recognized as trusted - 117

Services

ServiceDescriptionStatusFileGroupDependencies
avg9emc
Service: Stop, Delete, Disable		AVG Free E-mail ScannerRunningC:\Program Files\AVG\AVG9\avgemc.exe
Script: Quarantine, Delete, Delete via BC		 RPCSS
avg9wd
Service: Stop, Delete, Disable		AVG Free WatchDogRunningC:\Program Files\AVG\AVG9\avgwdsvc.exe
Script: Quarantine, Delete, Delete via BC		  
DFServ
Service: Stop, Delete, Disable		DFServRunningC:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe
Script: Quarantine, Delete, Delete via BC		Boot Bus Extender 
IJPLMSVC
Service: Stop, Delete, Disable		Canon Inkjet Printer/Scanner/Fax Extended Survey ProgramRunningC:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
Script: Quarantine, Delete, Delete via BC		  
JavaQuickStarterService
Service: Stop, Delete, Disable		Java Quick StarterRunningC:\Program Files\Java\jre6\bin\jqs.exe
Script: Quarantine, Delete, Delete via BC		  
ClipSrv
Service: Stop, Delete, Disable		Síťová schránkaNot startedC:\WINDOWS\system32\clipsrv.exe
Script: Quarantine, Delete, Delete via BC		 NetDDE
GEST Service
Service: Stop, Delete, Disable		GEST Service for program management.Not startedC:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
Script: Quarantine, Delete, Delete via BC		  
mnmsrvc
Service: Stop, Delete, Disable		NetMeeting - Vzdálené sdílení plochyNot startedC:\WINDOWS\system32\mnmsrvc.exe
Script: Quarantine, Delete, Delete via BC		  
Detected - 99, recognized as trusted - 91

Drivers

ServiceDescriptionStatusFileGroupDependencies
AvgLdx86
Driver: Unload, Delete, Disable		AVG Free AVI Loader Driver x86RunningC:\WINDOWS\System32\Drivers\avgldx86.sys
Script: Quarantine, Delete, Delete via BC		AVG 
AvgMfx86
Driver: Unload, Delete, Disable		AVG Free On-access Scanner Minifilter Driver x86RunningC:\WINDOWS\System32\Drivers\avgmfx86.sys
Script: Quarantine, Delete, Delete via BC		AVG 
AvgTdiX
Driver: Unload, Delete, Disable		AVG Free Network RedirectorRunningC:\WINDOWS\System32\Drivers\avgtdix.sys
Script: Quarantine, Delete, Delete via BC		PNP_TDI 
DeepFrz
Driver: Unload, Delete, Disable		DeepFrzRunningC:\WINDOWS\system32\Drivers\DeepFrz.sys
Script: Quarantine, Delete, Delete via BC		  
gdrv
Driver: Unload, Delete, Disable		gdrvRunningC:\WINDOWS\gdrv.sys
Script: Quarantine, Delete, Delete via BC		  
Abiosdsk
Driver: Unload, Delete, Disable		AbiosdskNot startedAbiosdsk.sys
Script: Quarantine, Delete, Delete via BC		Primary disk 
abp480n5
Driver: Unload, Delete, Disable		abp480n5Not startedabp480n5.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
adpu160m
Driver: Unload, Delete, Disable		adpu160mNot startedadpu160m.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
Aha154x
Driver: Unload, Delete, Disable		Aha154xNot startedAha154x.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
aic78u2
Driver: Unload, Delete, Disable		aic78u2Not startedaic78u2.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
aic78xx
Driver: Unload, Delete, Disable		aic78xxNot startedaic78xx.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
AliIde
Driver: Unload, Delete, Disable		AliIdeNot startedAliIde.sys
Script: Quarantine, Delete, Delete via BC		System Bus Extender 
amsint
Driver: Unload, Delete, Disable		amsintNot startedamsint.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
asc
Driver: Unload, Delete, Disable		ascNot startedasc.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
asc3350p
Driver: Unload, Delete, Disable		asc3350pNot startedasc3350p.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
asc3550
Driver: Unload, Delete, Disable		asc3550Not startedasc3550.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
Atdisk
Driver: Unload, Delete, Disable		AtdiskNot startedAtdisk.sys
Script: Quarantine, Delete, Delete via BC		Primary disk 
cd20xrnt
Driver: Unload, Delete, Disable		cd20xrntNot startedcd20xrnt.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
Changer
Driver: Unload, Delete, Disable		ChangerNot startedChanger.sys
Script: Quarantine, Delete, Delete via BC		Filter 
CmdIde
Driver: Unload, Delete, Disable		CmdIdeNot startedCmdIde.sys
Script: Quarantine, Delete, Delete via BC		System Bus Extender 
Cpqarray
Driver: Unload, Delete, Disable		CpqarrayNot startedCpqarray.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
cpuz130
Driver: Unload, Delete, Disable		cpuz130Not startedC:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys
Script: Quarantine, Delete, Delete via BC		  
dac960nt
Driver: Unload, Delete, Disable		dac960ntNot starteddac960nt.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
dpti2o
Driver: Unload, Delete, Disable		dpti2oNot starteddpti2o.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
ENTECH
Driver: Unload, Delete, Disable		ENTECHNot startedC:\WINDOWS\system32\DRIVERS\ENTECH.sys
Script: Quarantine, Delete, Delete via BC		  
etdrv
Driver: Unload, Delete, Disable		etdrvNot startedC:\WINDOWS\etdrv.sys
Script: Quarantine, Delete, Delete via BC		  
EverestDriver
Driver: Unload, Delete, Disable		Lavalys EVEREST Kernel DriverNot startedC:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt
Script: Quarantine, Delete, Delete via BC		  
hpn
Driver: Unload, Delete, Disable		hpnNot startedhpn.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
i2omgmt
Driver: Unload, Delete, Disable		i2omgmtNot startedi2omgmt.sys
Script: Quarantine, Delete, Delete via BC		SCSI Class 
i2omp
Driver: Unload, Delete, Disable		i2ompNot startedi2omp.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
ini910u
Driver: Unload, Delete, Disable		ini910uNot startedini910u.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
IntelIde
Driver: Unload, Delete, Disable		IntelIdeNot startedIntelIde.sys
Script: Quarantine, Delete, Delete via BC		System Bus Extender 
lbrtfdc
Driver: Unload, Delete, Disable		lbrtfdcNot startedlbrtfdc.sys
Script: Quarantine, Delete, Delete via BC		System Bus Extender 
LGDDCDevice
Driver: Unload, Delete, Disable		LGDDCDeviceNot startedC:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys
Script: Quarantine, Delete, Delete via BC		  
LGII2CDevice
Driver: Unload, Delete, Disable		LGII2CDeviceNot startedC:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys
Script: Quarantine, Delete, Delete via BC		  
mraid35x
Driver: Unload, Delete, Disable		mraid35xNot startedmraid35x.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
PCIDump
Driver: Unload, Delete, Disable		PCIDumpNot startedPCIDump.sys
Script: Quarantine, Delete, Delete via BC		PCI Configuration 
PDCOMP
Driver: Unload, Delete, Disable		PDCOMPNot startedPDCOMP.sys
Script: Quarantine, Delete, Delete via BC		  
PDFRAME
Driver: Unload, Delete, Disable		PDFRAMENot startedPDFRAME.sys
Script: Quarantine, Delete, Delete via BC		  
PDRELI
Driver: Unload, Delete, Disable		PDRELINot startedPDRELI.sys
Script: Quarantine, Delete, Delete via BC		  
PDRFRAME
Driver: Unload, Delete, Disable		PDRFRAMENot startedPDRFRAME.sys
Script: Quarantine, Delete, Delete via BC		  
perc2
Driver: Unload, Delete, Disable		perc2Not startedperc2.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
perc2hib
Driver: Unload, Delete, Disable		perc2hibNot startedperc2hib.sys
Script: Quarantine, Delete, Delete via BC		Filter 
ql1080
Driver: Unload, Delete, Disable		ql1080Not startedql1080.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
Ql10wnt
Driver: Unload, Delete, Disable		Ql10wntNot startedQl10wnt.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
ql12160
Driver: Unload, Delete, Disable		ql12160Not startedql12160.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
ql1240
Driver: Unload, Delete, Disable		ql1240Not startedql1240.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
ql1280
Driver: Unload, Delete, Disable		ql1280Not startedql1280.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
Simbad
Driver: Unload, Delete, Disable		SimbadNot startedSimbad.sys
Script: Quarantine, Delete, Delete via BC		Filter 
Sparrow
Driver: Unload, Delete, Disable		SparrowNot startedSparrow.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
sym_hi
Driver: Unload, Delete, Disable		sym_hiNot startedsym_hi.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
sym_u3
Driver: Unload, Delete, Disable		sym_u3Not startedsym_u3.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
symc810
Driver: Unload, Delete, Disable		symc810Not startedsymc810.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
symc8xx
Driver: Unload, Delete, Disable		symc8xxNot startedsymc8xx.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
TosIde
Driver: Unload, Delete, Disable		TosIdeNot startedTosIde.sys
Script: Quarantine, Delete, Delete via BC		System Bus Extender 
ultra
Driver: Unload, Delete, Disable		ultraNot startedultra.sys
Script: Quarantine, Delete, Delete via BC		SCSI miniport 
ViaIde
Driver: Unload, Delete, Disable		ViaIdeNot startedViaIde.sys
Script: Quarantine, Delete, Delete via BC		System Bus Extender 
WDICA
Driver: Unload, Delete, Disable		WDICANot startedWDICA.sys
Script: Quarantine, Delete, Delete via BC		  
Detected - 186, recognized as trusted - 128

Autoruns

File nameStatusStartup methodDescription
C:\PROGRA~1\AVG\AVG9\avgemc.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms, EventMessageFile
Delete
C:\PROGRA~1\AVG\AVG9\avgtray.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, AVG9_TRAY
Delete
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\IJPLMSVC, EventMessageFile
Delete
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, CanonMyPrinter
Delete
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, CanonSolutionMenu
Delete
C:\Program Files\Common Files\Microsoft Shared\Speech\sapi.cpl
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls, Speech
Delete
C:\Program Files\Electronic Arts\EADM\Core.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_CURRENT_USER, Software\Microsoft\Windows\CurrentVersion\Run, EA Core
Delete
C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe
Script: Quarantine, Delete, Delete via BC		ActiveShortcut in Startup folderC:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\Quick Launch\, C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk,
C:\Program Files\GIGABYTE\Gamer HUD\HUD.exe
Script: Quarantine, Delete, Delete via BC		ActiveShortcut in Startup folderC:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\, C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\GIGABYTE Gamer HUD.lnk,
C:\Program Files\ICQ6.5\ICQ.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_CURRENT_USER, Software\Microsoft\Windows\CurrentVersion\Run, ICQ
Delete
C:\Program Files\ITE\Smart Guardian\ITESMART.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, SmartGuardian
Delete
C:\Program Files\Java\jre6\bin\jqs.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\JavaQuickStarterService, EventMessageFile
Delete
C:\Program Files\Java\jre6\bin\jusched.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, SunJavaUpdateSched
Delete
C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
Script: Quarantine, Delete, Delete via BC		ActiveShortcut in Startup folderC:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\, C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\forteManager.lnk,
C:\Program Files\Mozilla Firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC		ActiveShortcut in Startup folderC:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\Quick Launch\, C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk,
C:\Program Files\QIP Infium\infium.exe
Script: Quarantine, Delete, Delete via BC		ActiveShortcut in Startup folderC:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\Quick Launch\, C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\Quick Launch\QIP Infium.lnk,
C:\Program Files\Vista Drive Icon\DrvIcon.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, DrvIcon
Delete
C:\WINDOWS\MemSave\MemSet.exe
Script: Quarantine, Delete, Delete via BC		ActiveShortcut in Startup folderC:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\, C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\MemSet.exe.lnk,
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpCtr.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Event Viewer, MicrosoftRedirectionProgram
Delete
C:\WINDOWS\System32\PrintFilterPipelineSvc.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\PrintFilterPipelineSvc, EventMessageFile
Delete
C:\WINDOWS\System32\appmgr.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Software Installation, EventMessageFile
Delete
C:\WINDOWS\System32\comres.dll;C:\WINDOWS\System32\xpsp2res.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\MSDTC, EventMessageFile
Delete
C:\WINDOWS\System32\comres.dll;C:\WINDOWS\System32\xpsp2res.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\MSDTC Client, EventMessageFile
Delete
C:\WINDOWS\System32\cscript.exe
Script: Quarantine, Delete, Delete via BC		--Registry keyHKEY_LOCAL_MACHINE, SOFTWARE\Microsoft\Windows Scripting Host\Locations, CScript
C:\WINDOWS\System32\cscui.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{C631DF4C-088F-4156-B058-4375F0853CD8}, DLLName
Delete
C:\WINDOWS\System32\cscui.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Offline Files, EventMessageFile
Delete
C:\WINDOWS\System32\drwtsn32.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\DrWatson, EventMessageFile
Delete
C:\WINDOWS\System32\els.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Security, DisplayNameFile
Delete
C:\WINDOWS\System32\hidserv.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\HidServ\Parameters, ServiceDll
Delete
C:\WINDOWS\System32\igmpv2.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\IGMPv2, EventMessageFile
Delete
C:\WINDOWS\System32\ipbootp.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\IPBOOTP, EventMessageFile
Delete
C:\WINDOWS\System32\iprip2.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\IPRIP2, EventMessageFile
Delete
C:\WINDOWS\System32\msshavmsg.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\MSSHA, EventMessageFile
Delete
C:\WINDOWS\System32\ntbackup.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\ntbackup, EventMessageFile
Delete
C:\WINDOWS\System32\ospf.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\OSPF, EventMessageFile
Delete
C:\WINDOWS\System32\ospfmib.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\OSPFMib, EventMessageFile
Delete
C:\WINDOWS\System32\pautoenr.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\AutoEnrollment, EventMessageFile
Delete
C:\WINDOWS\System32\perfmon.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Perfmon, EventMessageFile
Delete
C:\WINDOWS\System32\polagent.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\PolicyAgent, EventMessageFile
Delete
C:\WINDOWS\System32\sfc_os.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Windows File Protection, EventMessageFile
Delete
C:\WINDOWS\System32\spmsg.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\NtServicePack, EventMessageFile
Delete
C:\WINDOWS\System32\spmsg.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\WindowsMedia, EventMessageFile
Delete
C:\WINDOWS\System32\spmsg.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Wudf01000, EventMessageFile
Delete
C:\WINDOWS\System32\sxs.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\SideBySide, EventMessageFile
Delete
C:\WINDOWS\System32\syssetup.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Setup, EventMessageFile
Delete
C:\WINDOWS\System32\tssdis.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\TermServSessDir, EventMessageFile
Delete
C:\WINDOWS\System32\user32.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\USER32, EventMessageFile
Delete
C:\WINDOWS\System32\userenv.dll;C:\WINDOWS\System32\xpsp1res.dll;C:\WINDOWS\System32\xpsp2res.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Userenv, EventMessageFile
Delete
C:\WINDOWS\System32\winlogon.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Autochk, EventMessageFile
Delete
C:\WINDOWS\System32\winlogon.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Winlogon, EventMessageFile
Delete
C:\WINDOWS\System32\xpsp2res.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\MSSQLSERVER/MSDE, EventMessageFile
Delete
C:\WINDOWS\System32\xpsp2res.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Remote Assistance, EventMessageFile
Delete
C:\WINDOWS\System32\xpsp2res.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Starter, EventMessageFile
Delete
C:\WINDOWS\System32\xpsp2res.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Http, EventMessageFile
Delete
C:\WINDOWS\System32\xpsp3res.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\RPC, EventMessageFile
Delete
C:\WINDOWS\system32\COMRes.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\COM+, EventMessageFile
Delete
C:\WINDOWS\system32\COMRes.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\EventSystem, EventMessageFile
Delete
C:\WINDOWS\system32\CTFMON.EXE
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_USERS, .DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run, CTFMON.EXE
Delete
C:\WINDOWS\system32\CTFMON.EXE
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_USERS, S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run, CTFMON.EXE
Delete
C:\WINDOWS\system32\CTFMON.EXE
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_USERS, S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run, CTFMON.EXE
Delete
C:\WINDOWS\system32\CTFMON.EXE
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_USERS, S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run, CTFMON.EXE
Delete
C:\WINDOWS\system32\KB905474\wgasetup.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\WgaSetup, EventMessageFile
Delete
C:\WINDOWS\system32\MsSip1.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 1, $DLL
Delete
C:\WINDOWS\system32\MsSip2.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 2, $DLL
Delete
C:\WINDOWS\system32\MsSip3.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 3, $DLL
Delete
C:\WINDOWS\system32\NIWRAD~1.SCR
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_CURRENT_USER, Control Panel\Desktop, scrnsave.exe
Delete
C:\WINDOWS\system32\NIWRAD~1.SCR
Script: Quarantine, Delete, Delete via BC		ActiveFile system.iniC:\WINDOWS\system.ini, boot, SCRNSAVE.EXE
C:\WINDOWS\system32\SHELL32.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, PostBootReminder
Delete
C:\WINDOWS\system32\SHELL32.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, CDBurn
Delete
C:\WINDOWS\system32\cleanmgr.exe /D %c
Script: Quarantine, Delete, Delete via BC		--Registry keyHKEY_LOCAL_MACHINE, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\cleanuppath,
C:\WINDOWS\system32\cmd.exe
Script: Quarantine, Delete, Delete via BC		--Registry keyHKEY_LOCAL_MACHINE, System\CurrentControlSet\Control\Session Manager\Environment, ComSpec
C:\WINDOWS\system32\ctfmon.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_CURRENT_USER, Software\Microsoft\Windows\CurrentVersion\Run, CTFMON.EXE
Delete
C:\WINDOWS\system32\digest.dll
Script: Quarantine, Delete, Delete via BC		--Registry keyHKEY_LOCAL_MACHINE, System\CurrentControlSet\Control\SecurityProviders, SecurityProviders
C:\WINDOWS\system32\els.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application, DisplayNameFile
Delete
C:\WINDOWS\system32\els.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System, DisplayNameFile
Delete
C:\WINDOWS\system32\frapsvid.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Drivers32, VIDC.FPS1
Delete
C:\WINDOWS\system32\gptext.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}, DLLName
Delete
C:\WINDOWS\system32\gptext.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}, DLLName
Delete
C:\WINDOWS\system32\gptext.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{42B5FAAE-6536-11d2-AE5A-0000F87571E3}, DLLName
Delete
C:\WINDOWS\system32\gptext.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}, DLLName
Delete
C:\WINDOWS\system32\midimap.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Drivers32, midimapper
Delete
C:\WINDOWS\system32\midimap.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP, midimapper
Delete
C:\WINDOWS\system32\ntbackup.exe
Script: Quarantine, Delete, Delete via BC		--Registry keyHKEY_LOCAL_MACHINE, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\BackupPath,
C:\WINDOWS\system32\progman.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\WOW\boot, shell
Delete
C:\WINDOWS\system32\psxss.exe
Script: Quarantine, Delete, Delete via BC		--Registry keyHKEY_LOCAL_MACHINE, System\CurrentControlSet\Control\Session Manager\SubSystems, Posix
C:\WINDOWS\system32\shell32.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {AEB6717E-7E19-11d0-97EE-00C04FD91972}
Delete
C:\WINDOWS\system32\stisvc.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System, EventMessageFile
Delete
C:\WINDOWS\system32\stobject.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, SysTray
Delete
C:\WINDOWS\system32\webcheck.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, WebCheck
Delete
C:\WINDOWS\system32\wuaucpl.cpl;C:\WINDOWS\system32\wuaucpl.cpl.mui
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Windows Update Agent, EventMessageFile
Delete
C:\WINDOWS\system32\xpsp2res.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\SecurityCenter, EventMessageFile
Delete
C:\WINDOWS\system32\xvid.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Drivers32, vidc.xvid
Delete
LogonDll.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DfLogon, DLLName
Delete
Magnify.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\Magnifier, Application path
Delete
avgrsstx.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter, DLLName
Delete
c:\WINDOWS\system32\xlive.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\XLive, EventMessageFile
Delete
cscdll.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll, DLLName
Delete
kbd101.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\i8042prt\Parameters, LayerDriver JPN
Delete
kbd101a.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\i8042prt\Parameters, LayerDriver KOR
Delete
m‘|\ü
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, GEST
Delete
mvfs32.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_USERS, .DEFAULT\Control Panel\IOProcs, MVB
Delete
mvfs32.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_USERS, S-1-5-19\Control Panel\IOProcs, MVB
Delete
mvfs32.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_USERS, S-1-5-20\Control Panel\IOProcs, MVB
Delete
mvfs32.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_USERS, S-1-5-18\Control Panel\IOProcs, MVB
Delete
mvfs32.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_CURRENT_USER, Control Panel\IOProcs, MVB
Delete
osk.exe
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\On-Screen Keyboard, Application path
Delete
psbase.dll
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, SOFTWARE\Microsoft\Cryptography\Protect\Providers\df9d8cd0-1501-11d1-8c7a-00c04fc297eb, Image Path
Delete
vgafix.fon
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\WOW\boot, fixedfon.fon
Delete
vgaoem.fon
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\WOW\boot, oemfonts.fon
Delete
vgasys.fon
Script: Quarantine, Delete, Delete via BC		ActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\WOW\boot, fonts.fon
Delete
Autoruns items found - 583, recognized as trusted - 473

Internet Explorer extension modules (BHOs, Toolbars ...)

File nameTypeDescriptionManufacturerCLSID
C:\Program Files\AVG\AVG9\avgssie.dll
Script: Quarantine, Delete, Delete via BC		BHOSafe Search for Internet ExplorerCopyright © 2010 AVG Technologies CZ, s.r.o.{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Delete
C:\Program Files\Java\jre6\bin\jp2ssv.dll
Script: Quarantine, Delete, Delete via BC		BHOJava(TM) Platform SE binaryCopyright © 2004{DBC80044-A445-435b-BC74-9C25C1C588A9}
Delete
C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
Script: Quarantine, Delete, Delete via BC		BHOJava(TM) Quick Starter binaryCopyright © 2004{E7E6F031-17CE-4C07-BC86-EABFE594F69C}
Delete
C:\WINDOWS\system32\dvmurl.dll
Script: Quarantine, Delete, Delete via BC		URLSearchHookDeviceVM Url Search Hook(c) Copyright 2007-2008 DeviceVM, Inc.{0063BF63-BFFF-4B8F-9D26-4267DF7F17DD}
Delete
Items found - 9, recognized as trusted - 5

Windows Explorer extension modules

File nameDestinationDescriptionManufacturerCLSID
C:\WINDOWS\system32\mmsys.cpl
Script: Quarantine, Delete, Delete via BC		Stránka vlastností multimediálního souboruControl Panel Drivers Applet© Microsoft Corporation. Všechna práva vyhrazena.{00022613-0000-0000-C000-000000000046}
Delete
C:\WINDOWS\system32\icmui.dll
Script: Quarantine, Delete, Delete via BC		Správa skeneru s korekcí ICMMicrosoft Color Matching System User Interface DLL© Microsoft Corporation. Všechna práva vyhrazena.{176d6597-26d3-11d1-b350-080036a75b03}
Delete
C:\WINDOWS\system32\ntshrui.dll
Script: Quarantine, Delete, Delete via BC		Rozšíření prostředí pro sdíleníShell extensions for sharing© Microsoft Corporation. Všechna práva vyhrazena.{40dd6e20-7c17-11ce-a804-00aa003ca9f6}
Delete
C:\WINDOWS\system32\themeui.dll
Script: Quarantine, Delete, Delete via BC		PlusPack CPL ExtensionWindows Theme API© Microsoft Corporation. Všechna práva vyhrazena.{41E300E0-78B6-11ce-849B-444553540000}
Delete
C:\WINDOWS\system32\deskadp.dll
Script: Quarantine, Delete, Delete via BC		Rozšíření panelu Zobrazení pro grafický adaptérAdvanced display adapter properties© Microsoft Corporation. Všechna práva vyhrazena.{42071712-76d4-11d1-8b24-00a0c9068ff3}
Delete
C:\WINDOWS\system32\deskmon.dll
Script: Quarantine, Delete, Delete via BC		Rozšíření panelu Zobrazení pro monitorAdvanced display monitor properties© Microsoft Corporation. Všechna práva vyhrazena.{42071713-76d4-11d1-8b24-00a0c9068ff3}
Delete
deskpan.dll
Script: Quarantine, Delete, Delete via BC		Rozšíření panelu Zobrazení pro panoramatické zobrazení{42071714-76d4-11d1-8b24-00a0c9068ff3}
Delete
C:\WINDOWS\system32\shscrap.dll
Script: Quarantine, Delete, Delete via BC		Popisovač dat výstřižku prostředíShell scrap object handler© Microsoft Corporation. Všechna práva vyhrazena.{56117100-C0CD-101B-81E2-00AA004AE837}
Delete
C:\WINDOWS\system32\diskcopy.dll
Script: Quarantine, Delete, Delete via BC		Rozšíření programu Kopírování diskuProgram DiskCopy systému Windows© Microsoft Corporation. Všechna práva vyhrazena.{59099400-57FF-11CE-BD94-0020AF85B590}
Delete
C:\WINDOWS\system32\ntlanui2.dll
Script: Quarantine, Delete, Delete via BC		Rozšíření prostředí pro objekty sítě Microsoft Windows NetworkNetwork object shell UI© Microsoft Corporation. Všechna práva vyhrazena.{59be4990-f85c-11ce-aff7-00aa003ca9f6}
Delete
C:\WINDOWS\System32\icmui.dll
Script: Quarantine, Delete, Delete via BC		Správa monitoru s korekcí ICMMicrosoft Color Matching System User Interface DLL© Microsoft Corporation. Všechna práva vyhrazena.{5DB2625A-54DF-11D0-B6C4-0800091AA605}
Delete
C:\WINDOWS\system32\icmui.dll
Script: Quarantine, Delete, Delete via BC		Správa tiskárny s korekcí ICMMicrosoft Color Matching System User Interface DLL© Microsoft Corporation. Všechna práva vyhrazena.{675F097E-4C4D-11D0-B6C1-0800091AA605}
Delete
Rozšíření prostředí pro kompresi souborů{764BF0E1-F219-11ce-972D-00AA00A14F56}
Delete
C:\WINDOWS\system32\printui.dll
Script: Quarantine, Delete, Delete via BC		Rozšíření prostředí o tiskárnu v síti WWWPrint UI DLL© Microsoft Corporation. Všechna práva vyhrazena.{77597368-7b15-11d0-a0c2-080036af3f03}
Delete
Kontextová nabídka šifrování{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}
Delete
C:\WINDOWS\system32\syncui.dll
Script: Quarantine, Delete, Delete via BC		AktovkaAktovka systému Windows© Microsoft Corporation. Všechna práva vyhrazena.{85BBD920-42A0-1069-A2E4-08002B30309D}
Delete
C:\WINDOWS\system32\hticons.dll
Script: Quarantine, Delete, Delete via BC		Rozšíření ikony programu HyperTerminal{88895560-9AA2-1069-930E-00AA0030EBC8}
Delete
C:\WINDOWS\system32\fontext.dll
Script: Quarantine, Delete, Delete via BC		FontsWindows Font Folder© Microsoft Corporation. Všechna práva vyhrazena.{BD84B380-8CA2-1069-AB1D-08000948F534}
Delete
C:\WINDOWS\system32\icmui.dll
Script: Quarantine, Delete, Delete via BC		Profil ICCMicrosoft Color Matching System User Interface DLL© Microsoft Corporation. Všechna práva vyhrazena.{DBCE2480-C732-101B-BE72-BA78E9AD5B27}
Delete
C:\WINDOWS\system32\ntshrui.dll
Script: Quarantine, Delete, Delete via BC		Rozšíření prostředí pro sdíleníShell extensions for sharing© Microsoft Corporation. Všechna práva vyhrazena.{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Delete
C:\WINDOWS\system32\deskperf.dll
Script: Quarantine, Delete, Delete via BC		Display TroubleShoot CPL ExtensionAdvanced display performance properties© Microsoft Corporation. Všechna práva vyhrazena.{f92e8c40-3d33-11d2-b1aa-080036a75b03}
Delete
C:\WINDOWS\system32\NETSHELL.dll
Script: Quarantine, Delete, Delete via BC		Síťová připojeníNetwork Connections Shell© Microsoft Corporation. Všechna práva vyhrazena.{7007ACC7-3202-11D1-AAD2-00805FC1270E}
Delete
C:\WINDOWS\system32\NETSHELL.dll
Script: Quarantine, Delete, Delete via BC		Síťová připojeníNetwork Connections Shell© Microsoft Corporation. Všechna práva vyhrazena.{992CFFA0-F557-101A-88EC-00DD010CCC48}
Delete
C:\WINDOWS\system32\wiashext.dll
Script: Quarantine, Delete, Delete via BC		Skenery a fotoaparátyImaging Devices Shell Folder UI© Microsoft Corporation. Všechna práva vyhrazena.{E211B736-43FD-11D1-9EFB-0000F8757FCD}
Delete
C:\WINDOWS\system32\wiashext.dll
Script: Quarantine, Delete, Delete via BC		Skenery a fotoaparátyImaging Devices Shell Folder UI© Microsoft Corporation. Všechna práva vyhrazena.{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}
Delete
C:\WINDOWS\system32\wiashext.dll
Script: Quarantine, Delete, Delete via BC		Skenery a fotoaparátyImaging Devices Shell Folder UI© Microsoft Corporation. Všechna práva vyhrazena.{905667aa-acd6-11d2-8080-00805f6596d2}
Delete
C:\WINDOWS\system32\wiashext.dll
Script: Quarantine, Delete, Delete via BC		Skenery a fotoaparátyImaging Devices Shell Folder UI© Microsoft Corporation. Všechna práva vyhrazena.{3F953603-1008-4f6e-A73A-04AAC7A992F1}
Delete
C:\WINDOWS\system32\wiashext.dll
Script: Quarantine, Delete, Delete via BC		Skenery a fotoaparátyImaging Devices Shell Folder UI© Microsoft Corporation. Všechna práva vyhrazena.{83bbcbf3-b28a-4919-a5aa-73027445d672}
Delete
C:\WINDOWS\system32\remotepg.dll
Script: Quarantine, Delete, Delete via BC		Remote Sessions CPL ExtensionRemote Sessions CPL Extension© Microsoft Corporation. Všechna práva vyhrazena.{F0152790-D56E-4445-850E-4F3117DB740C}
Delete
C:\WINDOWS\system32\mstask.dll
Script: Quarantine, Delete, Delete via BC		Tasks Folder Icon HandlerTask Scheduler interface DLL© Microsoft Corporation. Všechna práva vyhrazena.{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}
Delete
C:\WINDOWS\system32\mstask.dll
Script: Quarantine, Delete, Delete via BC		Tasks Folder Shell ExtensionTask Scheduler interface DLL© Microsoft Corporation. Všechna práva vyhrazena.{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}
Delete
C:\WINDOWS\system32\mstask.dll
Script: Quarantine, Delete, Delete via BC		Naplánované úlohyTask Scheduler interface DLL© Microsoft Corporation. Všechna práva vyhrazena.{D6277990-4C6A-11CF-8D87-00AA0060F5BF}
Delete
C:\WINDOWS\system32\wuaucpl.cpl
Script: Quarantine, Delete, Delete via BC		Auto Update Property Sheet ExtensionAutomatic Updates Control Panel© Microsoft Corporation. All rights reserved.{5F327514-6C5E-4d60-8F16-D07FA08A78ED}
Delete
Hlavní panel a nabídka Start{0DF44EAA-FF21-4412-828E-260A8728E7F1}
Delete
C:\WINDOWS\system32\sendmail.dll
Script: Quarantine, Delete, Delete via BC		Sendmail serviceSend Mail© Microsoft Corporation. Všechna práva vyhrazena.{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}
Delete
C:\WINDOWS\system32\sendmail.dll
Script: Quarantine, Delete, Delete via BC		Sendmail serviceSend Mail© Microsoft Corporation. Všechna práva vyhrazena.{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}
Delete
C:\WINDOWS\system32\occache.dll
Script: Quarantine, Delete, Delete via BC		Složka mezipaměti pro kódy ActiveXObject Control Viewer© Microsoft Corporation. Všechna práva vyhrazena.{88C6C381-2E85-11D0-94DE-444553540000}
Delete
C:\WINDOWS\system32\webcheck.dll
Script: Quarantine, Delete, Delete via BC		WebCheckWeb Site Monitor© Microsoft Corporation. Všechna práva vyhrazena.{E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Delete
C:\WINDOWS\system32\webcheck.dll
Script: Quarantine, Delete, Delete via BC		Subscription MgrWeb Site Monitor© Microsoft Corporation. Všechna práva vyhrazena.{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}
Delete
C:\WINDOWS\system32\webcheck.dll
Script: Quarantine, Delete, Delete via BC		Složka odběrůWeb Site Monitor© Microsoft Corporation. Všechna práva vyhrazena.{F5175861-2688-11d0-9C5E-00AA00A45957}
Delete
C:\WINDOWS\system32\webcheck.dll
Script: Quarantine, Delete, Delete via BC		WebCheckWebCrawlerWeb Site Monitor© Microsoft Corporation. Všechna práva vyhrazena.{08165EA0-E946-11CF-9C87-00AA005127ED}
Delete
C:\WINDOWS\system32\webcheck.dll
Script: Quarantine, Delete, Delete via BC		WebCheckChannelAgentWeb Site Monitor© Microsoft Corporation. Všechna práva vyhrazena.{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}
Delete
C:\WINDOWS\system32\webcheck.dll
Script: Quarantine, Delete, Delete via BC		TrayAgentWeb Site Monitor© Microsoft Corporation. Všechna práva vyhrazena.{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}
Delete
C:\WINDOWS\system32\webcheck.dll
Script: Quarantine, Delete, Delete via BC		Code Download AgentWeb Site Monitor© Microsoft Corporation. Všechna práva vyhrazena.{7D559C10-9FE9-11d0-93F7-00AA0059CE02}
Delete
C:\WINDOWS\system32\webcheck.dll
Script: Quarantine, Delete, Delete via BC		ConnectionAgentWeb Site Monitor© Microsoft Corporation. Všechna práva vyhrazena.{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}
Delete
C:\WINDOWS\system32\webcheck.dll
Script: Quarantine, Delete, Delete via BC		PostAgentWeb Site Monitor© Microsoft Corporation. Všechna práva vyhrazena.{D8BD2030-6FC9-11D0-864F-00AA006809D9}
Delete
C:\WINDOWS\system32\webcheck.dll
Script: Quarantine, Delete, Delete via BC		WebCheck SyncMgr HandlerWeb Site Monitor© Microsoft Corporation. Všechna práva vyhrazena.{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}
Delete
C:\WINDOWS\system32\shimgvw.dll
Script: Quarantine, Delete, Delete via BC		Shell Image VerbsProhlížeč obrázků a faxů© Microsoft Corporation. Všechna práva vyhrazena.{e84fda7c-1d6a-45f6-b725-cb260c236066}
Delete
C:\WINDOWS\system32\shimgvw.dll
Script: Quarantine, Delete, Delete via BC		Shell Image Data FactoryProhlížeč obrázků a faxů© Microsoft Corporation. Všechna práva vyhrazena.{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}
Delete
rundll32.exe C:\WINDOWS\system32\shimgvw.dll,ImageView_COMServer {00E7B358-F65B-4dcf-83DF-CD026B94BFD4}
Script: Quarantine, Delete, Delete via BC		Autoplay for SlideShow{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}
Delete
C:\WINDOWS\system32\shimgvw.dll
Script: Quarantine, Delete, Delete via BC		Extraktor miniatur souborů GDI+Prohlížeč obrázků a faxů© Microsoft Corporation. Všechna práva vyhrazena.{3F30C968-480A-4C6C-862D-EFC0897BB84B}
Delete
C:\WINDOWS\system32\shimgvw.dll
Script: Quarantine, Delete, Delete via BC		Popisovač miniatur souhrnných informací (DOCFILES)Prohlížeč obrázků a faxů© Microsoft Corporation. Všechna práva vyhrazena.{9DBD2C50-62AD-11d0-B806-00C04FD706EC}
Delete
C:\WINDOWS\system32\shimgvw.dll
Script: Quarantine, Delete, Delete via BC		Extraktor miniatur HTMLProhlížeč obrázků a faxů© Microsoft Corporation. Všechna práva vyhrazena.{EAB841A0-9550-11cf-8C16-00805F1408F3}
Delete
C:\WINDOWS\system32\shimgvw.dll
Script: Quarantine, Delete, Delete via BC		Shell Image Property HandlerProhlížeč obrázků a faxů© Microsoft Corporation. Všechna práva vyhrazena.{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}
Delete
C:\WINDOWS\system32\netplwiz.dll
Script: Quarantine, Delete, Delete via BC		Průvodce publikováním na webuMap Network Drives/Network Places Wizard© Microsoft Corporation. Všechna práva vyhrazena.{CC6EEFFB-43F6-46c5-9619-51D571967F7D}
Delete
C:\WINDOWS\system32\netplwiz.dll
Script: Quarantine, Delete, Delete via BC		Objednávání tisku přes webMap Network Drives/Network Places Wizard© Microsoft Corporation. Všechna práva vyhrazena.{add36aa8-751a-4579-a266-d66f5202ccbb}
Delete
C:\WINDOWS\system32\netplwiz.dll
Script: Quarantine, Delete, Delete via BC		Objekt prostředí Průvodce publikovánímMap Network Drives/Network Places Wizard© Microsoft Corporation. Všechna práva vyhrazena.{6b33163c-76a5-4b6c-bf21-45de9cd503a1}
Delete
C:\WINDOWS\system32\netplwiz.dll
Script: Quarantine, Delete, Delete via BC		Průvodce získáním účtu služby PassportMap Network Drives/Network Places Wizard© Microsoft Corporation. Všechna práva vyhrazena.{58f1f272-9240-4f51-b6d4-fd63d1618591}
Delete
Uživatelské účty{7A9D77BD-5403-11d2-8785-2E0420524153}
Delete
C:\WINDOWS\system32\zipfldr.dll
Script: Quarantine, Delete, Delete via BC		Komprimovaná složka (metoda ZIP)Komprimované složky (metoda ZIP)© Microsoft Corporation. Všechna práva vyhrazena.{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31}
Delete
C:\WINDOWS\system32\zipfldr.dll
Script: Quarantine, Delete, Delete via BC		Compressed (zipped) Folder Right Drag HandlerKomprimované složky (metoda ZIP)© Microsoft Corporation. Všechna práva vyhrazena.{BD472F60-27FA-11cf-B8B4-444553540000}
Delete
C:\WINDOWS\system32\zipfldr.dll
Script: Quarantine, Delete, Delete via BC		Compressed (zipped) Folder SendTo TargetKomprimované složky (metoda ZIP)© Microsoft Corporation. Všechna práva vyhrazena.{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}
Delete
C:\WINDOWS\system32\cdfview.dll
Script: Quarantine, Delete, Delete via BC		Soubor kanáluChannel Definition File Viewer© Microsoft Corporation. Všechna práva vyhrazena.{f39a0dc0-9cc8-11d0-a599-00c04fd64433}
Delete
C:\WINDOWS\system32\cdfview.dll
Script: Quarantine, Delete, Delete via BC		Zástupce kanáluChannel Definition File Viewer© Microsoft Corporation. Všechna práva vyhrazena.{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}
Delete
C:\WINDOWS\system32\cdfview.dll
Script: Quarantine, Delete, Delete via BC		Objekt popisovače kanáluChannel Definition File Viewer© Microsoft Corporation. Všechna práva vyhrazena.{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}
Delete
C:\WINDOWS\system32\cdfview.dll
Script: Quarantine, Delete, Delete via BC		Channel MenuChannel Definition File Viewer© Microsoft Corporation. Všechna práva vyhrazena.{f3da0dc0-9cc8-11d0-a599-00c04fd64437}
Delete
C:\WINDOWS\system32\cdfview.dll
Script: Quarantine, Delete, Delete via BC		Channel PropertiesChannel Definition File Viewer© Microsoft Corporation. Všechna práva vyhrazena.{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}
Delete
C:\WINDOWS\system32\msieftp.dll
Script: Quarantine, Delete, Delete via BC		FTP Folders WebviewMicrosoft Internet Explorer FTP Folder Shell Extension© Microsoft Corporation. Všechna práva vyhrazena.{63da6ec0-2e98-11cf-8d82-444553540000}
Delete
C:\WINDOWS\system32\dsquery.dll
Script: Quarantine, Delete, Delete via BC		Directory Query UIDirectory Service Find© Microsoft Corporation. Všechna práva vyhrazena.{8A23E65E-31C2-11d0-891C-00A024AB2DBB}
Delete
C:\WINDOWS\system32\dsquery.dll
Script: Quarantine, Delete, Delete via BC		Shell properties for a DS objectDirectory Service Find© Microsoft Corporation. Všechna práva vyhrazena.{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}
Delete
C:\WINDOWS\system32\dsquery.dll
Script: Quarantine, Delete, Delete via BC		Directory Object FindDirectory Service Find© Microsoft Corporation. Všechna práva vyhrazena.{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}
Delete
C:\WINDOWS\system32\dsquery.dll
Script: Quarantine, Delete, Delete via BC		Directory Start/Search FindDirectory Service Find© Microsoft Corporation. Všechna práva vyhrazena.{F020E586-5264-11d1-A532-0000F8757D7E}
Delete
C:\WINDOWS\system32\dsuiext.dll
Script: Quarantine, Delete, Delete via BC		Directory Property UIDirectory Service Common UI© Microsoft Corporation. Všechna práva vyhrazena.{0D45D530-764B-11d0-A1CA-00AA00C16E65}
Delete
C:\WINDOWS\system32\dsuiext.dll
Script: Quarantine, Delete, Delete via BC		Directory Context Menu VerbsDirectory Service Common UI© Microsoft Corporation. Všechna práva vyhrazena.{62AE1F9A-126A-11D0-A14B-0800361B1103}
Delete
C:\WINDOWS\system32\mydocs.dll
Script: Quarantine, Delete, Delete via BC		MyDocs Copy HookMy Documents Folder UI© Microsoft Corporation. Všechna práva vyhrazena.{ECF03A33-103D-11d2-854D-006008059367}
Delete
C:\WINDOWS\system32\mydocs.dll
Script: Quarantine, Delete, Delete via BC		MyDocs Drop TargetMy Documents Folder UI© Microsoft Corporation. Všechna práva vyhrazena.{ECF03A32-103D-11d2-854D-006008059367}
Delete
C:\WINDOWS\system32\mydocs.dll
Script: Quarantine, Delete, Delete via BC		MyDocs PropertiesMy Documents Folder UI© Microsoft Corporation. Všechna práva vyhrazena.{4a7ded0a-ad25-11d0-98a8-0800361b1103}
Delete
C:\WINDOWS\System32\cscui.dll
Script: Quarantine, Delete, Delete via BC		Offline Files MenuClient Side Caching UI© Microsoft Corporation. Všechna práva vyhrazena.{750fdf0e-2a26-11d1-a3ea-080036587f03}
Delete
C:\WINDOWS\System32\cscui.dll
Script: Quarantine, Delete, Delete via BC		Offline Files Folder OptionsClient Side Caching UI© Microsoft Corporation. Všechna práva vyhrazena.{10CFC467-4392-11d2-8DB4-00C04FA31A66}
Delete
C:\WINDOWS\System32\cscui.dll
Script: Quarantine, Delete, Delete via BC		Složka souborů offlineClient Side Caching UI© Microsoft Corporation. Všechna práva vyhrazena.{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}
Delete
C:\WINDOWS\system32\photowiz.dll
Script: Quarantine, Delete, Delete via BC		%DESC_PublishDropTarget%Photo Printing Wizard© Microsoft Corporation. Všechna práva vyhrazena.{60fd46de-f830-4894-a628-6fa81bc0190d}
Delete
C:\WINDOWS\System32\mmcshext.dll
Script: Quarantine, Delete, Delete via BC		MMC Icon HandlerMMC Shell Extension DLL© Microsoft Corporation. All rights reserved.{7A80E4A8-8005-11D2-BCF8-00C04F72C717}
Delete
C:\WINDOWS\system32\cabview.dll
Script: Quarantine, Delete, Delete via BC		.CAB file viewerCabinet File Viewer Shell Extension© Microsoft Corporation. Všechna práva vyhrazena.{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}
Delete
C:\Program Files\Outlook Express\wabfind.dll
Script: Quarantine, Delete, Delete via BC		Oso&by...Najít osoby© Microsoft Corporation. Všechna práva vyhrazena.{32714800-2E5F-11d0-8B85-00AA0044F941}
Delete
C:\Program Files\WinRAR\rarext.dll
Script: Quarantine, Delete, Delete via BC		WinRAR shell extension{B41DB860-8EE4-11D2-9906-E49FADC173CA}
Delete
"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll"
Script: Quarantine, Delete, Delete via BC		OpenOffice.org Column Handler{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
Delete
"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll"
Script: Quarantine, Delete, Delete via BC		OpenOffice.org Infotip Handler{087B3AE3-E237-4467-B8DB-5A38AB959AC9}
Delete
"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll"
Script: Quarantine, Delete, Delete via BC		OpenOffice.org Property Sheet Handler{63542C48-9552-494A-84F7-73AA6A7C99C1}
Delete
"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll"
Script: Quarantine, Delete, Delete via BC		OpenOffice.org Thumbnail Viewer{3B092F0C-7696-40E3-A80F-68D74DA84210}
Delete
C:\WINDOWS\system32\wpdshext.dll
Script: Quarantine, Delete, Delete via BC		Portable DevicesPortable Devices Shell Extension© Microsoft Corporation. All rights reserved.{35786D3C-B075-49b9-88DD-029876E11C01}
Delete
C:\WINDOWS\system32\wpdshext.dll
Script: Quarantine, Delete, Delete via BC		Portable Devices MenuPortable Devices Shell Extension© Microsoft Corporation. All rights reserved.{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8}
Delete
C:\Program Files\AVG\AVG9\avgse.dll
Script: Quarantine, Delete, Delete via BC		AVG Shell ExtensionAVG Shell ExtensionCopyright © 2010 AVG Technologies CZ, s.r.o.{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
Delete
AVG Find Extension{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}
Delete
C:\Program Files\LG Soft India\forteManager\bin\ContextMenu.dll
Script: Quarantine, Delete, Delete via BC		Test directory background ctx menu extensionContextMenu ModuleCopyright 2006{83AE6768-28C3-4057-A4A0-21AADA4B88E3}
Delete
C:\WINDOWS\system32\SHELL32.dll
Script: Quarantine, Delete, Delete via BC		ColumnHandlerWindows Shell Common Dll© Microsoft Corporation. Všechna práva vyhrazena.{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
Delete
C:\WINDOWS\system32\SHELL32.dll
Script: Quarantine, Delete, Delete via BC		ColumnHandlerWindows Shell Common Dll© Microsoft Corporation. Všechna práva vyhrazena.{24F14F01-7B1C-11d1-838f-0000F80461CF}
Delete
C:\WINDOWS\system32\SHELL32.dll
Script: Quarantine, Delete, Delete via BC		ColumnHandlerWindows Shell Common Dll© Microsoft Corporation. Všechna práva vyhrazena.{24F14F02-7B1C-11d1-838f-0000F80461CF}
Delete
C:\WINDOWS\system32\SHELL32.dll
Script: Quarantine, Delete, Delete via BC		ColumnHandlerWindows Shell Common Dll© Microsoft Corporation. Všechna práva vyhrazena.{66742402-F9B9-11D1-A202-0000F81FEDEE}
Delete
"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll"
Script: Quarantine, Delete, Delete via BC		ColumnHandler{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
Delete
Items found - 196, recognized as trusted - 97

Printing system extensions (print monitors, providers)

File nameTypeNameDescriptionManufacturer
Items found - 8, recognized as trusted - 8

Task Scheduler jobs

File nameJob nameJob stateDescriptionManufacturer
Items found - 2, recognized as trusted - 2

SPI/LSP settings

Namespace providers (NSP)
ManufacturerStatusEXE fileDescriptionGUID
Detected - 3, recognized as trusted - 3
Transport protocol providers (TSP, LSP)
ManufacturerEXE fileDescription
Detected - 20, recognized as trusted - 20
Results of automatic SPI settings check 
LSP settings checked. No errors detected

TCP/UDP ports

PortStatusRemote HostRemote PortApplicationNotes
TCP ports
135LISTENING0.0.0.039038[1184] svchost.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
139LISTENING0.0.0.018586[4] System
Script: Quarantine, Delete, Delete via BC, Terminate		 
445LISTENING0.0.0.024628[4] System
Script: Quarantine, Delete, Delete via BC, Terminate		 
1027LISTENING0.0.0.033011[2540] alg.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
1037ESTABLISHED127.0.0.11038[3088] c:\program files\mozilla firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
1038ESTABLISHED127.0.0.11037[3088] c:\program files\mozilla firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
1042ESTABLISHED127.0.0.11043[3088] c:\program files\mozilla firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
1043ESTABLISHED127.0.0.11042[3088] c:\program files\mozilla firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
1080TIME_WAIT209.85.129.11380[0]   
1107TIME_WAIT209.85.129.13980[0]   
1139LAST_ACK78.128.147.4280[3088] c:\program files\mozilla firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
1145LAST_ACK77.75.76.7280[3088] c:\program files\mozilla firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
1155TIME_WAIT92.122.217.11380[0]   
1160TIME_WAIT92.122.217.180[0]   
1168LAST_ACK78.128.147.4280[3088] c:\program files\mozilla firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
1179LAST_ACK77.75.72.2280[3088] c:\program files\mozilla firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
1182LAST_ACK77.75.76.7280[3088] c:\program files\mozilla firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
1185LAST_ACK173.194.1.2680[3088] c:\program files\mozilla firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
1186TIME_WAIT92.122.217.9680[0]   
1187TIME_WAIT92.122.217.9680[0]   
1188TIME_WAIT92.122.217.9680[0]   
1189TIME_WAIT92.122.217.9680[0]   
1190TIME_WAIT92.122.217.9680[0]   
1214TIME_WAIT212.96.161.23480[0]   
1216TIME_WAIT212.96.161.23480[0]   
1218TIME_WAIT212.96.161.23480[0]   
1223TIME_WAIT77.75.76.7280[0]   
1224TIME_WAIT77.75.76.7280[0]   
1225TIME_WAIT77.75.76.7280[0]   
1227TIME_WAIT77.75.76.7280[0]   
1235TIME_WAIT77.75.76.7280[0]   
1237TIME_WAIT77.75.76.7280[0]   
1238LAST_ACK77.75.76.7280[3088] c:\program files\mozilla firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
1242ESTABLISHED173.194.1.2680[3088] c:\program files\mozilla firefox\firefox.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
5152CLOSE_WAIT127.0.0.11040[1684] c:\program files\java\jre6\bin\jqs.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
5152LISTENING0.0.0.043109[1684] c:\program files\java\jre6\bin\jqs.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
10110LISTENING0.0.0.018436[2408] c:\program files\avg\avg9\avgemc.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
UDP ports
123LISTENING----[1280] c:\windows\system32\svchost.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
123LISTENING----[1280] c:\windows\system32\svchost.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
137LISTENING----[4] System
Script: Quarantine, Delete, Delete via BC, Terminate		 
138LISTENING----[4] System
Script: Quarantine, Delete, Delete via BC, Terminate		 
445LISTENING----[4] System
Script: Quarantine, Delete, Delete via BC, Terminate		 
500LISTENING----[872] c:\windows\system32\lsass.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
4500LISTENING----[872] c:\windows\system32\lsass.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 
44301LISTENING----[504] c:\windows\system32\pnkbstra.exe
Script: Quarantine, Delete, Delete via BC, Terminate		 

Downloaded Program Files (DPF)

File nameDescriptionManufacturerCLSIDSource URL
C:\Program Files\Java\jre6\bin\jp2iexp.dll
Script: Quarantine, Delete, Delete via BC		{8AD9C840-044E-11D1-B3E9-00805F499D93}
Delete		http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
C:\Program Files\Java\jre6\bin\jp2iexp.dll
Script: Quarantine, Delete, Delete via BC		{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
Delete		http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
C:\Program Files\Java\jre6\bin\jp2iexp.dll
Script: Quarantine, Delete, Delete via BC		{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
Delete		http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
C:\Program Files\Java\jre6\bin\npjpi160_17.dll
Script: Quarantine, Delete, Delete via BC		Classic Java Plug-in 1.6.0_17 for Netscape and MozillaCopyright © 2004{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Delete		http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Items found - 4, recognized as trusted - 0

Control Panel Applets (CPL)

File nameDescriptionManufacturer
C:\WINDOWS\system32\desk.cpl
Script: Quarantine, Delete, Delete via BC		Desktop Control Panel© Microsoft Corporation. Všechna práva vyhrazena.
C:\WINDOWS\system32\hdwwiz.cpl
Script: Quarantine, Delete, Delete via BC		Add Hardware Control Panel Applet© Microsoft Corporation. Všechna práva vyhrazena.
C:\WINDOWS\system32\inetcpl.cpl
Script: Quarantine, Delete, Delete via BC		Internet Control Panel© Microsoft Corporation. Všechna práva vyhrazena.
C:\WINDOWS\system32\intl.cpl
Script: Quarantine, Delete, Delete via BC		Control Panel DLL© Microsoft Corporation. Všechna práva vyhrazena.
C:\WINDOWS\system32\javacpl.cpl
Script: Quarantine, Delete, Delete via BC		Java(TM) Control PanelCopyright © 2004
C:\WINDOWS\system32\joy.cpl
Script: Quarantine, Delete, Delete via BC		Game Controllers Control Panel Applet© Microsoft Corporation. Všechna práva vyhrazena.
C:\WINDOWS\system32\main.cpl
Script: Quarantine, Delete, Delete via BC		Control Panel DLLCopyright (C) Microsoft Corp. 1991-1999
C:\WINDOWS\system32\mmsys.cpl
Script: Quarantine, Delete, Delete via BC		Control Panel Drivers Applet© Microsoft Corporation. Všechna práva vyhrazena.
C:\WINDOWS\system32\ncpa.cpl
Script: Quarantine, Delete, Delete via BC		Network Connections Control-Panel Stub© Microsoft Corporation. Všechna práva vyhrazena.
C:\WINDOWS\system32\nusrmgr.cpl
Script: Quarantine, Delete, Delete via BC		Správce uživatelů systému Windows© Microsoft Corporation. Všechna práva vyhrazena.
C:\WINDOWS\system32\odbccp32.cpl
Script: Quarantine, Delete, Delete via BC		Microsoft Data Access - ODBC Control PanelCopyright (C) Microsoft Corporation 1990-2000
C:\WINDOWS\system32\powercfg.cpl
Script: Quarantine, Delete, Delete via BC		Power Management Configuration Control Panel Applet© Microsoft Corporation. Všechna práva vyhrazena.
C:\WINDOWS\system32\sysdm.cpl
Script: Quarantine, Delete, Delete via BC		System Applet for the Control Panel© Microsoft Corporation. Všechna práva vyhrazena.
C:\WINDOWS\system32\telephon.cpl
Script: Quarantine, Delete, Delete via BC		Telephony Control Panel© Microsoft Corporation. Všechna práva vyhrazena.
C:\WINDOWS\system32\timedate.cpl
Script: Quarantine, Delete, Delete via BC		Time Date Control Panel Applet© Microsoft Corporation. Všechna práva vyhrazena.
C:\WINDOWS\system32\wscui.cpl
Script: Quarantine, Delete, Delete via BC		Security Center© Microsoft Corporation. All rights reserved.
C:\WINDOWS\system32\wuaucpl.cpl
Script: Quarantine, Delete, Delete via BC		Automatic Updates Control Panel© Microsoft Corporation. All rights reserved.
Items found - 29, recognized as trusted - 12

Active Setup

File nameDescriptionManufacturerCLSID
c:\WINDOWS\system32\Rundll32.exe
Script: Quarantine, Delete, Delete via BC		Run a DLL as an App© Microsoft Corporation. Všechna práva vyhrazena.{89B4C1CD-B018-4511-B0A1-5476DBF70820}
Items found - 13, recognized as trusted - 12

HOSTS file

Hosts file record 


127.0.0.1       localhost

Protocols and handlers

File nameTypeDescriptionManufacturerCLSID
mscoree.dll
Script: Quarantine, Delete, Delete via BC		ProtocolMicrosoft .NET Runtime Execution Engine ()© Microsoft Corporation. All rights reserved.{1E66F26B-79EE-11D2-8710-00C04F79ED0D}
mscoree.dll
Script: Quarantine, Delete, Delete via BC		ProtocolMicrosoft .NET Runtime Execution Engine ()© Microsoft Corporation. All rights reserved.{1E66F26B-79EE-11D2-8710-00C04F79ED0D}
mscoree.dll
Script: Quarantine, Delete, Delete via BC		ProtocolMicrosoft .NET Runtime Execution Engine ()© Microsoft Corporation. All rights reserved.{1E66F26B-79EE-11D2-8710-00C04F79ED0D}
C:\WINDOWS\system32\SHELL32.dll
Script: Quarantine, Delete, Delete via BC		ProtocolWindows Shell Common Dll (WebView MIME Filter)© Microsoft Corporation. Všechna práva vyhrazena.{733AC4CB-F1A4-11d0-B951-00A0C90312E1}
C:\WINDOWS\system32\itss.dll
Script: Quarantine, Delete, Delete via BC		HandlerMicrosoft® InfoTech Storage System Library (its: Asychronous Pluggable Protocol Handler)© Microsoft Corporation. All rights reserved.{9D148291-B9C8-11D0-A4CC-0000F80149F6}
C:\Program Files\AVG\AVG9\avgpp.dll
Script: Quarantine, Delete, Delete via BC		HandlerSafe Search pluggable protocol (linkscanner: ExPLabs.com Pluggable Protocol)Copyright © 2010 AVG Technologies CZ, s.r.o.{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
C:\WINDOWS\system32\itss.dll
Script: Quarantine, Delete, Delete via BC		HandlerMicrosoft® InfoTech Storage System Library (ms-its: Asychronous Pluggable Protocol Handler)© Microsoft Corporation. All rights reserved.{9D148291-B9C8-11D0-A4CC-0000F80149F6}
Items found - 29, recognized as trusted - 22

Suspicious objects

FileDescriptionType 

Attention !!! Database was last updated 21.8.2009 it is necessary to update the database (via File - Database update)
AVZ Antiviral Toolkit log; AVZ version is 4.32
Scanning started at 8.4.2010 20:19:41
Database loaded: signatures - 237871, NN profile(s) - 2, malware removal microprograms - 56, signature database released 21.08.2009 14:23
Heuristic microprograms loaded: 374
PVS microprograms loaded: 9
Digital signatures of system files loaded: 135524
Heuristic analyzer mode: Medium heuristics mode
Malware removal mode: disabled
Windows version is: 5.1.2600, Service Pack 3 ; AVZ is run with administrator rights
System Restore: enabled
1. Searching for Rootkits and other software intercepting API functions
1.1 Searching for user-mode API hooks
 Analysis: kernel32.dll, export table found in section .text
 Analysis: ntdll.dll, export table found in section .text
 Analysis: user32.dll, export table found in section .text
 Analysis: advapi32.dll, export table found in section .text
 Analysis: ws2_32.dll, export table found in section .text
 Analysis: wininet.dll, export table found in section .text
 Analysis: rasapi32.dll, export table found in section .text
 Analysis: urlmon.dll, export table found in section .text
 Analysis: netapi32.dll, export table found in section .text
1.2 Searching for kernel-mode API hooks
 Driver loaded successfully
 SDT found (RVA=085700)
 Kernel ntkrnlpa.exe found in memory at address 804D7000
   SDT = 8055C700
   KiST = 8050446C (284)
Functions checked: 284, intercepted: 0, restored: 0
1.3 Checking IDT and SYSENTER
 Analyzing CPU 1
 Analyzing CPU 2
 Checking IDT and SYSENTER - complete
1.4 Searching for masking processes and drivers
 Checking not performed: extended monitoring driver (AVZPM) is not installed
 Driver loaded successfully
1.5 Checking IRP handlers
 Checking - complete
2. Scanning RAM
 Number of processes found: 35
 Number of modules loaded: 350
Scanning RAM - complete
3. Scanning disks
4. Checking  Winsock Layered Service Provider (SPI/LSP)
 LSP settings checked. No errors detected
5. Searching for keyboard/mouse/windows events hooks (Keyloggers, Trojan DLLs)
6. Searching for opened TCP/UDP ports used by malicious software
 Checking - disabled by user
7. Heuristic system check
Checking - complete
8. Searching for vulnerabilities
>> Services: potentially dangerous service allowed: RemoteRegistry (Vzd?len? registr)
>> Services: potentially dangerous service allowed: TermService (Termin?lov? slu?ba)
>> Services: potentially dangerous service allowed: SSDPSRV (Slu?ba rozpozn?v?n? pomoc? protokolu SSDP)
>> Services: potentially dangerous service allowed: Schedule (Pl?nova? ?loh)
>> Services: potentially dangerous service allowed: mnmsrvc (NetMeeting - Vzd?len? sd?len? plochy)
>> Services: potentially dangerous service allowed: RDSessMgr (Spr?vce relac? n?pov?dy ke vzd?len? plo?e)
> Services: please bear in mind that the set of services depends on the use of the PC (home PC, office PC connected to corporate network, etc)!
>> Security: disk drives' autorun is enabled
>> Security: administrative shares (C$, D$ ...) are enabled
>> Security: anonymous user access is enabled
>> Security: sending Remote Assistant queries is enabled
Checking - complete
9. Troubleshooting wizard
 >>  HDD autorun is allowed
 >>  Network drives autorun is allowed
 >>  Removable media autorun is allowed
Checking - complete
Files scanned: 385, extracted from archives: 0, malicious software found 0, suspicions - 0
Scanning finished at 8.4.2010 20:20:01
Time of scanning: 00:00:20
If you have a suspicion on presence of viruses or questions on the suspected objects,
you can address http://virusinfo.info conference
Creating archive of files from Quarantine
Creating archive of files from Quarantine - complete
System Analysis in progress


Script commands
 

Add commands to script:
Additional operations:

File list