Zdravím uživatele tohoto úžasného serveru. Již delší dobu mám problém s chodem pracovního PC. Jelikož se na PC střídá více lidí a já nehlídám činnost mých zaměstnanců, předpokládám, že tam natáhli spoustu škodlivého software. Bohužel sám těmto věcem moc nerozumím, tak jsem po delším hledání došel až k Vám. Pravidelně zamrzá a pomáhá pouze tvrdý restart. Antivirus hlásí stále dokolo odhalení a vylečení trojského koně kryptik.sge. Poprosil bych tedy o kontrolu logu a předem vřelé díky.
ComboFix 11-08-31.04 - euro-nabytek 31.08.2011 21:01:24.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.342 [GMT 2:00]
Spuštěný z: c:\documents and settings\euro-nabytek\Dokumenty\Sta×enÚ soubory\ComboFix.exe
AV: ESET Smart Security 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000116_.tmp.dll
c:\windows\system32\488461300.dat
C:\XES17.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-28 do 2011-08-31 )))))))))))))))))))))))))))))))
.
.
2011-08-26 15:32 . 2011-08-26 15:41 -------- d-----w- C:\vypalit
2011-08-26 15:32 . 2011-08-26 15:32 -------- d-----w- C:\driver
2011-08-26 15:21 . 2011-08-26 15:21 -------- d-----w- c:\documents and settings\Administrator
2011-08-26 14:40 . 2011-08-30 22:00 -------- d-----w- c:\program files\PokerStars
2011-08-25 18:35 . 2011-08-25 18:35 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2011-08-16 08:09 . 2011-08-16 08:09 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\Rovio
2011-08-11 11:01 . 2011-08-11 11:01 -------- d-----w- c:\documents and settings\euro-nabytek\Local Settings\Data aplikací\Thinstall
2011-08-11 11:01 . 2011-08-11 11:01 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\Thinstall
2011-08-11 09:08 . 2011-08-11 09:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\vsosdk
2011-08-11 08:41 . 2011-08-11 08:43 -------- d-----w- c:\documents and settings\euro-nabytek\avidemux
2011-08-11 08:21 . 2011-08-11 08:24 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\PSpad
2011-08-11 08:21 . 2011-08-11 08:21 -------- d-----w- c:\program files\PSPad editor
2011-08-11 07:15 . 2011-08-25 18:14 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\Vso
2011-08-11 07:15 . 2010-02-09 14:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2011-08-11 07:15 . 2010-02-09 14:37 217127 ----a-w- c:\windows\system32\drv43260.dll
2011-08-11 07:15 . 2010-02-09 14:37 208935 ----a-w- c:\windows\system32\drv33260.dll
2011-08-11 07:15 . 2010-02-09 14:37 176165 ----a-w- c:\windows\system32\drv23260.dll
2011-08-11 07:15 . 2010-02-09 14:37 102439 ----a-w- c:\windows\system32\sipr3260.dll
2011-08-11 07:15 . 2010-02-09 14:37 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2011-08-11 07:15 . 2010-02-09 14:37 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2011-08-11 07:14 . 2011-08-11 07:15 -------- d-----w- c:\program files\VSO
2011-08-10 11:53 . 2011-08-10 11:53 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\DDMSettings
2011-08-10 06:22 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 06:22 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-03 23:27 . 2011-08-03 23:35 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\ImgBurn
2011-08-03 23:27 . 2011-08-03 23:27 -------- d-----w- c:\program files\ImgBurn
2011-08-03 23:26 . 2011-08-12 07:01 -------- d-----w- c:\program files\Ask.com
2011-08-03 22:50 . 2011-08-03 22:51 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\avidemux
2011-08-03 22:50 . 2011-08-03 23:17 -------- d-----w- c:\program files\Avidemux 2.5
2011-08-03 22:29 . 2011-08-22 18:13 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\DVD Flick
2011-08-03 22:29 . 2008-08-31 11:27 28672 ----a-w- c:\windows\system32\mousewheel.ocx
2011-08-03 22:29 . 2007-08-31 16:36 36864 ----a-w- c:\windows\system32\trayicon_handler.ocx
2011-08-03 22:29 . 2004-03-08 22:00 662288 ----a-w- c:\windows\system32\mscomct2.ocx
2011-08-03 22:29 . 2004-03-08 22:00 609824 ----a-w- c:\windows\system32\comctl32.ocx
2011-08-03 22:29 . 2003-01-26 11:41 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2011-08-03 22:29 . 1998-06-23 22:00 164144 ----a-w- c:\windows\system32\comct232.ocx
2011-08-03 22:29 . 2011-08-03 22:29 -------- d-----w- c:\program files\DVD Flick
2011-08-03 22:29 . 2004-03-08 22:00 212240 ----a-w- c:\windows\system32\richtx32.ocx
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-22 20:51 . 2010-03-10 19:29 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-13 08:47 . 2011-07-13 08:47 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2009-04-03 07:37 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-21 18:18 . 2004-08-18 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2011-06-21 18:18 . 2004-08-18 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-06-21 18:18 . 2004-08-18 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-06-21 18:16 . 2004-08-18 12:00 370176 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-18 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-08-31 18:37 . 2011-05-28 09:23 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-03-28 16:22 176936 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-03-28 16:22 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-07-26 16:23 1493160 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-03-28 176936]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-03-28 176936]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-26 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-12 148888]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-08-08 524288]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"TNOD UP"="c:\program files\TNod User & Password Finder\TNODUP.exe" [2010-04-01 1811968]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-07-26 397992]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\euro-nabytek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirPaceWifi]
2007-02-08 12:17 2240512 ----a-w- c:\program files\abit\abit uGuru\AirPacewifi.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2008-03-25 19:27 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-03-13 07:34 81920 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP2005]
2008-12-09 16:00 3259392 ----a-w- c:\program files\QIP\qip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2009-03-27 09:22 17567744 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 107256]
R1 eusk2par;Aladdin SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [26.3.2011 12:01 25680]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.5.2009 15:47 731840]
R3 AR2425;abit AirPace Wi-Fi Wireless Network Adapter Service;c:\windows\system32\drivers\aw5006.sys [3.4.2009 11:40 556832]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22.8.2010 9:14 136176]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.4.2009 19:15 1684736]
S3 eusk3usb;SmartKey 3 USB;c:\windows\system32\drivers\eusk3usb.sys [26.3.2011 12:01 43968]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [22.8.2010 9:14 136176]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [20.7.2011 16:19 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [20.7.2011 16:19 8576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-22 07:13]
.
2011-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-22 07:13]
.
2011-08-31 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-07-26 16:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\euro-nabytek\Data aplikací\Mozilla\Firefox\Profiles\zrfpu1jy.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-RegistryMechanic - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-TO2WCM Wireless Connection Client - c:\program files\TO2WCM\WCMuninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-31 21:08
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3360320AS rev.3.AAM -> Harddisk0\DR0 -> \Device\Ide\IdePort2 P2T0L0-5
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x86F18439]<<
c:\docume~1\EURO-N~1\LOCALS~1\Temp\catchme.sys
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x86f1e7d0]; MOV EAX, [0x86f1e84c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 nt!IofCallDriver[0x804E13B9] -> \Device\Harddisk0\DR0[0x86F6EAB8]
3 CLASSPNP[0xF764FFD7] -> nt!IofCallDriver[0x804E13B9] -> \Device\00000069[0x86F74F18]
5 ACPI[0xF75A6620] -> nt!IofCallDriver[0x804E13B9] -> [0x86F46940]
\Driver\atapi[0x86F68030] -> IRP_MJ_CREATE -> 0x86F18439
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
\Device\Ide\IdeDeviceP2T0L0-5 -> \??\IDE#DiskST3360320AS_____________________________3.AAM___#5&3029888d&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x86F1827F
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1136)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-08-31 21:11:57
ComboFix-quarantined-files.txt 2011-08-31 19:11
.
Před spuštěním: Volných bajtů: 124 589 494 272
Po spuštění: Volných bajtů: 124 626 685 952
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - CE26118F892A71CA2C171C2EC334BA5F
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kryptik.sge
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
revolver 123
- Návštěvník
- Příspěvky: 6
- Registrován: 04 zář 2011 09:46
Re: Kryptik.sge
Zdravím, díky za rychlou odpověď . Udělal jsem screen z karantény Eset smart sec.
-
revolver 123
- Návštěvník
- Příspěvky: 6
- Registrován: 04 zář 2011 09:46
Re: Kryptik.sge
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-09-04 11:41:33
-----------------------------
11:41:33.453 OS Version: Windows 5.1.2600 Service Pack 3
11:41:33.468 Number of processors: 2 586 0xF0D
11:41:33.468 ComputerName: EURO-EF89261C21 UserName: euro-nabytek
11:41:34.984 Initialize success
11:41:49.796 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdePort2
11:41:49.796 Disk 0 Vendor: ST3360320AS 3.AAM Size: 343399MB BusType: 3
11:41:49.796 Device \Device\Ide\IdeDeviceP2T0L0-5 -> \??\IDE#DiskST3360320AS_____________________________3.AAM___#5&3029888d&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} not found
11:41:49.796 Device \Driver\atapi -> DriverStartIo 86f1f27f
11:41:51.828 Disk 0 MBR read successfully
11:41:51.828 Disk 0 MBR scan
11:41:51.828 Disk 0 TDL4@MBR code has been found
11:41:51.828 Disk 0 Windows XP default MBR code found via API
11:41:51.828 Disk 0 MBR hidden
11:41:51.828 Disk 0 MBR [TDL4] **ROOTKIT**
11:41:51.828 Disk 0 trace - called modules:
11:41:51.828 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x86f1f439]<<
11:41:51.828 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f52ab8]
11:41:51.828 3 CLASSPNP.SYS[f7670fd7] -> nt!IofCallDriver -> \Device\0000006b[0x86f58510]
11:41:51.859 5 ACPI.sys[f75c7620] -> nt!IofCallDriver -> [0x86f55940]
11:41:51.875 \Driver\atapi[0x86f48320] -> IRP_MJ_CREATE -> 0x86f1f439
11:41:51.875 Scan finished successfully
11:42:22.218 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\euro-nabytek\Plocha\MBR.dat"
11:42:22.234 The log file has been saved successfully to "C:\Documents and Settings\euro-nabytek\Plocha\aswMBR.txt"
http://www.virustotal.com/file-scan/rep ... 1315128771
Run date: 2011-09-04 11:41:33
-----------------------------
11:41:33.453 OS Version: Windows 5.1.2600 Service Pack 3
11:41:33.468 Number of processors: 2 586 0xF0D
11:41:33.468 ComputerName: EURO-EF89261C21 UserName: euro-nabytek
11:41:34.984 Initialize success
11:41:49.796 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdePort2
11:41:49.796 Disk 0 Vendor: ST3360320AS 3.AAM Size: 343399MB BusType: 3
11:41:49.796 Device \Device\Ide\IdeDeviceP2T0L0-5 -> \??\IDE#DiskST3360320AS_____________________________3.AAM___#5&3029888d&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} not found
11:41:49.796 Device \Driver\atapi -> DriverStartIo 86f1f27f
11:41:51.828 Disk 0 MBR read successfully
11:41:51.828 Disk 0 MBR scan
11:41:51.828 Disk 0 TDL4@MBR code has been found
11:41:51.828 Disk 0 Windows XP default MBR code found via API
11:41:51.828 Disk 0 MBR hidden
11:41:51.828 Disk 0 MBR [TDL4] **ROOTKIT**
11:41:51.828 Disk 0 trace - called modules:
11:41:51.828 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x86f1f439]<<
11:41:51.828 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f52ab8]
11:41:51.828 3 CLASSPNP.SYS[f7670fd7] -> nt!IofCallDriver -> \Device\0000006b[0x86f58510]
11:41:51.859 5 ACPI.sys[f75c7620] -> nt!IofCallDriver -> [0x86f55940]
11:41:51.875 \Driver\atapi[0x86f48320] -> IRP_MJ_CREATE -> 0x86f1f439
11:41:51.875 Scan finished successfully
11:42:22.218 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\euro-nabytek\Plocha\MBR.dat"
11:42:22.234 The log file has been saved successfully to "C:\Documents and Settings\euro-nabytek\Plocha\aswMBR.txt"
http://www.virustotal.com/file-scan/rep ... 1315128771
-
revolver 123
- Návštěvník
- Příspěvky: 6
- Registrován: 04 zář 2011 09:46
Re: Kryptik.sge
Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011
Run by euro-nabytek at 4.9.2011 12:29:37
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
---\\ Web Browser
MSIE: Internet Explorer v6.0.2900.5512
MFIE: Mozilla Firefox 6.0.1 v6.0.1 (Defaut)
---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ System Information
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (43% free)
System Restore: Activé (Enable)
System drive C: has 120 GB (40%) free of 293 GB
---\\ Logged in mode
~ Computer Name: EURO-EF89261C21
~ User Name: euro-nabytek
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Guest, euro-nabytek, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\euro-nabytek\Data aplikací\
~ %Desktop% : C:\Documents and Settings\euro-nabytek\Plocha\
~ %Favorites% : C:\Documents and Settings\euro-nabytek\Oblíbené položky\
~ %LocalAppData% : C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\
~ %StartMenu% : C:\Documents and Settings\euro-nabytek\Nabídka Start\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 120 Go of 293 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 42 Go of 42 Go)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Search Generic System Files
[MD5.27AFD587C462E280EE046B8CCA3C2CD1] - (.Microsoft Corporation - Průzkumník Windows.) (.4.9.2011 - 4:22:22.) -- C:\WINDOWS\Explorer.exe [1034240]
[MD5.33FC9AB5D74633F257B879B401F70BBE] - (....) (.4.9.2011 - 4:22:43.) -- C:\WINDOWS\system32\rundll32.exe [33280]
[MD5.8DDA8DAA804D6F1106B3EE0CAD16BB5E] - (.Microsoft Corporation - Internet Extensions for Win32.) (.4.9.2011 - 19:18:03.) -- C:\WINDOWS\system32\wininet.dll [668160]
[MD5.CDDB1F8E1AEA356F3AD106F2CF9B7FEA] - (.Microsoft Corporation - Windows NT Logon Application.) (.4.9.2011 - 4:22:53.) -- C:\WINDOWS\system32\Winlogon.exe [507904]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.4.9.2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.4.9.2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 3/26
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 1/16
~ Mes Documents (My Documents) : 55/1835
~ Mon Bureau (My Desktop) : 178/9849
~ Menu demarrer (Programs) : 6/44
~ Scan Hidden Files in 00mn 58s
---\\ Running Processes
[MD5.4C3D94D722A35C4F8B03A0C44FA0C11A] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [573440] [PID.]
[MD5.A5F63285C1B6C4B396D9ACE0DFFC88EF] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [731840] [PID.]
[MD5.890369AED0DDE1A98F09F7DC239CA2BD] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [152984] [PID.]
[MD5.4F74184920B2D6E33024409B4C5C57C1] - (.Motive Communications, Inc. - mcci+McciCMService.) -- C:\Program Files\Common Files\Motive\McciCMService.exe [303104] [PID.]
[MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072] [PID.392]
[MD5.A2D390F1F2408B94EF34BFE3A00C29D3] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe [148888] [PID.260]
[MD5.7D58C9BDF9C0A3955BDCDE7387AD12AC] - (.Macrovision Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920] [PID.1032]
[MD5.BF75263F988B8686018AAB28E842D4C1] - (...) -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [524288] [PID.1044]
[MD5.03B1DC67F343BF2AF8CFEC3DCA09C943] - (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2029640] [PID.1532]
[MD5.0D9F0763B213DF519012DF96F02E9633] - (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [81920] [PID.2024]
[MD5.4EB0C6C3EF4D8885CF2B5D0062F31E44] - (.Unknown owner - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376] [PID.2044]
[MD5.2BE748D7B09312976176F17C9D787978] - (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe [887976] [PID.2060]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680] [PID.2184]
[MD5.8C1F87F5FDD92229D1754B98F073913F] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [633856] [PID.]
[MD5.2CDEC0582F250EB642A2699BAF22D33A] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [159744] [PID.]
[MD5.310401F975B4E1729AC7F5B956873F58] - (.Nokia - Serial Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe [120832] [PID.]
[MD5.9089100A22856513CBF35E18C552D53F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [PID.3480]
[MD5.A89788C5D2B246E9289489D3F156AD8C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.3924]
[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [669696] [PID.4072]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.]
~ Scan Processes Running in 00mn 00s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\heureka-cz.xml
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\jyxo-cz.xml
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\mall-cz.xml
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\seznam-cz.xml
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\slunecnice-cz.xml
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-cz.xml
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16241.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX, LLC - DivX Web Player version 2.1.2.265.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60310.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com
R0 - HKUS\S-1-5-21-1202660629-861567501-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://ie.search.msn.com
R1 - HKUS\S-1-5-21-1202660629-861567501-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: Modul přiřazení adres URL - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Shell Doc Object and Control Library.) (No version) -- %SystemRoot%\system32\shdocvw.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.4.1) -- C:\Program Files\uTorrentBar\prxtbuTor.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Hosts file redirection (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Plus Web Player HTML5 <video> version.) -- C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\uTorrentBar\prxtbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
~ Scan Toolbar in 00mn 00s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [ISUSPM Startup] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
O4 - HKLM\..\Run: [ISUSScheduler] . (.Macrovision Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] . (...) -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
O4 - HKLM\..\Run: [reset] regedit \s reset.reg
O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [DivXUpdate] . (.Unknown owner - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe
O4 - HKCU\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1202660629-861567501-725345543-1004\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
~ Scan Application in 00mn 00s
---\\ Extra items in the IE right-click menu (O8)
O8 - Extra context menu item: &ICQ Toolbar Search - (.not file.) - C:\Program Files\ICQToolbar\toolbaru.dll
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Od&eslat do aplikace OneNote - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} -- C:\Program Files\PokerStars\main.ico (.not file.)
O9 - Extra button: Od&eslat do aplikace OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Od&eslat do aplikace OneNote - {DDE87865-83C5-48c4-8357-2F5B1AA84522} -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (.not file.)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (.not file.)
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Poskytovatel služeb Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Poskytovatel služeb Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll
~ Scan Winsock in 00mn 00s
---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/sh ... wflash.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD9EEE2A-958F-4523-8E98-345F223AF0E3}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD9EEE2A-958F-4523-8E98-345F223AF0E3}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CS3\Services\Tcpip\..\{DD9EEE2A-958F-4523-8E98-345F223AF0E3}: DhcpNameServer = 10.0.0.138
~ Scan Domain in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Offline Network Agent.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - Secondary Logon Service Notification DLL.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Systray shell service object.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ Scan SSODL in 00mn 00s
---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Společnost Microsoft - Shell Browser UI Library.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Společnost Microsoft - Shell Browser UI Library.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart (ATI Smart) . (.Unknown owner - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) . (.Google Inc. - Instalační program Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService (McciCMService) . (.Motive Communications, Inc. - mcci+McciCMService.) - C:\Program Files\Common Files\Motive\McciCMService.exe
~ Scan Services in 00mn 00s
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: Aktuální domovská stránka - file:About:Home
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Scan Desktop Component in 00mn 00s
---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
~ Scan Scheduled Task in 00mn 00s
---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\WINDOWS\system32\DRIVERS\ehdrv.sys
O41 - Driver: (epfwtdi) . (.ESET - ESET Personal Firewall TDI filter.) - C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
O41 - Driver: (eusk2par) . (.Aladdin Knowledge Systems Ltd. - SmartKey Parallel Driver.) - C:\WINDOWS\system32\Drivers\eusk2par.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Processor Device Driver.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Keyboard Class Driver.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - HID Mouse Filter Driver.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Mouse Class Driver.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Redbook Audio Filter Driver.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Serial Device Driver.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 01s
---\\ Software installed (O42)
O42 - Logiciel: ALNO AG Kitchen Planner - (.ALNO AG.) [HKLM] -- {A89131FD-3D18-4DA8-84C8-622423011B51}_is1
O42 - Logiciel: ALNO AG Kitchen Planner 0.96b - (.ALNO AG.) [HKLM] -- {FD71DDAA-EED9-450B-9F91-FADD43DD9CED}_is1
O42 - Logiciel: ATI - Software Uninstall Utility - (.Unknown owner.) [HKLM] -- All ATI Software
O42 - Logiciel: ATI Catalyst Control Center - (.Unknown owner.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}
O42 - Logiciel: ATI Display Driver - (.Unknown owner.) [HKLM] -- ATI Display Driver
O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Aktualizace systému Windows XP (KB2141007) - (.Microsoft Corporation.) [HKLM] -- KB2141007
O42 - Logiciel: Aktualizace systému Windows XP (KB2345886) - (.Microsoft Corporation.) [HKLM] -- KB2345886
O42 - Logiciel: Aktualizace systému Windows XP (KB2467659) - (.Microsoft Corporation.) [HKLM] -- KB2467659
O42 - Logiciel: Aktualizace systému Windows XP (KB951978) - (.Microsoft Corporation.) [HKLM] -- KB951978
O42 - Logiciel: Aktualizace systému Windows XP (KB955759) - (.Microsoft Corporation.) [HKLM] -- KB955759
O42 - Logiciel: Aktualizace systému Windows XP (KB955839) - (.Microsoft Corporation.) [HKLM] -- KB955839
O42 - Logiciel: Aktualizace systému Windows XP (KB960763) - (.Microsoft Corporation.) [HKLM] -- KB960763
O42 - Logiciel: Aktualizace systému Windows XP (KB967715) - (.Microsoft Corporation.) [HKLM] -- KB967715
O42 - Logiciel: Aktualizace systému Windows XP (KB968389) - (.Microsoft Corporation.) [HKLM] -- KB968389
O42 - Logiciel: Aktualizace systému Windows XP (KB971029) - (.Microsoft Corporation.) [HKLM] -- KB971029
O42 - Logiciel: Aktualizace systému Windows XP (KB971737) - (.Microsoft Corporation.) [HKLM] -- KB971737
O42 - Logiciel: Aktualizace systému Windows XP (KB973687) - (.Microsoft Corporation.) [HKLM] -- KB973687
O42 - Logiciel: Aktualizace systému Windows XP (KB973815) - (.Microsoft Corporation.) [HKLM] -- KB973815
O42 - Logiciel: Aktualizace systému Windows XP (KB976749) - (.Microsoft Corporation.) [HKLM] -- KB976749
O42 - Logiciel: Aktualizace systému Windows XP (KB978207) - (.Microsoft Corporation.) [HKLM] -- KB978207
O42 - Logiciel: Aktualizace systému Windows XP (KB980182) - (.Microsoft Corporation.) [HKLM] -- KB980182
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB2378111) - (.Microsoft Corporation.) [HKLM] -- KB2378111_WM9
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB952069) - (.Microsoft Corporation.) [HKLM] -- KB952069_WM9
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB954155) - (.Microsoft Corporation.) [HKLM] -- KB954155_WM9
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB968816) - (.Microsoft Corporation.) [HKLM] -- KB968816_WM9
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB973540) - (.Microsoft Corporation.) [HKLM] -- KB973540_WM9L
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB975558) - (.Microsoft Corporation.) [HKLM] -- KB975558_WM8
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB978695) - (.Microsoft Corporation.) [HKLM] -- KB978695_WM9
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player 11 (KB936782) - (.Microsoft Corporation.) [HKLM] -- KB936782_WMP11
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154) - (.Microsoft Corporation.) [HKLM] -- KB954154_WM11
O42 - Logiciel: Aktualizace zabezpečení produktu Windows XP (KB941569) - (.Microsoft Corporation.) [HKLM] -- KB941569
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2079403) - (.Microsoft Corporation.) [HKLM] -- KB2079403
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2115168) - (.Microsoft Corporation.) [HKLM] -- KB2115168
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2121546) - (.Microsoft Corporation.) [HKLM] -- KB2121546
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2160329) - (.Microsoft Corporation.) [HKLM] -- KB2160329
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2183461) - (.Microsoft Corporation.) [HKLM] -- KB2183461
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2229593) - (.Microsoft Corporation.) [HKLM] -- KB2229593
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2259922) - (.Microsoft Corporation.) [HKLM] -- KB2259922
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2279986) - (.Microsoft Corporation.) [HKLM] -- KB2279986
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2286198) - (.Microsoft Corporation.) [HKLM] -- KB2286198
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2296011) - (.Microsoft Corporation.) [HKLM] -- KB2296011
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2296199) - (.Microsoft Corporation.) [HKLM] -- KB2296199
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2347290) - (.Microsoft Corporation.) [HKLM] -- KB2347290
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2360131) - (.Microsoft Corporation.) [HKLM] -- KB2360131
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2360937) - (.Microsoft Corporation.) [HKLM] -- KB2360937
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2387149) - (.Microsoft Corporation.) [HKLM] -- KB2387149
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2393802) - (.Microsoft Corporation.) [HKLM] -- KB2393802
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2412687) - (.Microsoft Corporation.) [HKLM] -- KB2412687
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2416400) - (.Microsoft Corporation.) [HKLM] -- KB2416400
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2419632) - (.Microsoft Corporation.) [HKLM] -- KB2419632
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2423089) - (.Microsoft Corporation.) [HKLM] -- KB2423089
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2436673) - (.Microsoft Corporation.) [HKLM] -- KB2436673
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2440591) - (.Microsoft Corporation.) [HKLM] -- KB2440591
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2443105) - (.Microsoft Corporation.) [HKLM] -- KB2443105
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2476687) - (.Microsoft Corporation.) [HKLM] -- KB2476687
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2478960) - (.Microsoft Corporation.) [HKLM] -- KB2478960
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2478971) - (.Microsoft Corporation.) [HKLM] -- KB2478971
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2479628) - (.Microsoft Corporation.) [HKLM] -- KB2479628
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2481109) - (.Microsoft Corporation.) [HKLM] -- KB2481109
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2482017) - (.Microsoft Corporation.) [HKLM] -- KB2482017
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2483185) - (.Microsoft Corporation.) [HKLM] -- KB2483185
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2485376) - (.Microsoft Corporation.) [HKLM] -- KB2485376
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2485663) - (.Microsoft Corporation.) [HKLM] -- KB2485663
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2497640) - (.Microsoft Corporation.) [HKLM] -- KB2497640
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2503658) - (.Microsoft Corporation.) [HKLM] -- KB2503658
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2506212) - (.Microsoft Corporation.) [HKLM] -- KB2506212
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2506223) - (.Microsoft Corporation.) [HKLM] -- KB2506223
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2507618) - (.Microsoft Corporation.) [HKLM] -- KB2507618
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2508272) - (.Microsoft Corporation.) [HKLM] -- KB2508272
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2508429) - (.Microsoft Corporation.) [HKLM] -- KB2508429
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2509553) - (.Microsoft Corporation.) [HKLM] -- KB2509553
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2510581) - (.Microsoft Corporation.) [HKLM] -- KB2510581
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2511455) - (.Microsoft Corporation.) [HKLM] -- KB2511455
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2524375) - (.Microsoft Corporation.) [HKLM] -- KB2524375
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2536276-v2) - (.Microsoft Corporation.) [HKLM] -- KB2536276-v2
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2559049) - (.Microsoft Corporation.) [HKLM] -- KB2559049
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2562937) - (.Microsoft Corporation.) [HKLM] -- KB2562937
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2566454) - (.Microsoft Corporation.) [HKLM] -- KB2566454
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2567680) - (.Microsoft Corporation.) [HKLM] -- KB2567680
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2570222) - (.Microsoft Corporation.) [HKLM] -- KB2570222
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB923561) - (.Microsoft Corporation.) [HKLM] -- KB923561
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB938464-v2) - (.Microsoft Corporation.) [HKLM] -- KB938464-v2
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB946648) - (.Microsoft Corporation.) [HKLM] -- KB946648
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB950760) - (.Microsoft Corporation.) [HKLM] -- KB950760
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB950762) - (.Microsoft Corporation.) [HKLM] -- KB950762
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB950974) - (.Microsoft Corporation.) [HKLM] -- KB950974
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB951066) - (.Microsoft Corporation.) [HKLM] -- KB951066
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB951376-v2) - (.Microsoft Corporation.) [HKLM] -- KB951376-v2
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB951698) - (.Microsoft Corporation.) [HKLM] -- KB951698
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB951748) - (.Microsoft Corporation.) [HKLM] -- KB951748
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB952004) - (.Microsoft Corporation.) [HKLM] -- KB952004
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB952954) - (.Microsoft Corporation.) [HKLM] -- KB952954
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB954600) - (.Microsoft Corporation.) [HKLM] -- KB954600
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB955069) - (.Microsoft Corporation.) [HKLM] -- KB955069
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB956572) - (.Microsoft Corporation.) [HKLM] -- KB956572
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB956744) - (.Microsoft Corporation.) [HKLM] -- KB956744
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB956802) - (.Microsoft Corporation.) [HKLM] -- KB956802
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB956803) - (.Microsoft Corporation.) [HKLM] -- KB956803
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB956841) - (.Microsoft Corporation.) [HKLM] -- KB956841
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB956844) - (.Microsoft Corporation.) [HKLM] -- KB956844
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB957097) - (.Microsoft Corporation.) [HKLM] -- KB957097
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB958215) - (.Microsoft Corporation.) [HKLM] -- KB958215
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB958644) - (.Microsoft Corporation.) [HKLM] -- KB958644
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB958687) - (.Microsoft Corporation.) [HKLM] -- KB958687
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB958690) - (.Microsoft Corporation.) [HKLM] -- KB958690
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB958869) - (.Microsoft Corporation.) [HKLM] -- KB958869
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB959426) - (.Microsoft Corporation.) [HKLM] -- KB959426
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB960225) - (.Microsoft Corporation.) [HKLM] -- KB960225
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB960714) - (.Microsoft Corporation.) [HKLM] -- KB960714
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB960715) - (.Microsoft Corporation.) [HKLM] -- KB960715
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB960803) - (.Microsoft Corporation.) [HKLM] -- KB960803
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB960859) - (.Microsoft Corporation.) [HKLM] -- KB960859
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB961371) - (.Microsoft Corporation.) [HKLM] -- KB961371
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB961373) - (.Microsoft Corporation.) [HKLM] -- KB961373
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB961501) - (.Microsoft Corporation.) [HKLM] -- KB961501
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB963027) - (.Microsoft Corporation.) [HKLM] -- KB963027
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB968537) - (.Microsoft Corporation.) [HKLM] -- KB968537
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB969059) - (.Microsoft Corporation.) [HKLM] -- KB969059
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB969897) - (.Microsoft Corporation.) [HKLM] -- KB969897
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB969898) - (.Microsoft Corporation.) [HKLM] -- KB969898
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB969947) - (.Microsoft Corporation.) [HKLM] -- KB969947
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB970238) - (.Microsoft Corporation.) [HKLM] -- KB970238
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB970430) - (.Microsoft Corporation.) [HKLM] -- KB970430
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB971468) - (.Microsoft Corporation.) [HKLM] -- KB971468
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB971486) - (.Microsoft Corporation.) [HKLM] -- KB971486
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB971557) - (.Microsoft Corporation.) [HKLM] -- KB971557
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB971633) - (.Microsoft Corporation.) [HKLM] -- KB971633
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB971657) - (.Microsoft Corporation.) [HKLM] -- KB971657
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB972260) - (.Microsoft Corporation.) [HKLM] -- KB972260
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB972270) - (.Microsoft Corporation.) [HKLM] -- KB972270
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB973346) - (.Microsoft Corporation.) [HKLM] -- KB973346
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB973354) - (.Microsoft Corporation.) [HKLM] -- KB973354
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB973507) - (.Microsoft Corporation.) [HKLM] -- KB973507
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB973525) - (.Microsoft Corporation.) [HKLM] -- KB973525
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB973869) - (.Microsoft Corporation.) [HKLM] -- KB973869
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB973904) - (.Microsoft Corporation.) [HKLM] -- KB973904
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB974112) - (.Microsoft Corporation.) [HKLM] -- KB974112
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB974318) - (.Microsoft Corporation.) [HKLM] -- KB974318
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB974392) - (.Microsoft Corporation.) [HKLM] -- KB974392
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB974455) - (.Microsoft Corporation.) [HKLM] -- KB974455
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB974571) - (.Microsoft Corporation.) [HKLM] -- KB974571
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB975025) - (.Microsoft Corporation.) [HKLM] -- KB975025
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB975467) - (.Microsoft Corporation.) [HKLM] -- KB975467
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB975560) - (.Microsoft Corporation.) [HKLM] -- KB975560
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB975561) - (.Microsoft Corporation.) [HKLM] -- KB975561
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB975562) - (.Microsoft Corporation.) [HKLM] -- KB975562
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB975713) - (.Microsoft Corporation.) [HKLM] -- KB975713
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB977165) - (.Microsoft Corporation.) [HKLM] -- KB977165
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB977816) - (.Microsoft Corporation.) [HKLM] -- KB977816
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB977914) - (.Microsoft Corporation.) [HKLM] -- KB977914
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978037) - (.Microsoft Corporation.) [HKLM] -- KB978037
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978251) - (.Microsoft Corporation.) [HKLM] -- KB978251
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978262) - (.Microsoft Corporation.) [HKLM] -- KB978262
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978338) - (.Microsoft Corporation.) [HKLM] -- KB978338
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978542) - (.Microsoft Corporation.) [HKLM] -- KB978542
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978601) - (.Microsoft Corporation.) [HKLM] -- KB978601
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978706) - (.Microsoft Corporation.) [HKLM] -- KB978706
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB979309) - (.Microsoft Corporation.) [HKLM] -- KB979309
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB979482) - (.Microsoft Corporation.) [HKLM] -- KB979482
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB979559) - (.Microsoft Corporation.) [HKLM] -- KB979559
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB979683) - (.Microsoft Corporation.) [HKLM] -- KB979683
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB979687) - (.Microsoft Corporation.) [HKLM] -- KB979687
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB980195) - (.Microsoft Corporation.) [HKLM] -- KB980195
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB980218) - (.Microsoft Corporation.) [HKLM] -- KB980218
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB980232) - (.Microsoft Corporation.) [HKLM] -- KB980232
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB980436) - (.Microsoft Corporation.) [HKLM] -- KB980436
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB981322) - (.Microsoft Corporation.) [HKLM] -- KB981322
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB981349) - (.Microsoft Corporation.) [HKLM] -- KB981349
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB981852) - (.Microsoft Corporation.) [HKLM] -- KB981852
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB981957) - (.Microsoft Corporation.) [HKLM] -- KB981957
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB981997) - (.Microsoft Corporation.) [HKLM] -- KB981997
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB982132) - (.Microsoft Corporation.) [HKLM] -- KB982132
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB982214) - (.Microsoft Corporation.) [HKLM] -- KB982214
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB982381) - (.Microsoft Corporation.) [HKLM] -- KB982381
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB982665) - (.Microsoft Corporation.) [HKLM] -- KB982665
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB982802) - (.Microsoft Corporation.) [HKLM] -- KB982802
O42 - Logiciel: Avidemux 2.5 (32-bit) - (.Unknown owner.) [HKLM] -- Avidemux 2.5
O42 - Logiciel: Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) - (.Nokia.) [HKLM] -- E0AC723A3DE3A04256288CADBBB011B112AED454
O42 - Logiciel: Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) - (.Nokia.) [HKLM] -- 72A50F48CC5601190B9C4E74D81161693133E7F7
O42 - Logiciel: Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine
O42 - Logiciel: ConvertXtoDVD 4.1.1.334 - (.Unknown owner.) [HKLM] -- {DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1
O42 - Logiciel: CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension - (.Corel Corporation.) [HKLM] -- _{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
O42 - Logiciel: DVD Flick 1.3.0.7 - (.Dennis Meuwissen.) [HKLM] -- DVD Flick_is1
O42 - Logiciel: DVDFab 8.0.5.5 (04/12/2010) - (.Fengtao Software Inc..) [HKLM] -- DVDFab 8_is1
O42 - Logiciel: DivX Setup - (.DivX, LLC.) [HKLM] -- DivX Setup
O42 - Logiciel: Důležitá aktualizace aplikace Windows Media Player 11 (KB959772) - (.Microsoft Corporation.) [HKLM] -- KB959772_WM11
O42 - Logiciel: EVEREST Ultimate Edition v5.50 - (.Lavalys, Inc..) [HKLM] -- EVEREST Ultimate Edition_is1
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] -- GOM Player
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: HP Customer Participation Program 11.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 - (.HP.) [HKLM] -- {C3B6AEB1-390C-4792-8677-CD87F8B2C959}
O42 - Logiciel: HP Imaging Device Functions 11.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Solution Center 11.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: HyperSnap 6 - (.Hyperionics Technology LLC.) [HKLM] -- HyperSnap 6
O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM] -- ImgBurn
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wudf01009
O42 - Logiciel: Mozilla Firefox 6.0.1 (x86 cs) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.1 (x86 cs)
O42 - Logiciel: Nero 6 Ultra Edition - (.Unknown owner.) [HKLM] -- Nero - Burning Rom!UninstallKey
O42 - Logiciel: NeroVision Express 2 - (.Unknown owner.) [HKLM] -- NeroVision!UninstallKey
O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- Nokia PC Suite
O42 - Logiciel: O2CPlayerAC - (.SOFTconsult spol. s.r.o..) [HKLM] -- InstallShield_{BB83E624-F15E-416E-A6DB-2C5245AE90D2}
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB2443685) - (.Microsoft Corporation.) [HKLM] -- KB2443685
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB2570791) - (.Microsoft Corporation.) [HKLM] -- KB2570791
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB952287) - (.Microsoft Corporation.) [HKLM] -- KB952287
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB970653-v3) - (.Microsoft Corporation.) [HKLM] -- KB970653-v3
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB976098-v2) - (.Microsoft Corporation.) [HKLM] -- KB976098-v2
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB979306) - (.Microsoft Corporation.) [HKLM] -- KB979306
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB981793) - (.Microsoft Corporation.) [HKLM] -- KB981793
O42 - Logiciel: Oprava hotfix aplikace Windows Media Player 11 (KB939683) - (.Microsoft Corporation.) [HKLM] -- KB939683
O42 - Logiciel: PSPad editor - (.Jan Fiala.) [HKLM] -- PSPad editor_is1
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM] -- PokerStars
O42 - Logiciel: QIP 2005 8080 - (.Unknown owner.) [HKLM] -- QIP 2005_is1
O42 - Logiciel: REALTEK GbE & FE Ethernet PCI-E NIC Driver - (.Realtek.) [HKLM] -- {C9BED750-1211-4480-B1A5-718A3BE15525}
O42 - Logiciel: Real Alternative 2.0.2 - (.Unknown owner.) [HKLM] -- RealAlt_is1
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Registry Mechanic 6.0 - (.PC Tools.) [HKLM] -- Registry Mechanic_is1
O42 - Logiciel: Samsung CLP-310 Series - (.Samsung Electronics CO.,LTD.) [HKLM] -- Samsung CLP-310 Series
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CEF209AB-F96D-404F-B5CC-44057C057CA3}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}
O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1365864D-4C58-489D-9982-844D75691CCC}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2586924) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}
O42 - Logiciel: VobSub v2.23 (Remove Only) - (.Unknown owner.) [HKLM] -- VobSub
O42 - Logiciel: WMP Tag Plus 1.2 - (.BM-productions.) [HKLM] -- {80C3019B-3BA4-4674-AC90-A0B402593BA5}_is1
O42 - Logiciel: WinRAR - (.Unknown owner.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Unknown owner.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows Media Player 11 - (.Unknown owner.) [HKLM] -- Windows Media Player
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service Pack
O42 - Logiciel: Xiph.Org Open Codecs 0.85.17777 - (.Xiph.Org.) [HKLM] -- Open Codecs
O42 - Logiciel: abit AirPace Wi-Fi - (.Universal abit.) [HKLM] -- {1C9A45C6-A367-472F-8FC7-45B10D661BF1}
O42 - Logiciel: ffdshow [rev 2527] [2008-12-19] - (.Unknown owner.) [HKLM] -- ffdshow_is1
O42 - Logiciel: uTorrentBar Toolbar - (.uTorrentBar.) [HKLM] -- uTorrentBar Toolbar
O42 - Logiciel: µTorrent - (.Unknown owner.) [HKCU] -- uTorrent
O42 - Logiciel: µTorrent - (.Unknown owner.) [HKLM] -- uTorrent
O42 - Logiciel: µTorrent CZ 1.8.2 (build 15196) - (.emc.) [HKLM] -- µTorrent CZ_is1
Run by euro-nabytek at 4.9.2011 12:29:37
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
---\\ Web Browser
MSIE: Internet Explorer v6.0.2900.5512
MFIE: Mozilla Firefox 6.0.1 v6.0.1 (Defaut)
---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ System Information
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (43% free)
System Restore: Activé (Enable)
System drive C: has 120 GB (40%) free of 293 GB
---\\ Logged in mode
~ Computer Name: EURO-EF89261C21
~ User Name: euro-nabytek
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Guest, euro-nabytek, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\euro-nabytek\Data aplikací\
~ %Desktop% : C:\Documents and Settings\euro-nabytek\Plocha\
~ %Favorites% : C:\Documents and Settings\euro-nabytek\Oblíbené položky\
~ %LocalAppData% : C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\
~ %StartMenu% : C:\Documents and Settings\euro-nabytek\Nabídka Start\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 120 Go of 293 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 42 Go of 42 Go)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Search Generic System Files
[MD5.27AFD587C462E280EE046B8CCA3C2CD1] - (.Microsoft Corporation - Průzkumník Windows.) (.4.9.2011 - 4:22:22.) -- C:\WINDOWS\Explorer.exe [1034240]
[MD5.33FC9AB5D74633F257B879B401F70BBE] - (....) (.4.9.2011 - 4:22:43.) -- C:\WINDOWS\system32\rundll32.exe [33280]
[MD5.8DDA8DAA804D6F1106B3EE0CAD16BB5E] - (.Microsoft Corporation - Internet Extensions for Win32.) (.4.9.2011 - 19:18:03.) -- C:\WINDOWS\system32\wininet.dll [668160]
[MD5.CDDB1F8E1AEA356F3AD106F2CF9B7FEA] - (.Microsoft Corporation - Windows NT Logon Application.) (.4.9.2011 - 4:22:53.) -- C:\WINDOWS\system32\Winlogon.exe [507904]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.4.9.2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.4.9.2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 3/26
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 1/16
~ Mes Documents (My Documents) : 55/1835
~ Mon Bureau (My Desktop) : 178/9849
~ Menu demarrer (Programs) : 6/44
~ Scan Hidden Files in 00mn 58s
---\\ Running Processes
[MD5.4C3D94D722A35C4F8B03A0C44FA0C11A] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [573440] [PID.]
[MD5.A5F63285C1B6C4B396D9ACE0DFFC88EF] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [731840] [PID.]
[MD5.890369AED0DDE1A98F09F7DC239CA2BD] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [152984] [PID.]
[MD5.4F74184920B2D6E33024409B4C5C57C1] - (.Motive Communications, Inc. - mcci+McciCMService.) -- C:\Program Files\Common Files\Motive\McciCMService.exe [303104] [PID.]
[MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072] [PID.392]
[MD5.A2D390F1F2408B94EF34BFE3A00C29D3] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe [148888] [PID.260]
[MD5.7D58C9BDF9C0A3955BDCDE7387AD12AC] - (.Macrovision Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920] [PID.1032]
[MD5.BF75263F988B8686018AAB28E842D4C1] - (...) -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [524288] [PID.1044]
[MD5.03B1DC67F343BF2AF8CFEC3DCA09C943] - (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2029640] [PID.1532]
[MD5.0D9F0763B213DF519012DF96F02E9633] - (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [81920] [PID.2024]
[MD5.4EB0C6C3EF4D8885CF2B5D0062F31E44] - (.Unknown owner - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376] [PID.2044]
[MD5.2BE748D7B09312976176F17C9D787978] - (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe [887976] [PID.2060]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680] [PID.2184]
[MD5.8C1F87F5FDD92229D1754B98F073913F] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [633856] [PID.]
[MD5.2CDEC0582F250EB642A2699BAF22D33A] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [159744] [PID.]
[MD5.310401F975B4E1729AC7F5B956873F58] - (.Nokia - Serial Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe [120832] [PID.]
[MD5.9089100A22856513CBF35E18C552D53F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [PID.3480]
[MD5.A89788C5D2B246E9289489D3F156AD8C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.3924]
[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [669696] [PID.4072]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.]
~ Scan Processes Running in 00mn 00s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\heureka-cz.xml
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\jyxo-cz.xml
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\mall-cz.xml
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\seznam-cz.xml
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\slunecnice-cz.xml
M3 - MFPP: Plugins - [euro-nabytek] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-cz.xml
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16241.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX, LLC - DivX Web Player version 2.1.2.265.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60310.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com
R0 - HKUS\S-1-5-21-1202660629-861567501-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://ie.search.msn.com
R1 - HKUS\S-1-5-21-1202660629-861567501-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: Modul přiřazení adres URL - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Shell Doc Object and Control Library.) (No version) -- %SystemRoot%\system32\shdocvw.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.4.1) -- C:\Program Files\uTorrentBar\prxtbuTor.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Hosts file redirection (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Plus Web Player HTML5 <video> version.) -- C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\uTorrentBar\prxtbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
~ Scan Toolbar in 00mn 00s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [ISUSPM Startup] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
O4 - HKLM\..\Run: [ISUSScheduler] . (.Macrovision Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] . (...) -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
O4 - HKLM\..\Run: [reset] regedit \s reset.reg
O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [DivXUpdate] . (.Unknown owner - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe
O4 - HKCU\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1202660629-861567501-725345543-1004\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
~ Scan Application in 00mn 00s
---\\ Extra items in the IE right-click menu (O8)
O8 - Extra context menu item: &ICQ Toolbar Search - (.not file.) - C:\Program Files\ICQToolbar\toolbaru.dll
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Od&eslat do aplikace OneNote - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} -- C:\Program Files\PokerStars\main.ico (.not file.)
O9 - Extra button: Od&eslat do aplikace OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Od&eslat do aplikace OneNote - {DDE87865-83C5-48c4-8357-2F5B1AA84522} -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (.not file.)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (.not file.)
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Poskytovatel služeb Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Poskytovatel služeb Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll
~ Scan Winsock in 00mn 00s
---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/sh ... wflash.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD9EEE2A-958F-4523-8E98-345F223AF0E3}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD9EEE2A-958F-4523-8E98-345F223AF0E3}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CS3\Services\Tcpip\..\{DD9EEE2A-958F-4523-8E98-345F223AF0E3}: DhcpNameServer = 10.0.0.138
~ Scan Domain in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Offline Network Agent.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - Secondary Logon Service Notification DLL.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Systray shell service object.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ Scan SSODL in 00mn 00s
---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Společnost Microsoft - Shell Browser UI Library.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Společnost Microsoft - Shell Browser UI Library.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart (ATI Smart) . (.Unknown owner - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) . (.Google Inc. - Instalační program Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService (McciCMService) . (.Motive Communications, Inc. - mcci+McciCMService.) - C:\Program Files\Common Files\Motive\McciCMService.exe
~ Scan Services in 00mn 00s
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: Aktuální domovská stránka - file:About:Home
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Scan Desktop Component in 00mn 00s
---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
~ Scan Scheduled Task in 00mn 00s
---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\WINDOWS\system32\DRIVERS\ehdrv.sys
O41 - Driver: (epfwtdi) . (.ESET - ESET Personal Firewall TDI filter.) - C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
O41 - Driver: (eusk2par) . (.Aladdin Knowledge Systems Ltd. - SmartKey Parallel Driver.) - C:\WINDOWS\system32\Drivers\eusk2par.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Processor Device Driver.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Keyboard Class Driver.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - HID Mouse Filter Driver.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Mouse Class Driver.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Redbook Audio Filter Driver.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Serial Device Driver.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 01s
---\\ Software installed (O42)
O42 - Logiciel: ALNO AG Kitchen Planner - (.ALNO AG.) [HKLM] -- {A89131FD-3D18-4DA8-84C8-622423011B51}_is1
O42 - Logiciel: ALNO AG Kitchen Planner 0.96b - (.ALNO AG.) [HKLM] -- {FD71DDAA-EED9-450B-9F91-FADD43DD9CED}_is1
O42 - Logiciel: ATI - Software Uninstall Utility - (.Unknown owner.) [HKLM] -- All ATI Software
O42 - Logiciel: ATI Catalyst Control Center - (.Unknown owner.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}
O42 - Logiciel: ATI Display Driver - (.Unknown owner.) [HKLM] -- ATI Display Driver
O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Aktualizace systému Windows XP (KB2141007) - (.Microsoft Corporation.) [HKLM] -- KB2141007
O42 - Logiciel: Aktualizace systému Windows XP (KB2345886) - (.Microsoft Corporation.) [HKLM] -- KB2345886
O42 - Logiciel: Aktualizace systému Windows XP (KB2467659) - (.Microsoft Corporation.) [HKLM] -- KB2467659
O42 - Logiciel: Aktualizace systému Windows XP (KB951978) - (.Microsoft Corporation.) [HKLM] -- KB951978
O42 - Logiciel: Aktualizace systému Windows XP (KB955759) - (.Microsoft Corporation.) [HKLM] -- KB955759
O42 - Logiciel: Aktualizace systému Windows XP (KB955839) - (.Microsoft Corporation.) [HKLM] -- KB955839
O42 - Logiciel: Aktualizace systému Windows XP (KB960763) - (.Microsoft Corporation.) [HKLM] -- KB960763
O42 - Logiciel: Aktualizace systému Windows XP (KB967715) - (.Microsoft Corporation.) [HKLM] -- KB967715
O42 - Logiciel: Aktualizace systému Windows XP (KB968389) - (.Microsoft Corporation.) [HKLM] -- KB968389
O42 - Logiciel: Aktualizace systému Windows XP (KB971029) - (.Microsoft Corporation.) [HKLM] -- KB971029
O42 - Logiciel: Aktualizace systému Windows XP (KB971737) - (.Microsoft Corporation.) [HKLM] -- KB971737
O42 - Logiciel: Aktualizace systému Windows XP (KB973687) - (.Microsoft Corporation.) [HKLM] -- KB973687
O42 - Logiciel: Aktualizace systému Windows XP (KB973815) - (.Microsoft Corporation.) [HKLM] -- KB973815
O42 - Logiciel: Aktualizace systému Windows XP (KB976749) - (.Microsoft Corporation.) [HKLM] -- KB976749
O42 - Logiciel: Aktualizace systému Windows XP (KB978207) - (.Microsoft Corporation.) [HKLM] -- KB978207
O42 - Logiciel: Aktualizace systému Windows XP (KB980182) - (.Microsoft Corporation.) [HKLM] -- KB980182
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB2378111) - (.Microsoft Corporation.) [HKLM] -- KB2378111_WM9
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB952069) - (.Microsoft Corporation.) [HKLM] -- KB952069_WM9
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB954155) - (.Microsoft Corporation.) [HKLM] -- KB954155_WM9
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB968816) - (.Microsoft Corporation.) [HKLM] -- KB968816_WM9
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB973540) - (.Microsoft Corporation.) [HKLM] -- KB973540_WM9L
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB975558) - (.Microsoft Corporation.) [HKLM] -- KB975558_WM8
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player (KB978695) - (.Microsoft Corporation.) [HKLM] -- KB978695_WM9
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player 11 (KB936782) - (.Microsoft Corporation.) [HKLM] -- KB936782_WMP11
O42 - Logiciel: Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154) - (.Microsoft Corporation.) [HKLM] -- KB954154_WM11
O42 - Logiciel: Aktualizace zabezpečení produktu Windows XP (KB941569) - (.Microsoft Corporation.) [HKLM] -- KB941569
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2079403) - (.Microsoft Corporation.) [HKLM] -- KB2079403
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2115168) - (.Microsoft Corporation.) [HKLM] -- KB2115168
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2121546) - (.Microsoft Corporation.) [HKLM] -- KB2121546
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2160329) - (.Microsoft Corporation.) [HKLM] -- KB2160329
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2183461) - (.Microsoft Corporation.) [HKLM] -- KB2183461
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2229593) - (.Microsoft Corporation.) [HKLM] -- KB2229593
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2259922) - (.Microsoft Corporation.) [HKLM] -- KB2259922
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2279986) - (.Microsoft Corporation.) [HKLM] -- KB2279986
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2286198) - (.Microsoft Corporation.) [HKLM] -- KB2286198
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2296011) - (.Microsoft Corporation.) [HKLM] -- KB2296011
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2296199) - (.Microsoft Corporation.) [HKLM] -- KB2296199
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2347290) - (.Microsoft Corporation.) [HKLM] -- KB2347290
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2360131) - (.Microsoft Corporation.) [HKLM] -- KB2360131
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2360937) - (.Microsoft Corporation.) [HKLM] -- KB2360937
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2387149) - (.Microsoft Corporation.) [HKLM] -- KB2387149
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2393802) - (.Microsoft Corporation.) [HKLM] -- KB2393802
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2412687) - (.Microsoft Corporation.) [HKLM] -- KB2412687
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2416400) - (.Microsoft Corporation.) [HKLM] -- KB2416400
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2419632) - (.Microsoft Corporation.) [HKLM] -- KB2419632
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2423089) - (.Microsoft Corporation.) [HKLM] -- KB2423089
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2436673) - (.Microsoft Corporation.) [HKLM] -- KB2436673
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2440591) - (.Microsoft Corporation.) [HKLM] -- KB2440591
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2443105) - (.Microsoft Corporation.) [HKLM] -- KB2443105
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2476687) - (.Microsoft Corporation.) [HKLM] -- KB2476687
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2478960) - (.Microsoft Corporation.) [HKLM] -- KB2478960
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2478971) - (.Microsoft Corporation.) [HKLM] -- KB2478971
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2479628) - (.Microsoft Corporation.) [HKLM] -- KB2479628
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2481109) - (.Microsoft Corporation.) [HKLM] -- KB2481109
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2482017) - (.Microsoft Corporation.) [HKLM] -- KB2482017
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2483185) - (.Microsoft Corporation.) [HKLM] -- KB2483185
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2485376) - (.Microsoft Corporation.) [HKLM] -- KB2485376
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2485663) - (.Microsoft Corporation.) [HKLM] -- KB2485663
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2497640) - (.Microsoft Corporation.) [HKLM] -- KB2497640
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2503658) - (.Microsoft Corporation.) [HKLM] -- KB2503658
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2506212) - (.Microsoft Corporation.) [HKLM] -- KB2506212
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2506223) - (.Microsoft Corporation.) [HKLM] -- KB2506223
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2507618) - (.Microsoft Corporation.) [HKLM] -- KB2507618
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2508272) - (.Microsoft Corporation.) [HKLM] -- KB2508272
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2508429) - (.Microsoft Corporation.) [HKLM] -- KB2508429
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2509553) - (.Microsoft Corporation.) [HKLM] -- KB2509553
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2510581) - (.Microsoft Corporation.) [HKLM] -- KB2510581
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2511455) - (.Microsoft Corporation.) [HKLM] -- KB2511455
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2524375) - (.Microsoft Corporation.) [HKLM] -- KB2524375
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2536276-v2) - (.Microsoft Corporation.) [HKLM] -- KB2536276-v2
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2559049) - (.Microsoft Corporation.) [HKLM] -- KB2559049
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2562937) - (.Microsoft Corporation.) [HKLM] -- KB2562937
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2566454) - (.Microsoft Corporation.) [HKLM] -- KB2566454
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2567680) - (.Microsoft Corporation.) [HKLM] -- KB2567680
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB2570222) - (.Microsoft Corporation.) [HKLM] -- KB2570222
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB923561) - (.Microsoft Corporation.) [HKLM] -- KB923561
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB938464-v2) - (.Microsoft Corporation.) [HKLM] -- KB938464-v2
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB946648) - (.Microsoft Corporation.) [HKLM] -- KB946648
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB950760) - (.Microsoft Corporation.) [HKLM] -- KB950760
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB950762) - (.Microsoft Corporation.) [HKLM] -- KB950762
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB950974) - (.Microsoft Corporation.) [HKLM] -- KB950974
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB951066) - (.Microsoft Corporation.) [HKLM] -- KB951066
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB951376-v2) - (.Microsoft Corporation.) [HKLM] -- KB951376-v2
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB951698) - (.Microsoft Corporation.) [HKLM] -- KB951698
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB951748) - (.Microsoft Corporation.) [HKLM] -- KB951748
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB952004) - (.Microsoft Corporation.) [HKLM] -- KB952004
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB952954) - (.Microsoft Corporation.) [HKLM] -- KB952954
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB954600) - (.Microsoft Corporation.) [HKLM] -- KB954600
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB955069) - (.Microsoft Corporation.) [HKLM] -- KB955069
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB956572) - (.Microsoft Corporation.) [HKLM] -- KB956572
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB956744) - (.Microsoft Corporation.) [HKLM] -- KB956744
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB956802) - (.Microsoft Corporation.) [HKLM] -- KB956802
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB956803) - (.Microsoft Corporation.) [HKLM] -- KB956803
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB956841) - (.Microsoft Corporation.) [HKLM] -- KB956841
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB956844) - (.Microsoft Corporation.) [HKLM] -- KB956844
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB957097) - (.Microsoft Corporation.) [HKLM] -- KB957097
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB958215) - (.Microsoft Corporation.) [HKLM] -- KB958215
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB958644) - (.Microsoft Corporation.) [HKLM] -- KB958644
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB958687) - (.Microsoft Corporation.) [HKLM] -- KB958687
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB958690) - (.Microsoft Corporation.) [HKLM] -- KB958690
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB958869) - (.Microsoft Corporation.) [HKLM] -- KB958869
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB959426) - (.Microsoft Corporation.) [HKLM] -- KB959426
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB960225) - (.Microsoft Corporation.) [HKLM] -- KB960225
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB960714) - (.Microsoft Corporation.) [HKLM] -- KB960714
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB960715) - (.Microsoft Corporation.) [HKLM] -- KB960715
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB960803) - (.Microsoft Corporation.) [HKLM] -- KB960803
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB960859) - (.Microsoft Corporation.) [HKLM] -- KB960859
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB961371) - (.Microsoft Corporation.) [HKLM] -- KB961371
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB961373) - (.Microsoft Corporation.) [HKLM] -- KB961373
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB961501) - (.Microsoft Corporation.) [HKLM] -- KB961501
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB963027) - (.Microsoft Corporation.) [HKLM] -- KB963027
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB968537) - (.Microsoft Corporation.) [HKLM] -- KB968537
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB969059) - (.Microsoft Corporation.) [HKLM] -- KB969059
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB969897) - (.Microsoft Corporation.) [HKLM] -- KB969897
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB969898) - (.Microsoft Corporation.) [HKLM] -- KB969898
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB969947) - (.Microsoft Corporation.) [HKLM] -- KB969947
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB970238) - (.Microsoft Corporation.) [HKLM] -- KB970238
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB970430) - (.Microsoft Corporation.) [HKLM] -- KB970430
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB971468) - (.Microsoft Corporation.) [HKLM] -- KB971468
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB971486) - (.Microsoft Corporation.) [HKLM] -- KB971486
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB971557) - (.Microsoft Corporation.) [HKLM] -- KB971557
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB971633) - (.Microsoft Corporation.) [HKLM] -- KB971633
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB971657) - (.Microsoft Corporation.) [HKLM] -- KB971657
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB972260) - (.Microsoft Corporation.) [HKLM] -- KB972260
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB972270) - (.Microsoft Corporation.) [HKLM] -- KB972270
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB973346) - (.Microsoft Corporation.) [HKLM] -- KB973346
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB973354) - (.Microsoft Corporation.) [HKLM] -- KB973354
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB973507) - (.Microsoft Corporation.) [HKLM] -- KB973507
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB973525) - (.Microsoft Corporation.) [HKLM] -- KB973525
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB973869) - (.Microsoft Corporation.) [HKLM] -- KB973869
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB973904) - (.Microsoft Corporation.) [HKLM] -- KB973904
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB974112) - (.Microsoft Corporation.) [HKLM] -- KB974112
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB974318) - (.Microsoft Corporation.) [HKLM] -- KB974318
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB974392) - (.Microsoft Corporation.) [HKLM] -- KB974392
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB974455) - (.Microsoft Corporation.) [HKLM] -- KB974455
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB974571) - (.Microsoft Corporation.) [HKLM] -- KB974571
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB975025) - (.Microsoft Corporation.) [HKLM] -- KB975025
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB975467) - (.Microsoft Corporation.) [HKLM] -- KB975467
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB975560) - (.Microsoft Corporation.) [HKLM] -- KB975560
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB975561) - (.Microsoft Corporation.) [HKLM] -- KB975561
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB975562) - (.Microsoft Corporation.) [HKLM] -- KB975562
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB975713) - (.Microsoft Corporation.) [HKLM] -- KB975713
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB977165) - (.Microsoft Corporation.) [HKLM] -- KB977165
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB977816) - (.Microsoft Corporation.) [HKLM] -- KB977816
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB977914) - (.Microsoft Corporation.) [HKLM] -- KB977914
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978037) - (.Microsoft Corporation.) [HKLM] -- KB978037
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978251) - (.Microsoft Corporation.) [HKLM] -- KB978251
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978262) - (.Microsoft Corporation.) [HKLM] -- KB978262
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978338) - (.Microsoft Corporation.) [HKLM] -- KB978338
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978542) - (.Microsoft Corporation.) [HKLM] -- KB978542
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978601) - (.Microsoft Corporation.) [HKLM] -- KB978601
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB978706) - (.Microsoft Corporation.) [HKLM] -- KB978706
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB979309) - (.Microsoft Corporation.) [HKLM] -- KB979309
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB979482) - (.Microsoft Corporation.) [HKLM] -- KB979482
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB979559) - (.Microsoft Corporation.) [HKLM] -- KB979559
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB979683) - (.Microsoft Corporation.) [HKLM] -- KB979683
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB979687) - (.Microsoft Corporation.) [HKLM] -- KB979687
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB980195) - (.Microsoft Corporation.) [HKLM] -- KB980195
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB980218) - (.Microsoft Corporation.) [HKLM] -- KB980218
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB980232) - (.Microsoft Corporation.) [HKLM] -- KB980232
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB980436) - (.Microsoft Corporation.) [HKLM] -- KB980436
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB981322) - (.Microsoft Corporation.) [HKLM] -- KB981322
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB981349) - (.Microsoft Corporation.) [HKLM] -- KB981349
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB981852) - (.Microsoft Corporation.) [HKLM] -- KB981852
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB981957) - (.Microsoft Corporation.) [HKLM] -- KB981957
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB981997) - (.Microsoft Corporation.) [HKLM] -- KB981997
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB982132) - (.Microsoft Corporation.) [HKLM] -- KB982132
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB982214) - (.Microsoft Corporation.) [HKLM] -- KB982214
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB982381) - (.Microsoft Corporation.) [HKLM] -- KB982381
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB982665) - (.Microsoft Corporation.) [HKLM] -- KB982665
O42 - Logiciel: Aktualizace zabezpečení systému Windows XP (KB982802) - (.Microsoft Corporation.) [HKLM] -- KB982802
O42 - Logiciel: Avidemux 2.5 (32-bit) - (.Unknown owner.) [HKLM] -- Avidemux 2.5
O42 - Logiciel: Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) - (.Nokia.) [HKLM] -- E0AC723A3DE3A04256288CADBBB011B112AED454
O42 - Logiciel: Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) - (.Nokia.) [HKLM] -- 72A50F48CC5601190B9C4E74D81161693133E7F7
O42 - Logiciel: Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine
O42 - Logiciel: ConvertXtoDVD 4.1.1.334 - (.Unknown owner.) [HKLM] -- {DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1
O42 - Logiciel: CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension - (.Corel Corporation.) [HKLM] -- _{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
O42 - Logiciel: DVD Flick 1.3.0.7 - (.Dennis Meuwissen.) [HKLM] -- DVD Flick_is1
O42 - Logiciel: DVDFab 8.0.5.5 (04/12/2010) - (.Fengtao Software Inc..) [HKLM] -- DVDFab 8_is1
O42 - Logiciel: DivX Setup - (.DivX, LLC.) [HKLM] -- DivX Setup
O42 - Logiciel: Důležitá aktualizace aplikace Windows Media Player 11 (KB959772) - (.Microsoft Corporation.) [HKLM] -- KB959772_WM11
O42 - Logiciel: EVEREST Ultimate Edition v5.50 - (.Lavalys, Inc..) [HKLM] -- EVEREST Ultimate Edition_is1
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] -- GOM Player
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: HP Customer Participation Program 11.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 - (.HP.) [HKLM] -- {C3B6AEB1-390C-4792-8677-CD87F8B2C959}
O42 - Logiciel: HP Imaging Device Functions 11.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Solution Center 11.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: HyperSnap 6 - (.Hyperionics Technology LLC.) [HKLM] -- HyperSnap 6
O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM] -- ImgBurn
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wudf01009
O42 - Logiciel: Mozilla Firefox 6.0.1 (x86 cs) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.1 (x86 cs)
O42 - Logiciel: Nero 6 Ultra Edition - (.Unknown owner.) [HKLM] -- Nero - Burning Rom!UninstallKey
O42 - Logiciel: NeroVision Express 2 - (.Unknown owner.) [HKLM] -- NeroVision!UninstallKey
O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- Nokia PC Suite
O42 - Logiciel: O2CPlayerAC - (.SOFTconsult spol. s.r.o..) [HKLM] -- InstallShield_{BB83E624-F15E-416E-A6DB-2C5245AE90D2}
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB2443685) - (.Microsoft Corporation.) [HKLM] -- KB2443685
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB2570791) - (.Microsoft Corporation.) [HKLM] -- KB2570791
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB952287) - (.Microsoft Corporation.) [HKLM] -- KB952287
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB970653-v3) - (.Microsoft Corporation.) [HKLM] -- KB970653-v3
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB976098-v2) - (.Microsoft Corporation.) [HKLM] -- KB976098-v2
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB979306) - (.Microsoft Corporation.) [HKLM] -- KB979306
O42 - Logiciel: Oprava Hotfix systému Windows XP (KB981793) - (.Microsoft Corporation.) [HKLM] -- KB981793
O42 - Logiciel: Oprava hotfix aplikace Windows Media Player 11 (KB939683) - (.Microsoft Corporation.) [HKLM] -- KB939683
O42 - Logiciel: PSPad editor - (.Jan Fiala.) [HKLM] -- PSPad editor_is1
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM] -- PokerStars
O42 - Logiciel: QIP 2005 8080 - (.Unknown owner.) [HKLM] -- QIP 2005_is1
O42 - Logiciel: REALTEK GbE & FE Ethernet PCI-E NIC Driver - (.Realtek.) [HKLM] -- {C9BED750-1211-4480-B1A5-718A3BE15525}
O42 - Logiciel: Real Alternative 2.0.2 - (.Unknown owner.) [HKLM] -- RealAlt_is1
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Registry Mechanic 6.0 - (.PC Tools.) [HKLM] -- Registry Mechanic_is1
O42 - Logiciel: Samsung CLP-310 Series - (.Samsung Electronics CO.,LTD.) [HKLM] -- Samsung CLP-310 Series
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CEF209AB-F96D-404F-B5CC-44057C057CA3}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}
O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1365864D-4C58-489D-9982-844D75691CCC}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2586924) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}
O42 - Logiciel: VobSub v2.23 (Remove Only) - (.Unknown owner.) [HKLM] -- VobSub
O42 - Logiciel: WMP Tag Plus 1.2 - (.BM-productions.) [HKLM] -- {80C3019B-3BA4-4674-AC90-A0B402593BA5}_is1
O42 - Logiciel: WinRAR - (.Unknown owner.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Unknown owner.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows Media Player 11 - (.Unknown owner.) [HKLM] -- Windows Media Player
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service Pack
O42 - Logiciel: Xiph.Org Open Codecs 0.85.17777 - (.Xiph.Org.) [HKLM] -- Open Codecs
O42 - Logiciel: abit AirPace Wi-Fi - (.Universal abit.) [HKLM] -- {1C9A45C6-A367-472F-8FC7-45B10D661BF1}
O42 - Logiciel: ffdshow [rev 2527] [2008-12-19] - (.Unknown owner.) [HKLM] -- ffdshow_is1
O42 - Logiciel: uTorrentBar Toolbar - (.uTorrentBar.) [HKLM] -- uTorrentBar Toolbar
O42 - Logiciel: µTorrent - (.Unknown owner.) [HKCU] -- uTorrent
O42 - Logiciel: µTorrent - (.Unknown owner.) [HKLM] -- uTorrent
O42 - Logiciel: µTorrent CZ 1.8.2 (build 15196) - (.emc.) [HKLM] -- µTorrent CZ_is1
-
revolver 123
- Návštěvník
- Příspěvky: 6
- Registrován: 04 zář 2011 09:46
Re: Kryptik.sge
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN]
[HKCU\Software\ASProtect]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\AskToolbarInfo]
[HKCU\Software\AppDataLow\ISWVolatile]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Ask.com]
[HKCU\Software\AskToolbar]
[HKCU\Software\AzureWave]
[HKCU\Software\BM-productions]
[HKCU\Software\BitTorrent]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\Corel]
[HKCU\Software\DVDFab]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\ESET]
[HKCU\Software\GNU]
[HKCU\Software\GRETECH]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Hyperionics]
[HKCU\Software\ICQToolbar]
[HKCU\Software\ImgBurn]
[HKCU\Software\InstallShield]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Laudrin]
[HKCU\Software\Lavalys]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Mirabilis]
[HKCU\Software\Motive]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\PCTools]
[HKCU\Software\PSPad]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Protexis]
[HKCU\Software\QIP]
[HKCU\Software\QXL Poland]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\SSPrint]
[HKCU\Software\Skype]
[HKCU\Software\SoftVTU]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trolltech]
[HKCU\Software\Tukero[X]Team]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSO]
[HKCU\Software\Ventrilo]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\Wget]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zone Labs]
[HKCU\Software\conduitEngine]
[HKCU\Software\iExpertSoft]
[HKCU\Software\uTorrentBar]
[HKCU\Software\yahooinstall]
[HKLM\Software\ALNO]
[HKLM\Software\APN]
[HKLM\Software\ATI Technologies Inc.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\AskToolbar]
[HKLM\Software\AzureWave]
[HKLM\Software\BM-productions]
[HKLM\Software\Big Fish Games]
[HKLM\Software\Bitstream]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\CheckPoint]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\ComputerAssociates]
[HKLM\Software\Conduit]
[HKLM\Software\Corel]
[HKLM\Software\Creative Tech]
[HKLM\Software\DVDFab]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\ESET]
[HKLM\Software\GNU]
[HKLM\Software\GRETECH]
[HKLM\Software\Gabest]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Hyperionics]
[HKLM\Software\ICE]
[HKLM\Software\ICQ]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\Kodak]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Mirabilis]
[HKLM\Software\Motive]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\Nokia Mobile Phones]
[HKLM\Software\Nokia]
[HKLM\Software\ODBC]
[HKLM\Software\OMSI]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PCTools]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Protexis]
[HKLM\Software\RTLSetup]
[HKLM\Software\RealAlternative]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\S3R521]
[HKLM\Software\SPanel]
[HKLM\Software\SSPrint]
[HKLM\Software\Samsung]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\Swearware]
[HKLM\Software\TrendMicro]
[HKLM\Software\Tukero[X]Team]
[HKLM\Software\Universal abit]
[HKLM\Software\VSO]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Xiph.Org]
[HKLM\Software\Zone Labs]
[HKLM\Software\bwin]
[HKLM\Software\mozilla.org]
[HKLM\Software\uTorrentBar]
~ Scan Softwares in 00mn 00s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 3.4.2009 - 11:40:24 - [2412544] ----D- C:\Program Files\abit
O43 - CFD: 6.8.2010 - 10:09:34 - [207327209] ----D- C:\Program Files\Adobe
O43 - CFD: 28.5.2011 - 17:29:44 - [101114114] ----D- C:\Program Files\Ahead
O43 - CFD: 13.11.2009 - 15:22:52 - [164841755] ----D- C:\Program Files\ALNO
O43 - CFD: 1.9.2011 - 8:01:18 - [2950854] ----D- C:\Program Files\Ask.com
O43 - CFD: 3.4.2009 - 10:12:06 - [42590785] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 3.4.2009 - 19:39:32 - [0] ----D- C:\Program Files\AVG
O43 - CFD: 4.8.2011 - 1:17:52 - [35570354] ----D- C:\Program Files\Avidemux 2.5
O43 - CFD: 5.6.2011 - 14:41:16 - [144217600] ----D- C:\Program Files\bwin
O43 - CFD: 10.7.2010 - 10:46:44 - [2812120] ----D- C:\Program Files\CCleaner
O43 - CFD: 7.7.2010 - 9:34:42 - [103248] ----D- C:\Program Files\CheckPoint
O43 - CFD: 4.9.2011 - 10:13:22 - [370211298] ----D- C:\Program Files\Common Files
O43 - CFD: 3.4.2009 - 9:39:02 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 7.7.2010 - 9:34:56 - [1791776] ----D- C:\Program Files\Conduit
O43 - CFD: 13.7.2011 - 10:47:56 - [4844061] ----D- C:\Program Files\ConduitEngine
O43 - CFD: 24.4.2009 - 15:07:22 - [902703527] ----D- C:\Program Files\Corel
O43 - CFD: 20.7.2011 - 16:20:30 - [1595928] ----D- C:\Program Files\DIFX
O43 - CFD: 10.8.2011 - 13:52:34 - [23166102] ----D- C:\Program Files\DivX
O43 - CFD: 4.8.2011 - 0:29:34 - [44904093] ----D- C:\Program Files\DVD Flick
O43 - CFD: 12.7.2011 - 17:39:28 - [39418896] ----D- C:\Program Files\DVDFab 8
O43 - CFD: 3.7.2011 - 18:22:44 - [64239646] ----D- C:\Program Files\ESET
O43 - CFD: 20.6.2009 - 18:14:50 - [14913001] ----D- C:\Program Files\ffdshow
O43 - CFD: 14.7.2011 - 18:13:58 - [411345] ----D- C:\Program Files\Gabest
O43 - CFD: 22.8.2010 - 9:14:36 - [299245562] ----D- C:\Program Files\Google
O43 - CFD: 20.6.2009 - 17:56:56 - [20783971] ----D- C:\Program Files\GRETECH
O43 - CFD: 8.5.2009 - 17:00:48 - [0] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 9.5.2009 - 18:16:36 - [127575846] ----D- C:\Program Files\HP
O43 - CFD: 27.3.2010 - 17:26:24 - [11788007] ----D- C:\Program Files\HyperSnap 6
O43 - CFD: 4.8.2011 - 1:27:04 - [3220087] ----D- C:\Program Files\ImgBurn
O43 - CFD: 13.10.2009 - 9:35:38 - [35929372] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 3.4.2009 - 9:59:02 - [63558] ----D- C:\Program Files\Intel
O43 - CFD: 10.7.2010 - 10:08:02 - [1702566] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 12.4.2009 - 14:08:54 - [79337320] ----D- C:\Program Files\Java
O43 - CFD: 14.7.2009 - 19:29:56 - [2598109] ----D- C:\Program Files\Krtecek
O43 - CFD: 3.7.2011 - 18:05:28 - [16717901] ----D- C:\Program Files\Lavalys
O43 - CFD: 10.7.2010 - 10:11:36 - [2149535] ----D- C:\Program Files\Messenger
O43 - CFD: 3.4.2009 - 9:41:40 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 3.4.2009 - 10:58:30 - [635595885] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14.6.2011 - 3:29:08 - [38388859] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 3.4.2009 - 10:58:24 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 16.2.2010 - 10:08:38 - [3726168] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 12.8.2010 - 9:11:04 - [10343262] ----D- C:\Program Files\Movie Maker
O43 - CFD: 31.8.2011 - 20:38:00 - [35109671] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 3.4.2009 - 10:58:36 - [764] ----D- C:\Program Files\MSBuild
O43 - CFD: 3.4.2009 - 9:38:26 - [8743175] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 4.4.2009 - 19:46:02 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 5.4.2009 - 9:05:52 - [6849] ----D- C:\Program Files\MSXML 6.0
O43 - CFD: 10.7.2010 - 10:04:42 - [3256085] ----D- C:\Program Files\NetMeeting
O43 - CFD: 20.7.2011 - 18:00:10 - [56194841] ----D- C:\Program Files\Nokia
O43 - CFD: 24.8.2009 - 16:02:34 - [350560] ----D- C:\Program Files\NOS
O43 - CFD: 3.4.2009 - 9:40:36 - [1005] ----D- C:\Program Files\Online Services
O43 - CFD: 17.12.2010 - 11:54:12 - [4325510] ----D- C:\Program Files\Outlook Express
O43 - CFD: 20.7.2011 - 16:19:18 - [13586855] ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 3.9.2011 - 0:05:58 - [87941504] ----D- C:\Program Files\PokerStars
O43 - CFD: 11.8.2011 - 10:21:14 - [12139739] ----D- C:\Program Files\PSPad editor
O43 - CFD: 17.3.2010 - 14:36:40 - [58745673] ----D- C:\Program Files\QIP
O43 - CFD: 9.4.2009 - 15:20:46 - [41908320] ----D- C:\Program Files\QXL Poland
O43 - CFD: 20.2.2011 - 15:44:52 - [6212791] ----D- C:\Program Files\Real Alternative
O43 - CFD: 3.4.2009 - 19:15:58 - [65391084] ----D- C:\Program Files\Realtek
O43 - CFD: 20.4.2009 - 10:05:20 - [2618] ----D- C:\Program Files\Registry Clean Expert
O43 - CFD: 11.7.2011 - 12:48:48 - [12587980] ----D- C:\Program Files\Registry Mechanic
O43 - CFD: 24.5.2009 - 12:05:10 - [96498208] ----D- C:\Program Files\Samsung
O43 - CFD: 5.6.2011 - 17:52:50 - [0] ----D- C:\Program Files\SlySoft
O43 - CFD: 4.9.2011 - 10:15:46 - [173111] ----D- C:\Program Files\TNod User & Password Finder
O43 - CFD: 10.8.2011 - 19:48:26 - [17466605] ----D- C:\Program Files\Trell
O43 - CFD: 3.4.2009 - 9:55:20 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 25.7.2011 - 8:13:26 - [1577052] ----D- C:\Program Files\uTorrent
O43 - CFD: 13.7.2011 - 10:47:48 - [4855594] ----D- C:\Program Files\uTorrentBar
O43 - CFD: 11.8.2011 - 9:15:04 - [66336019] ----D- C:\Program Files\VSO
O43 - CFD: 12.4.2009 - 15:06:56 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 21.7.2011 - 18:53:32 - [8339867] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 10.7.2010 - 10:04:38 - [3929343] ----D- C:\Program Files\Windows NT
O43 - CFD: 3.4.2009 - 9:40:38 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 3.4.2009 - 19:03:26 - [3828114] ----D- C:\Program Files\WinRAR
O43 - CFD: 21.7.2011 - 18:53:34 - [2496183] ----D- C:\Program Files\WMP Tag Plus
O43 - CFD: 3.4.2009 - 9:41:40 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 21.7.2011 - 18:55:56 - [6462927] ----D- C:\Program Files\Xiph.Org
O43 - CFD: 4.9.2011 - 12:30:40 - [4013787] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 5.4.2011 - 20:02:26 - [15468] ----D- C:\Program Files\Ztrl
O43 - CFD: 17.10.2010 - 16:13:42 - [6245886] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 28.5.2011 - 17:25:02 - [17097158] ----D- C:\Program Files\Common Files\Ahead
O43 - CFD: 20.4.2009 - 16:31:36 - [17773706] ----D- C:\Program Files\Common Files\Corel
O43 - CFD: 3.4.2009 - 10:58:24 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 10.8.2011 - 13:52:34 - [24656896] ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD: 8.5.2009 - 17:00:44 - [584213] ----D- C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 8.5.2009 - 17:00:50 - [5170050] ----D- C:\Program Files\Common Files\HP
O43 - CFD: 13.10.2009 - 9:34:40 - [8924226] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 20.7.2011 - 17:58:56 - [186078012] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 25.7.2011 - 8:30:34 - [4913357] ----D- C:\Program Files\Common Files\Motive
O43 - CFD: 3.4.2009 - 9:39:50 - [284160] ----D- C:\Program Files\Common Files\MSSoap
O43 - CFD: 20.7.2011 - 18:00:10 - [51341218] ----D- C:\Program Files\Common Files\Nokia
O43 - CFD: 2.4.2009 - 23:38:50 - [0] ----D- C:\Program Files\Common Files\ODBC
O43 - CFD: 20.7.2011 - 16:19:48 - [88064] ----D- C:\Program Files\Common Files\PCSuite
O43 - CFD: 22.8.2010 - 9:19:08 - [0] ----D- C:\Program Files\Common Files\Real
O43 - CFD: 3.4.2009 - 9:39:54 - [8106] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 16.4.2009 - 14:01:30 - [1942824] ----D- C:\Program Files\Common Files\Skype
O43 - CFD: 2.4.2009 - 23:38:48 - [3787229] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 10.7.2010 - 10:04:34 - [41223217] ----D- C:\Program Files\Common Files\System
O43 - CFD: 22.2.2010 - 15:23:18 - [11514119] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Adobe
O43 - CFD: 29.5.2011 - 15:02:50 - [2190141] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Ahead
O43 - CFD: 4.8.2011 - 0:51:50 - [32439] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\avidemux
O43 - CFD: 7.7.2010 - 9:35:18 - [23576] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\CheckPoint
O43 - CFD: 24.4.2009 - 14:46:20 - [4277251] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Corel
O43 - CFD: 10.8.2011 - 13:53:32 - [106] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\DDMSettings
O43 - CFD: 18.7.2009 - 19:37:24 - [16440] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\DivX
O43 - CFD: 22.8.2011 - 20:13:54 - [3878] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\DVD Flick
O43 - CFD: 3.7.2011 - 18:24:10 - [0] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\ESET
O43 - CFD: 20.6.2009 - 18:11:48 - [137077] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\GRETECH
O43 - CFD: 8.5.2009 - 17:07:24 - [28274] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\HP
O43 - CFD: 25.10.2009 - 18:51:26 - [0] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\ICQ Toolbar
O43 - CFD: 1.8.2009 - 11:19:06 - [6199] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\ICQLite
O43 - CFD: 3.4.2009 - 9:55:22 - [0] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Identities
O43 - CFD: 4.8.2011 - 1:35:46 - [135820] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\ImgBurn
O43 - CFD: 3.4.2009 - 11:40:06 - [0] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\InstallShield
O43 - CFD: 3.4.2009 - 11:25:30 - [5426] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Macromedia
O43 - CFD: 20.2.2011 - 15:45:28 - [144] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Media Player Classic
O43 - CFD: 29.9.2010 - 18:28:04 - [2584618] -S--D- C:\Documents and Settings\euro-nabytek\Data aplikací\Microsoft
O43 - CFD: 3.4.2009 - 16:59:24 - [37817860] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Mozilla
O43 - CFD: 1.9.2011 - 17:15:42 - [217217] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Nokia
O43 - CFD: 20.7.2011 - 17:50:28 - [2306235] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\PC Suite
O43 - CFD: 11.8.2011 - 10:24:04 - [5188] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\PSpad
O43 - CFD: 22.8.2010 - 9:18:54 - [777317] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Real
O43 - CFD: 14.4.2011 - 18:48:40 - [505504] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\RenPy
O43 - CFD: 16.8.2011 - 10:09:16 - [1828] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Rovio
O43 - CFD: 9.4.2010 - 15:27:36 - [718256] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Skype
O43 - CFD: 9.4.2010 - 14:39:02 - [35872] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\skypePM
O43 - CFD: 12.4.2009 - 14:08:04 - [159963] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Sun
O43 - CFD: 11.8.2011 - 13:01:24 - [438029] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Thinstall
O43 - CFD: 2.9.2011 - 18:44:34 - [5930430] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\uTorrent
O43 - CFD: 23.3.2010 - 12:48:28 - [5531] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Ventrilo
O43 - CFD: 25.8.2011 - 20:14:40 - [72427] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Vso
O43 - CFD: 3.4.2009 - 19:04:14 - [0] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\WinRAR
O43 - CFD: 17.10.2010 - 16:13:04 - [504665] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Adobe
O43 - CFD: 1.9.2011 - 8:01:06 - [0] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\AskToolbar
O43 - CFD: 13.7.2011 - 10:47:48 - [190690] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Conduit
O43 - CFD: 13.7.2011 - 10:48:00 - [4496928] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\ConduitEngine
O43 - CFD: 3.7.2011 - 19:42:40 - [9318022] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\ESET
O43 - CFD: 24.5.2011 - 14:29:02 - [308834] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Google
O43 - CFD: 8.5.2009 - 17:28:14 - [379533] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\HP
O43 - CFD: 21.11.2009 - 10:24:00 - [379896] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Identities
O43 - CFD: 20.6.2011 - 21:10:38 - [131046476] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Microsoft
O43 - CFD: 3.4.2009 - 10:55:54 - [0] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Microsoft Help
O43 - CFD: 3.4.2009 - 16:59:24 - [129008215] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Mozilla
O43 - CFD: 4.7.2009 - 15:02:36 - [864211] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\P5
O43 - CFD: 23.5.2009 - 11:11:44 - [3016] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\PSU
O43 - CFD: 22.8.2010 - 9:17:04 - [255] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Real
O43 - CFD: 13.7.2011 - 10:47:46 - [0] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Temp
O43 - CFD: 11.8.2011 - 13:01:24 - [0] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Thinstall
O43 - CFD: 13.7.2011 - 10:46:16 - [0] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\uTorrent
O43 - CFD: 13.7.2011 - 10:47:56 - [4493927] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\uTorrentBar
~ Scan Program Folder in 00mn 52s
---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.CB4CC3D4EA7C94A35F1D81C3D750BC8D] - 11.8.2011 - 8:15:01 ---A- . (.On2.com - VP70 VIDEO FOR WINDOWS CODEC.) -- C:\WINDOWS\system32\vp7vfw.dll [626688]
O44 - LFC:[MD5.5FB0F4D86C76470E559CFC0A320B2D35] - 11.8.2011 - 8:15:02 ---A- . (.RealNetworks, Inc. - ACELP-NET Voice Codec for RealAudio(tm).) -- C:\WINDOWS\system32\sipr3260.dll [102439]
O44 - LFC:[MD5.79D15C3C4C03674FB88A95D8AFD470FE] - 11.8.2011 - 8:15:02 ---A- . (.RealNetworks, Inc. - No comment.) -- C:\WINDOWS\system32\Pncrt.dll [273408]
O44 - LFC:[MD5.3E1054C32532E726D9DAF20FA9048BE8] - 11.8.2011 - 8:15:02 ---A- . (.RealNetworks, Inc. - RealNetworks Cooker G2 Audio Codec.) -- C:\WINDOWS\system32\cook3260.dll [65602]
O44 - LFC:[MD5.FFFAAEF7265285A274C3535B65238693] - 11.8.2011 - 8:15:02 ---A- . (.RealNetworks, Inc. - RealVideo 8.) -- C:\WINDOWS\system32\drv33260.dll [208935]
O44 - LFC:[MD5.711DBC8F0A5D89A2C946C33F2D717C75] - 11.8.2011 - 8:15:02 ---A- . (.RealNetworks, Inc. - RealVideo 9.) -- C:\WINDOWS\system32\drv43260.dll [217127]
O44 - LFC:[MD5.2BF29D229C9F685031945E77E6BABD34] - 11.8.2011 - 8:15:02 ---A- . (.RealNetworks, Inc. - RealVideo G2.) -- C:\WINDOWS\system32\drv23260.dll [176165]
O44 - LFC:[MD5.58D7A62AD5840B11420ABDFF536B4BE5] - 24.8.2011 - 22:07:54 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [233980]
O44 - LFC:[MD5.BE64243EC1F3B6EE84FEF78017A4D51E] - 25.8.2011 - 19:13:09 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [49]
O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 26.6.2011 - 7:45:56 ---A- . (...) -- C:\WINDOWS\PEV.exe [256000]
O44 - LFC:[MD5.17D7055859D99A0D606CFAF17AE38638] - 3.7.2011 - 17:32:17 ---A- . (...) -- C:\Boot.bak [211]
O44 - LFC:[MD5.24FDED3C38A10BD62C08867DC47A1F1E] - 3.8.2004 - 22:00:04 RSHA- . (...) -- C:\cmldr [261312]
O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 31.8.2000 - 1:00:00 ---A- . (...) -- C:\WINDOWS\grep.exe [80412]
O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 31.8.2000 - 1:00:00 ---A- . (...) -- C:\WINDOWS\sed.exe [98816]
O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 31.8.2000 - 1:00:00 ---A- . (...) -- C:\WINDOWS\zip.exe [68096]
O44 - LFC:[MD5.16F4A0C06A605A1282C4B17835A18969] - 31.8.2011 - 19:59:45 RSHA- . (...) -- C:\boot.ini [327]
O44 - LFC:[MD5.6FF09555183DDAEA769A615BFDE3F8CF] - 31.8.2011 - 20:27:25 ---A- . (...) -- C:\WINDOWS\system32\FNTCACHE.DAT [272576]
O44 - LFC:[MD5.C9A9949FE93EBD7EEC7B8A93A6A35E83] - 4.9.2011 - 11:18:57 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32514]
O44 - LFC:[MD5.6F359C7BCA95FF1935CD3B654F5444B0] - 4.9.2011 - 11:19:49 ---A- . (...) -- C:\WINDOWS\system32\ativvaxx.cap [44964]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 4.9.2011 - 11:19:52 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.4ADDCD734EE321F8FFEAD19D883BB513] - 4.9.2011 - 11:19:55 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [13646]
O44 - LFC:[MD5.EAE8CE5BC19349DBAA001AADC0B838A8] - 4.9.2011 - 11:20:05 ---A- . (...) -- C:\WINDOWS\wiaservc.log [48]
O44 - LFC:[MD5.0AA52B8374A64DAB2BAD01DD73695DB0] - 4.9.2011 - 11:20:09 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 4.9.2011 - 11:21:44 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.2F7790912635D0F2864461678A16AFD8] - 4.9.2011 - 11:21:47 ---A- . (...) -- C:\WINDOWS\setupapi.log [4025]
O44 - LFC:[MD5.3A9A54E9FF21A4825E9B40A89674F085] - 4.9.2011 - 11:28:36 ---A- . (...) -- C:\WINDOWS\setupact.log [60]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 4.9.2011 - 11:28:36 ---A- . (...) -- C:\WINDOWS\setuperr.log [0]
O44 - LFC:[MD5.3B1CA14F6B4C4B1E820C2062738FAAEF] - 4.9.2011 - 11:31:33 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1651306]
O44 - LFC:[MD5.753BC16326FEE4A421ACB636CCD602F4] - 4.9.2011 - 9:07:36 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [60416]
O44 - LFC:[MD5.A46842C9B0C567A5A9584E83A163560C] - 4.9.2011 - 9:07:36 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [518144]
O44 - LFC:[MD5.0297C72529807322B152F517FDB0A9FC] - 4.9.2011 - 9:07:36 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [406528]
O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 4.9.2011 - 9:07:36 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480]
O44 - LFC:[MD5.A4AA96165F728A860AEC6CC05DBB6701] - 4.9.2011 - 9:18:02 ---A- . (...) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.948C5C5C79F46D2D67B61224018ABCC5] - 4.9.2011 - 9:22:20 ---A- . (...) -- C:\ComboFix.txt [16165]
O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 7.11.2010 - 18:20:24 ---A- . (...) -- C:\WINDOWS\MBR.exe [208896]
~ Scan Files in 00mn 41s
---\\ Export authorized application key (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Microsoft® Remote Desktop Help Session Manager.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\utorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\utorrent.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" [Enabled] .(.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Hewlett-Packard Co. - HP All-in-One Launcher Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" [Enabled] .(.Hewlett-Packard - HP Scan Application.) -- C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Message Manager.) -- C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential Software.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - hpqsudi.) -- C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" [Enabled] .(.Hewlett-Packard Co. - HP Guided Solutions.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" [Enabled] .(.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Microsoft® Remote Desktop Help Session Manager.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" [Enabled] .(.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Hewlett-Packard Co. - HP All-in-One Launcher Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" [Enabled] .(.Hewlett-Packard - HP Scan Application.) -- C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Message Manager.) -- C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential Software.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - hpqsudi.) -- C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" [Enabled] .(.Hewlett-Packard Co. - HP Guided Solutions.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" [Enabled] .(.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
~ Scan Keys in 00mn 00s
---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - System Restore Filesystem Filter Driver.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - System Restore Filesystem Filter Driver.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
~ Scan CSB in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ Scan IFEO in 00mn 00s
---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - DSP Group TrueSpeech(TM) Audio Codec for MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\WINDOWS\system32\ff_vfw.dll
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll
O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\WINDOWS\system32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.2 Codec" . (...) -- (.not file.)
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\AirPaceWifi [Key] . (.Universal abit - abit AirPace Wi-Fi.) -- C:\Program Files\abit\abit uGuru\AirPaceWifi.exe
O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O53 - SMSR:HKLM\...\startupreg\hpqSRMon [Key] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O53 - SMSR:HKLM\...\startupreg\MSMSGS [Key] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O53 - SMSR:HKLM\...\startupreg\QIP2005 [Key] . (.The Author of QIP - Quiet Internet Pager.) -- C:\Program Files\QIP\qip.exe
~ Scan SMSR Keys in 00mn 00s
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA Client for 32 bit platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI Authentication Package.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA Client for 32 bit platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI Authentication Package.) -- C:\WINDOWS\system32\digest.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0
~ Scan Keys in 00mn 00s
---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.F6AF59D6EEE5E1C304F7F73706AD11D8] - 4.9.2011 - 19:10:12 ---A- . (.Creative - Creative WDM 3D Audio Driver.) -- C:\WINDOWS\system32\drivers\Ambfilt.sys [1684736]
O58 - SDL:[MD5.C06659FF381423D6CB19A91C2A2F80AD] - 4.9.2011 - 5:52:41 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [3299840]
O58 - SDL:[MD5.DA8B7EA06BA5148E453C53DF877DBA68] - 4.9.2011 - 10:30:08 ---A- . (.AzureWave Technologies, Inc. - Driver for Atheros AR5001 Wireless Network Adapter.) -- C:\WINDOWS\system32\drivers\aw5006.sys [556832]
O58 - SDL:[MD5.CFE3462A9E94A57DCD9676F6B7FE7F67] - 4.9.2011 - 9:12:28 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmb.sys [18176]
O58 - SDL:[MD5.8F2A94F991F8C73CEC26B4B5620D1EDC] - 4.9.2011 - 9:12:32 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys [23168]
O58 - SDL:[MD5.30274D9BC25A43BF14891E710216EBC4] - 4.9.2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 4.9.2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.E31464CE787E3A0FFEA55BAA591897F0] - 4.9.2011 - 14:41:10 ---A- . (.ESET - Amon monitor.) -- C:\WINDOWS\system32\drivers\eamon.sys [114472]
O58 - SDL:[MD5.2C95A7A87E4272C1FFF9BAF579677DB3] - 4.9.2011 - 14:47:14 ---A- . (.ESET - ESET Helper driver.) -- C:\WINDOWS\system32\drivers\ehdrv.sys [107256]
O58 - SDL:[MD5.C2C9A92B560A775C65B89E78DCB6951A] - 4.9.2011 - 14:49:22 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\WINDOWS\system32\drivers\epfw.sys [133000]
O58 - SDL:[MD5.73FC7C4A5952B5493C6BE2708D1538C0] - 4.9.2011 - 14:49:26 ---A- . (.ESET - ESET Personal Firewall NDIS filter.) -- C:\WINDOWS\system32\drivers\epfwndis.sys [33096]
O58 - SDL:[MD5.CD6D97A7A88A78FA6F1732B75971EAD0] - 4.9.2011 - 14:49:26 ---A- . (.ESET - ESET Personal Firewall TDI filter.) -- C:\WINDOWS\system32\drivers\epfwtdi.sys [55768]
O58 - SDL:[MD5.0C79689B4840EF8EC522598343F26849] - 4.9.2011 - 10:13:18 ---A- . (.Aladdin Knowledge Systems Ltd. - SmartKey Parallel Driver.) -- C:\WINDOWS\system32\drivers\eusk2par.sys [25680]
O58 - SDL:[MD5.315FE3219404A7B88E2D35DABC4A085E] - 4.9.2011 - 12:02:02 ---A- . (.Eutron - SmartKey USB Driver for Windows.) -- C:\WINDOWS\system32\drivers\eusk3usb.sys [43968]
O58 - SDL:[MD5.D03D10F7DED688FECF50F8FBF1EA9B8A] - 4.9.2011 - 22:22:06 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys [49920]
O58 - SDL:[MD5.89F41658929393487B6B7D13C8528CE3] - 4.9.2011 - 22:22:07 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496]
O58 - SDL:[MD5.ABCB05CCDBF03000354B9553820E39F8] - 4.9.2011 - 22:22:08 R--A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21568]
O58 - SDL:[MD5.FCCF4AE4EF72CBABA6D6BEFEFD77E940] - 4.9.2011 - 18:48:40 ---A- . (.Ahead Software AG and its licensors - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys [89184]
O58 - SDL:[MD5.9FA7207D1B1ADEAD88AE8EED9CDBBAA5] - 4.9.2011 - 14:41:48 ---A- . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- C:\WINDOWS\system32\drivers\Monfilt.sys [1389056]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 4.9.2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.99145C5D4B6C4D6F5CE83EE6ABFFE294] - 4.9.2011 - 9:09:48 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys [137600]
O58 - SDL:[MD5.FAEE7B61C6885B091CEC1FF06DA2E1AB] - 4.9.2011 - 9:09:48 ---A- . (.Nokia - Nokia USB Phone Generic Client.) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [8576]
O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 4.9.2011 - 9:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [18816]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 4.9.2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 4.9.2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 4.9.2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.20F8E21AF426BF61881981452B3C3370] - 4.9.2011 - 8:57:36 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [130688]
O58 - SDL:[MD5.39C5C2FBF652C9F8C194873D5C8A1F58] - 4.9.2011 - 10:46:36 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtHDMIV.sys [143328]
O58 - SDL:[MD5.1AE3CFF80017EF89DA959350724C7194] - 4.9.2011 - 16:13:30 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [5063168]
O58 - SDL:[MD5.6F62BAFE6150F3952F877051C65786FE] - 4.9.2011 - 10:50:25 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RTKVHDA.sys [1841312]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 4.9.2011 - 17:39:14 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.0E6AD03CCBBF777C58CAB10B65800B97] - 4.9.2011 - 11:49:16 ---A- . (.EUTRON - SmartKey USB Driver for Windows.) -- C:\WINDOWS\system32\drivers\skeyusb.sys [45277]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 4.9.2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.EC01DA44B090D2651FC032C8B9257232] - 4.9.2011 - 9:12:36 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys [8192]
O58 - SDL:[MD5.4ABD37CFBD710E64F01F9DA8710C73F7] - 4.9.2011 - 9:12:38 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys [8192]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 4.9.2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.A0D62056B9B494C09EE9AC6FD94E4074] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9035]
O58 - SDL:[MD5.DA8B7EA06BA5148E453C53DF877DBA68] - 4.9.2011 - 10:30:08 ---A- . (.AzureWave Technologies, Inc. - Driver for Atheros AR5001 Wireless Network Adapter.) -- C:\WINDOWS\system32\aw5006.sys [556832]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.2DE9700B53CD22189CCAEE42246DF396] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4880]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.70F45786F35CAB62DEDD2291B0051DA8] - 4.9.2011 - 15:37:17 -SHA- . (...) -- C:\WINDOWS\system32\KGyGaAvL.sys [952]
O58 - SDL:[MD5.C1B822C0E789D22ADBFFE4FB3B2CEC7A] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27898]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.8856178A5F96B98C55F3C7987F02F36B] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [33904]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Scan Drivers in 00mn 01s
---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 30.12.1899 - C:\ComboFix\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
O64 - Services: CurCS - 30.12.1899 - C:\WINDOWS\system32\Drivers\DgiVecp.sys (.not file.) - DgiVecp (DgiVecp) .(...) - LEGACY_DGIVECP
O64 - Services: CurCS - 14.4.2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) - LEGACY_DMBOOT
O64 - Services: CurCS - 18.8.2004 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 14.5.2009 - C:\WINDOWS\system32\DRIVERS\eamon.sys - eamon(eamon) .(.ESET - Amon monitor.) - LEGACY_EAMON
O64 - Services: CurCS - 14.5.2009 - C:\WINDOWS\system32\DRIVERS\ehdrv.sys - ehdrv(ehdrv) .(.ESET - ESET Helper driver.) - LEGACY_EHDRV
O64 - Services: CurCS - 14.5.2009 - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe - ESET Service(ekrn) .(.ESET - ESET Service.) - LEGACY_EKRN
O64 - Services: CurCS - 14.5.2009 - C:\WINDOWS\system32\DRIVERS\epfw.sys - epfw(epfw) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFW
O64 - Services: CurCS - 14.5.2009 - C:\WINDOWS\system32\DRIVERS\epfwtdi.sys - epfwtdi(epfwtdi) .(.ESET - ESET Personal Firewall TDI filter.) - LEGACY_EPFWTDI
O64 - Services: CurCS - 18.12.2008 - C:\WINDOWS\system32\Drivers\eusk2par.sys - Aladdin SmartKey Parallel Driver(eusk2par) .(.Aladdin Knowledge Systems Ltd. - SmartKey Parallel Driver.) - LEGACY_EUSK2PAR
O64 - Services: CurCS - 22.8.2010 - C:\Program Files\Google\Update\GoogleUpdate.exe - Služba Google Update (gupdate)(gupdate) .(.Google Inc. - Instalační program Google.) - LEGACY_GUPDATE
O64 - Services: CurCS - 12.4.2009 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 15.10.2007 - C:\Program Files\Common Files\Motive\McciCMService.exe - McciCMService(McciCMService) .(.Motive Communications, Inc. - mcci+McciCMService.) - LEGACY_MCCICMSERVICE
O64 - Services: CurCS - 29.3.2008 - C:\PROGRA~1\COMMON~1\Motive\MREMP50.sys - MREMP50 NDIS Protocol Driver(MREMP50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_MREMP50
O64 - Services: CurCS - 29.3.2008 - C:\PROGRA~1\COMMON~1\Motive\MRESP50.sys - MRESP50 NDIS Protocol Driver(MRESP50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_MRESP50
O64 - Services: CurCS - 8.6.2011 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer(ServiceLayer) .(.Nokia - ServiceLayer Module.) - LEGACY_SERVICELAYER
O64 - Services: CurCS - 30.12.1899 - C:\WINDOWS\system32\Drivers\SSPORT.sys (.not file.) - SSPORT (SSPORT) .(...) - LEGACY_SSPORT
~ Scan Services in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor registru.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Editor registru.) -- C:\WINDOWS\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - ( ) - http://search.conduit.com
~ Scan Keys in 00mn 00s
---\\ Internet Feature Controls (IFC) (O81)
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
~ Scan Keys in 00mn 00s
---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.87E00892D6FAD88AB802E0E3E0FEF6A5] [SPRF][31.8.2011] (...) -- C:\Documents and Settings\euro-nabytek\Plocha\cc_20110831_214557.reg [10302]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25.7.2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25.7.2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
[MD5.DE2EB468A14E00F9A99326C6C9C07075] [SPRF][2.2.2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1914440]
[MD5.B8F39C9E0F0B71E454DBA431CF3B99C9] [SPRF][11.8.2005] (.Macrovision Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [417792]
~ Scan Files in 00mn 00s
---\\ Additionnal Scan (O88)
Database Version : 8617 - (29/08/2011)
Clés trouvées (Keys found) : 46
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 9
Fichiers trouvés (Files found) : 0
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1] =>Toolbar.AskTBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Toolbar.AskSBar
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Toolbar.AskSBar
[HKLM\Software\Classes\Toolbar.CT2611275] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar.CT2786678] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.AskSBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Toolbar.AskTBar
[HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Classes\CLSID\{70B07F69-5796-4F8D-BF4C-9B3151012CB1}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{7558E739-8E7C-44BB-BCE7-1BF0D72B7026}] =>Adware.BHO
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.AskSBar
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\CLSID\{96AFBE69-C3B0-4b00-8578-D933D2896EE2}] =>Virus.Virut
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.AskSBar
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.AskSBar
[HKLM\Software\Classes\CLSID\{AC6240AE-33B6-40D3-8683-31BBE86049A0}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6240AE-33B6-40D3-8683-31BBE86049A0}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar
[HKCU\Software\APN] =>Toolbar.Agent
[HKLM\Software\APN] =>Toolbar.Agent
[HKCU\Software\Ask.com] =>Toolbar.AskBar
[HKCU\Software\Ask.com] =>Toolbar.AskBarDis
[HKCU\Software\AskToolbar] =>Toolbar.AskTBar
[HKLM\Software\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\AppDataLow\AskToolbarInfo] =>Toolbar.AskTBar
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\conduitEngine] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Software\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Toolbar] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{30F9B915-B755-4826-820B-08FBA6BD249D} =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:ApnUpdater =>Toolbar.Ask
C:\Program Files\Ask.com =>Toolbar.AskBar
C:\Program Files\Conduit =>Toolbar.Conduit
C:\Program Files\ConduitEngine =>Toolbar.Conduit
C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\AskToolbar =>Toolbar.AskTBar
C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Conduit =>Toolbar.Conduit
C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\ConduitEngine =>Toolbar.Conduit
~ Scan Additionnel in 00mn 08s
---\\ Router Hijack DNS (O89)
Server: UnKnown
Address: 10.0.0.138
N˙zev: http://www.l.google.com
Addresses: 74.125.39.105, 74.125.39.106, 74.125.39.147, 74.125.39.99
74.125.39.103, 74.125.39.104
Aliases: http://www.google.fr, http://www.google.com
~ Scan DNS in 00mn 02s
---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 4.9.2011 573440 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SS - | Auto 593920 | (ATI Smart) . (...) - C:\WINDOWS\system32\ati2sgag.exe
SS - | Demand 4.9.2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Demand 4.9.2011 20680 | (EhttpSrv) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
SR - | Auto 4.9.2011 731840 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
SS - | Auto 4.9.2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 4.9.2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 4.9.2011 152984 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SR - | Auto 4.9.2011 303104 | (McciCMService) . (.Motive Communications, Inc..) - C:\Program Files\Common Files\Motive\McciCMService.exe
SR - | Demand 4.9.2011 633856 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
~ Scan Services in 00mn 03s
---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by euro-nabytek at 4.9.2011 12:32:35
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 nt!IofCallDriver[0x804E13B9] -> \Device\Harddisk0\DR0[0x86F74AB8]
3 CLASSPNP[0xF764FFD7] -> nt!IofCallDriver[0x804E13B9] -> \Device\0000006a[0x86F4B9E8]
5 ACPI[0xF75A6620] -> nt!IofCallDriver[0x804E13B9] -> \Device\Ide\IdeDeviceP2T0L0-5[0x86F78940]
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 05s
---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by euro-nabytek at 4.9.2011 12:32:37
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 07s
End of the scan (1421 lines in 02mn 59s)(0)
http://www.virustotal.com/file-scan/rep ... 1315132655
[HKCU\Software\APN]
[HKCU\Software\ASProtect]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\AskToolbarInfo]
[HKCU\Software\AppDataLow\ISWVolatile]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Ask.com]
[HKCU\Software\AskToolbar]
[HKCU\Software\AzureWave]
[HKCU\Software\BM-productions]
[HKCU\Software\BitTorrent]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\Corel]
[HKCU\Software\DVDFab]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\ESET]
[HKCU\Software\GNU]
[HKCU\Software\GRETECH]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Hyperionics]
[HKCU\Software\ICQToolbar]
[HKCU\Software\ImgBurn]
[HKCU\Software\InstallShield]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Laudrin]
[HKCU\Software\Lavalys]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Mirabilis]
[HKCU\Software\Motive]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\PCTools]
[HKCU\Software\PSPad]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Protexis]
[HKCU\Software\QIP]
[HKCU\Software\QXL Poland]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\SSPrint]
[HKCU\Software\Skype]
[HKCU\Software\SoftVTU]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trolltech]
[HKCU\Software\Tukero[X]Team]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSO]
[HKCU\Software\Ventrilo]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\Wget]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zone Labs]
[HKCU\Software\conduitEngine]
[HKCU\Software\iExpertSoft]
[HKCU\Software\uTorrentBar]
[HKCU\Software\yahooinstall]
[HKLM\Software\ALNO]
[HKLM\Software\APN]
[HKLM\Software\ATI Technologies Inc.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\AskToolbar]
[HKLM\Software\AzureWave]
[HKLM\Software\BM-productions]
[HKLM\Software\Big Fish Games]
[HKLM\Software\Bitstream]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\CheckPoint]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\ComputerAssociates]
[HKLM\Software\Conduit]
[HKLM\Software\Corel]
[HKLM\Software\Creative Tech]
[HKLM\Software\DVDFab]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\ESET]
[HKLM\Software\GNU]
[HKLM\Software\GRETECH]
[HKLM\Software\Gabest]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Hyperionics]
[HKLM\Software\ICE]
[HKLM\Software\ICQ]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\Kodak]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Mirabilis]
[HKLM\Software\Motive]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\Nokia Mobile Phones]
[HKLM\Software\Nokia]
[HKLM\Software\ODBC]
[HKLM\Software\OMSI]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PCTools]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Protexis]
[HKLM\Software\RTLSetup]
[HKLM\Software\RealAlternative]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\S3R521]
[HKLM\Software\SPanel]
[HKLM\Software\SSPrint]
[HKLM\Software\Samsung]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\Swearware]
[HKLM\Software\TrendMicro]
[HKLM\Software\Tukero[X]Team]
[HKLM\Software\Universal abit]
[HKLM\Software\VSO]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Xiph.Org]
[HKLM\Software\Zone Labs]
[HKLM\Software\bwin]
[HKLM\Software\mozilla.org]
[HKLM\Software\uTorrentBar]
~ Scan Softwares in 00mn 00s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 3.4.2009 - 11:40:24 - [2412544] ----D- C:\Program Files\abit
O43 - CFD: 6.8.2010 - 10:09:34 - [207327209] ----D- C:\Program Files\Adobe
O43 - CFD: 28.5.2011 - 17:29:44 - [101114114] ----D- C:\Program Files\Ahead
O43 - CFD: 13.11.2009 - 15:22:52 - [164841755] ----D- C:\Program Files\ALNO
O43 - CFD: 1.9.2011 - 8:01:18 - [2950854] ----D- C:\Program Files\Ask.com
O43 - CFD: 3.4.2009 - 10:12:06 - [42590785] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 3.4.2009 - 19:39:32 - [0] ----D- C:\Program Files\AVG
O43 - CFD: 4.8.2011 - 1:17:52 - [35570354] ----D- C:\Program Files\Avidemux 2.5
O43 - CFD: 5.6.2011 - 14:41:16 - [144217600] ----D- C:\Program Files\bwin
O43 - CFD: 10.7.2010 - 10:46:44 - [2812120] ----D- C:\Program Files\CCleaner
O43 - CFD: 7.7.2010 - 9:34:42 - [103248] ----D- C:\Program Files\CheckPoint
O43 - CFD: 4.9.2011 - 10:13:22 - [370211298] ----D- C:\Program Files\Common Files
O43 - CFD: 3.4.2009 - 9:39:02 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 7.7.2010 - 9:34:56 - [1791776] ----D- C:\Program Files\Conduit
O43 - CFD: 13.7.2011 - 10:47:56 - [4844061] ----D- C:\Program Files\ConduitEngine
O43 - CFD: 24.4.2009 - 15:07:22 - [902703527] ----D- C:\Program Files\Corel
O43 - CFD: 20.7.2011 - 16:20:30 - [1595928] ----D- C:\Program Files\DIFX
O43 - CFD: 10.8.2011 - 13:52:34 - [23166102] ----D- C:\Program Files\DivX
O43 - CFD: 4.8.2011 - 0:29:34 - [44904093] ----D- C:\Program Files\DVD Flick
O43 - CFD: 12.7.2011 - 17:39:28 - [39418896] ----D- C:\Program Files\DVDFab 8
O43 - CFD: 3.7.2011 - 18:22:44 - [64239646] ----D- C:\Program Files\ESET
O43 - CFD: 20.6.2009 - 18:14:50 - [14913001] ----D- C:\Program Files\ffdshow
O43 - CFD: 14.7.2011 - 18:13:58 - [411345] ----D- C:\Program Files\Gabest
O43 - CFD: 22.8.2010 - 9:14:36 - [299245562] ----D- C:\Program Files\Google
O43 - CFD: 20.6.2009 - 17:56:56 - [20783971] ----D- C:\Program Files\GRETECH
O43 - CFD: 8.5.2009 - 17:00:48 - [0] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 9.5.2009 - 18:16:36 - [127575846] ----D- C:\Program Files\HP
O43 - CFD: 27.3.2010 - 17:26:24 - [11788007] ----D- C:\Program Files\HyperSnap 6
O43 - CFD: 4.8.2011 - 1:27:04 - [3220087] ----D- C:\Program Files\ImgBurn
O43 - CFD: 13.10.2009 - 9:35:38 - [35929372] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 3.4.2009 - 9:59:02 - [63558] ----D- C:\Program Files\Intel
O43 - CFD: 10.7.2010 - 10:08:02 - [1702566] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 12.4.2009 - 14:08:54 - [79337320] ----D- C:\Program Files\Java
O43 - CFD: 14.7.2009 - 19:29:56 - [2598109] ----D- C:\Program Files\Krtecek
O43 - CFD: 3.7.2011 - 18:05:28 - [16717901] ----D- C:\Program Files\Lavalys
O43 - CFD: 10.7.2010 - 10:11:36 - [2149535] ----D- C:\Program Files\Messenger
O43 - CFD: 3.4.2009 - 9:41:40 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 3.4.2009 - 10:58:30 - [635595885] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14.6.2011 - 3:29:08 - [38388859] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 3.4.2009 - 10:58:24 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 16.2.2010 - 10:08:38 - [3726168] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 12.8.2010 - 9:11:04 - [10343262] ----D- C:\Program Files\Movie Maker
O43 - CFD: 31.8.2011 - 20:38:00 - [35109671] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 3.4.2009 - 10:58:36 - [764] ----D- C:\Program Files\MSBuild
O43 - CFD: 3.4.2009 - 9:38:26 - [8743175] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 4.4.2009 - 19:46:02 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 5.4.2009 - 9:05:52 - [6849] ----D- C:\Program Files\MSXML 6.0
O43 - CFD: 10.7.2010 - 10:04:42 - [3256085] ----D- C:\Program Files\NetMeeting
O43 - CFD: 20.7.2011 - 18:00:10 - [56194841] ----D- C:\Program Files\Nokia
O43 - CFD: 24.8.2009 - 16:02:34 - [350560] ----D- C:\Program Files\NOS
O43 - CFD: 3.4.2009 - 9:40:36 - [1005] ----D- C:\Program Files\Online Services
O43 - CFD: 17.12.2010 - 11:54:12 - [4325510] ----D- C:\Program Files\Outlook Express
O43 - CFD: 20.7.2011 - 16:19:18 - [13586855] ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 3.9.2011 - 0:05:58 - [87941504] ----D- C:\Program Files\PokerStars
O43 - CFD: 11.8.2011 - 10:21:14 - [12139739] ----D- C:\Program Files\PSPad editor
O43 - CFD: 17.3.2010 - 14:36:40 - [58745673] ----D- C:\Program Files\QIP
O43 - CFD: 9.4.2009 - 15:20:46 - [41908320] ----D- C:\Program Files\QXL Poland
O43 - CFD: 20.2.2011 - 15:44:52 - [6212791] ----D- C:\Program Files\Real Alternative
O43 - CFD: 3.4.2009 - 19:15:58 - [65391084] ----D- C:\Program Files\Realtek
O43 - CFD: 20.4.2009 - 10:05:20 - [2618] ----D- C:\Program Files\Registry Clean Expert
O43 - CFD: 11.7.2011 - 12:48:48 - [12587980] ----D- C:\Program Files\Registry Mechanic
O43 - CFD: 24.5.2009 - 12:05:10 - [96498208] ----D- C:\Program Files\Samsung
O43 - CFD: 5.6.2011 - 17:52:50 - [0] ----D- C:\Program Files\SlySoft
O43 - CFD: 4.9.2011 - 10:15:46 - [173111] ----D- C:\Program Files\TNod User & Password Finder
O43 - CFD: 10.8.2011 - 19:48:26 - [17466605] ----D- C:\Program Files\Trell
O43 - CFD: 3.4.2009 - 9:55:20 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 25.7.2011 - 8:13:26 - [1577052] ----D- C:\Program Files\uTorrent
O43 - CFD: 13.7.2011 - 10:47:48 - [4855594] ----D- C:\Program Files\uTorrentBar
O43 - CFD: 11.8.2011 - 9:15:04 - [66336019] ----D- C:\Program Files\VSO
O43 - CFD: 12.4.2009 - 15:06:56 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 21.7.2011 - 18:53:32 - [8339867] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 10.7.2010 - 10:04:38 - [3929343] ----D- C:\Program Files\Windows NT
O43 - CFD: 3.4.2009 - 9:40:38 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 3.4.2009 - 19:03:26 - [3828114] ----D- C:\Program Files\WinRAR
O43 - CFD: 21.7.2011 - 18:53:34 - [2496183] ----D- C:\Program Files\WMP Tag Plus
O43 - CFD: 3.4.2009 - 9:41:40 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 21.7.2011 - 18:55:56 - [6462927] ----D- C:\Program Files\Xiph.Org
O43 - CFD: 4.9.2011 - 12:30:40 - [4013787] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 5.4.2011 - 20:02:26 - [15468] ----D- C:\Program Files\Ztrl
O43 - CFD: 17.10.2010 - 16:13:42 - [6245886] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 28.5.2011 - 17:25:02 - [17097158] ----D- C:\Program Files\Common Files\Ahead
O43 - CFD: 20.4.2009 - 16:31:36 - [17773706] ----D- C:\Program Files\Common Files\Corel
O43 - CFD: 3.4.2009 - 10:58:24 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 10.8.2011 - 13:52:34 - [24656896] ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD: 8.5.2009 - 17:00:44 - [584213] ----D- C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 8.5.2009 - 17:00:50 - [5170050] ----D- C:\Program Files\Common Files\HP
O43 - CFD: 13.10.2009 - 9:34:40 - [8924226] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 20.7.2011 - 17:58:56 - [186078012] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 25.7.2011 - 8:30:34 - [4913357] ----D- C:\Program Files\Common Files\Motive
O43 - CFD: 3.4.2009 - 9:39:50 - [284160] ----D- C:\Program Files\Common Files\MSSoap
O43 - CFD: 20.7.2011 - 18:00:10 - [51341218] ----D- C:\Program Files\Common Files\Nokia
O43 - CFD: 2.4.2009 - 23:38:50 - [0] ----D- C:\Program Files\Common Files\ODBC
O43 - CFD: 20.7.2011 - 16:19:48 - [88064] ----D- C:\Program Files\Common Files\PCSuite
O43 - CFD: 22.8.2010 - 9:19:08 - [0] ----D- C:\Program Files\Common Files\Real
O43 - CFD: 3.4.2009 - 9:39:54 - [8106] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 16.4.2009 - 14:01:30 - [1942824] ----D- C:\Program Files\Common Files\Skype
O43 - CFD: 2.4.2009 - 23:38:48 - [3787229] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 10.7.2010 - 10:04:34 - [41223217] ----D- C:\Program Files\Common Files\System
O43 - CFD: 22.2.2010 - 15:23:18 - [11514119] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Adobe
O43 - CFD: 29.5.2011 - 15:02:50 - [2190141] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Ahead
O43 - CFD: 4.8.2011 - 0:51:50 - [32439] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\avidemux
O43 - CFD: 7.7.2010 - 9:35:18 - [23576] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\CheckPoint
O43 - CFD: 24.4.2009 - 14:46:20 - [4277251] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Corel
O43 - CFD: 10.8.2011 - 13:53:32 - [106] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\DDMSettings
O43 - CFD: 18.7.2009 - 19:37:24 - [16440] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\DivX
O43 - CFD: 22.8.2011 - 20:13:54 - [3878] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\DVD Flick
O43 - CFD: 3.7.2011 - 18:24:10 - [0] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\ESET
O43 - CFD: 20.6.2009 - 18:11:48 - [137077] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\GRETECH
O43 - CFD: 8.5.2009 - 17:07:24 - [28274] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\HP
O43 - CFD: 25.10.2009 - 18:51:26 - [0] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\ICQ Toolbar
O43 - CFD: 1.8.2009 - 11:19:06 - [6199] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\ICQLite
O43 - CFD: 3.4.2009 - 9:55:22 - [0] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Identities
O43 - CFD: 4.8.2011 - 1:35:46 - [135820] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\ImgBurn
O43 - CFD: 3.4.2009 - 11:40:06 - [0] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\InstallShield
O43 - CFD: 3.4.2009 - 11:25:30 - [5426] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Macromedia
O43 - CFD: 20.2.2011 - 15:45:28 - [144] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Media Player Classic
O43 - CFD: 29.9.2010 - 18:28:04 - [2584618] -S--D- C:\Documents and Settings\euro-nabytek\Data aplikací\Microsoft
O43 - CFD: 3.4.2009 - 16:59:24 - [37817860] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Mozilla
O43 - CFD: 1.9.2011 - 17:15:42 - [217217] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Nokia
O43 - CFD: 20.7.2011 - 17:50:28 - [2306235] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\PC Suite
O43 - CFD: 11.8.2011 - 10:24:04 - [5188] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\PSpad
O43 - CFD: 22.8.2010 - 9:18:54 - [777317] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Real
O43 - CFD: 14.4.2011 - 18:48:40 - [505504] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\RenPy
O43 - CFD: 16.8.2011 - 10:09:16 - [1828] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Rovio
O43 - CFD: 9.4.2010 - 15:27:36 - [718256] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Skype
O43 - CFD: 9.4.2010 - 14:39:02 - [35872] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\skypePM
O43 - CFD: 12.4.2009 - 14:08:04 - [159963] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Sun
O43 - CFD: 11.8.2011 - 13:01:24 - [438029] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Thinstall
O43 - CFD: 2.9.2011 - 18:44:34 - [5930430] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\uTorrent
O43 - CFD: 23.3.2010 - 12:48:28 - [5531] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Ventrilo
O43 - CFD: 25.8.2011 - 20:14:40 - [72427] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\Vso
O43 - CFD: 3.4.2009 - 19:04:14 - [0] ----D- C:\Documents and Settings\euro-nabytek\Data aplikací\WinRAR
O43 - CFD: 17.10.2010 - 16:13:04 - [504665] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Adobe
O43 - CFD: 1.9.2011 - 8:01:06 - [0] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\AskToolbar
O43 - CFD: 13.7.2011 - 10:47:48 - [190690] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Conduit
O43 - CFD: 13.7.2011 - 10:48:00 - [4496928] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\ConduitEngine
O43 - CFD: 3.7.2011 - 19:42:40 - [9318022] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\ESET
O43 - CFD: 24.5.2011 - 14:29:02 - [308834] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Google
O43 - CFD: 8.5.2009 - 17:28:14 - [379533] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\HP
O43 - CFD: 21.11.2009 - 10:24:00 - [379896] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Identities
O43 - CFD: 20.6.2011 - 21:10:38 - [131046476] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Microsoft
O43 - CFD: 3.4.2009 - 10:55:54 - [0] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Microsoft Help
O43 - CFD: 3.4.2009 - 16:59:24 - [129008215] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Mozilla
O43 - CFD: 4.7.2009 - 15:02:36 - [864211] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\P5
O43 - CFD: 23.5.2009 - 11:11:44 - [3016] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\PSU
O43 - CFD: 22.8.2010 - 9:17:04 - [255] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Real
O43 - CFD: 13.7.2011 - 10:47:46 - [0] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Temp
O43 - CFD: 11.8.2011 - 13:01:24 - [0] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Thinstall
O43 - CFD: 13.7.2011 - 10:46:16 - [0] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\uTorrent
O43 - CFD: 13.7.2011 - 10:47:56 - [4493927] ----D- C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\uTorrentBar
~ Scan Program Folder in 00mn 52s
---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.CB4CC3D4EA7C94A35F1D81C3D750BC8D] - 11.8.2011 - 8:15:01 ---A- . (.On2.com - VP70 VIDEO FOR WINDOWS CODEC.) -- C:\WINDOWS\system32\vp7vfw.dll [626688]
O44 - LFC:[MD5.5FB0F4D86C76470E559CFC0A320B2D35] - 11.8.2011 - 8:15:02 ---A- . (.RealNetworks, Inc. - ACELP-NET Voice Codec for RealAudio(tm).) -- C:\WINDOWS\system32\sipr3260.dll [102439]
O44 - LFC:[MD5.79D15C3C4C03674FB88A95D8AFD470FE] - 11.8.2011 - 8:15:02 ---A- . (.RealNetworks, Inc. - No comment.) -- C:\WINDOWS\system32\Pncrt.dll [273408]
O44 - LFC:[MD5.3E1054C32532E726D9DAF20FA9048BE8] - 11.8.2011 - 8:15:02 ---A- . (.RealNetworks, Inc. - RealNetworks Cooker G2 Audio Codec.) -- C:\WINDOWS\system32\cook3260.dll [65602]
O44 - LFC:[MD5.FFFAAEF7265285A274C3535B65238693] - 11.8.2011 - 8:15:02 ---A- . (.RealNetworks, Inc. - RealVideo 8.) -- C:\WINDOWS\system32\drv33260.dll [208935]
O44 - LFC:[MD5.711DBC8F0A5D89A2C946C33F2D717C75] - 11.8.2011 - 8:15:02 ---A- . (.RealNetworks, Inc. - RealVideo 9.) -- C:\WINDOWS\system32\drv43260.dll [217127]
O44 - LFC:[MD5.2BF29D229C9F685031945E77E6BABD34] - 11.8.2011 - 8:15:02 ---A- . (.RealNetworks, Inc. - RealVideo G2.) -- C:\WINDOWS\system32\drv23260.dll [176165]
O44 - LFC:[MD5.58D7A62AD5840B11420ABDFF536B4BE5] - 24.8.2011 - 22:07:54 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [233980]
O44 - LFC:[MD5.BE64243EC1F3B6EE84FEF78017A4D51E] - 25.8.2011 - 19:13:09 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [49]
O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 26.6.2011 - 7:45:56 ---A- . (...) -- C:\WINDOWS\PEV.exe [256000]
O44 - LFC:[MD5.17D7055859D99A0D606CFAF17AE38638] - 3.7.2011 - 17:32:17 ---A- . (...) -- C:\Boot.bak [211]
O44 - LFC:[MD5.24FDED3C38A10BD62C08867DC47A1F1E] - 3.8.2004 - 22:00:04 RSHA- . (...) -- C:\cmldr [261312]
O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 31.8.2000 - 1:00:00 ---A- . (...) -- C:\WINDOWS\grep.exe [80412]
O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 31.8.2000 - 1:00:00 ---A- . (...) -- C:\WINDOWS\sed.exe [98816]
O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 31.8.2000 - 1:00:00 ---A- . (...) -- C:\WINDOWS\zip.exe [68096]
O44 - LFC:[MD5.16F4A0C06A605A1282C4B17835A18969] - 31.8.2011 - 19:59:45 RSHA- . (...) -- C:\boot.ini [327]
O44 - LFC:[MD5.6FF09555183DDAEA769A615BFDE3F8CF] - 31.8.2011 - 20:27:25 ---A- . (...) -- C:\WINDOWS\system32\FNTCACHE.DAT [272576]
O44 - LFC:[MD5.C9A9949FE93EBD7EEC7B8A93A6A35E83] - 4.9.2011 - 11:18:57 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32514]
O44 - LFC:[MD5.6F359C7BCA95FF1935CD3B654F5444B0] - 4.9.2011 - 11:19:49 ---A- . (...) -- C:\WINDOWS\system32\ativvaxx.cap [44964]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 4.9.2011 - 11:19:52 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.4ADDCD734EE321F8FFEAD19D883BB513] - 4.9.2011 - 11:19:55 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [13646]
O44 - LFC:[MD5.EAE8CE5BC19349DBAA001AADC0B838A8] - 4.9.2011 - 11:20:05 ---A- . (...) -- C:\WINDOWS\wiaservc.log [48]
O44 - LFC:[MD5.0AA52B8374A64DAB2BAD01DD73695DB0] - 4.9.2011 - 11:20:09 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 4.9.2011 - 11:21:44 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.2F7790912635D0F2864461678A16AFD8] - 4.9.2011 - 11:21:47 ---A- . (...) -- C:\WINDOWS\setupapi.log [4025]
O44 - LFC:[MD5.3A9A54E9FF21A4825E9B40A89674F085] - 4.9.2011 - 11:28:36 ---A- . (...) -- C:\WINDOWS\setupact.log [60]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 4.9.2011 - 11:28:36 ---A- . (...) -- C:\WINDOWS\setuperr.log [0]
O44 - LFC:[MD5.3B1CA14F6B4C4B1E820C2062738FAAEF] - 4.9.2011 - 11:31:33 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1651306]
O44 - LFC:[MD5.753BC16326FEE4A421ACB636CCD602F4] - 4.9.2011 - 9:07:36 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [60416]
O44 - LFC:[MD5.A46842C9B0C567A5A9584E83A163560C] - 4.9.2011 - 9:07:36 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [518144]
O44 - LFC:[MD5.0297C72529807322B152F517FDB0A9FC] - 4.9.2011 - 9:07:36 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [406528]
O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 4.9.2011 - 9:07:36 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480]
O44 - LFC:[MD5.A4AA96165F728A860AEC6CC05DBB6701] - 4.9.2011 - 9:18:02 ---A- . (...) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.948C5C5C79F46D2D67B61224018ABCC5] - 4.9.2011 - 9:22:20 ---A- . (...) -- C:\ComboFix.txt [16165]
O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 7.11.2010 - 18:20:24 ---A- . (...) -- C:\WINDOWS\MBR.exe [208896]
~ Scan Files in 00mn 41s
---\\ Export authorized application key (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Microsoft® Remote Desktop Help Session Manager.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\utorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\utorrent.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" [Enabled] .(.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Hewlett-Packard Co. - HP All-in-One Launcher Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" [Enabled] .(.Hewlett-Packard - HP Scan Application.) -- C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Message Manager.) -- C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential Software.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - hpqsudi.) -- C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" [Enabled] .(.Hewlett-Packard Co. - HP Guided Solutions.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" [Enabled] .(.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Microsoft® Remote Desktop Help Session Manager.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" [Enabled] .(.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Hewlett-Packard Co. - HP All-in-One Launcher Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" [Enabled] .(.Hewlett-Packard - HP Scan Application.) -- C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Message Manager.) -- C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential Software.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - hpqsudi.) -- C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" [Enabled] .(.Hewlett-Packard Co. - HP Guided Solutions.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" [Enabled] .(.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
~ Scan Keys in 00mn 00s
---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - System Restore Filesystem Filter Driver.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - System Restore Filesystem Filter Driver.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
~ Scan CSB in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ Scan IFEO in 00mn 00s
---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - DSP Group TrueSpeech(TM) Audio Codec for MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\WINDOWS\system32\ff_vfw.dll
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll
O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\WINDOWS\system32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.2 Codec" . (...) -- (.not file.)
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\AirPaceWifi [Key] . (.Universal abit - abit AirPace Wi-Fi.) -- C:\Program Files\abit\abit uGuru\AirPaceWifi.exe
O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O53 - SMSR:HKLM\...\startupreg\hpqSRMon [Key] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O53 - SMSR:HKLM\...\startupreg\MSMSGS [Key] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O53 - SMSR:HKLM\...\startupreg\QIP2005 [Key] . (.The Author of QIP - Quiet Internet Pager.) -- C:\Program Files\QIP\qip.exe
~ Scan SMSR Keys in 00mn 00s
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA Client for 32 bit platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI Authentication Package.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA Client for 32 bit platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI Authentication Package.) -- C:\WINDOWS\system32\digest.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0
~ Scan Keys in 00mn 00s
---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.F6AF59D6EEE5E1C304F7F73706AD11D8] - 4.9.2011 - 19:10:12 ---A- . (.Creative - Creative WDM 3D Audio Driver.) -- C:\WINDOWS\system32\drivers\Ambfilt.sys [1684736]
O58 - SDL:[MD5.C06659FF381423D6CB19A91C2A2F80AD] - 4.9.2011 - 5:52:41 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [3299840]
O58 - SDL:[MD5.DA8B7EA06BA5148E453C53DF877DBA68] - 4.9.2011 - 10:30:08 ---A- . (.AzureWave Technologies, Inc. - Driver for Atheros AR5001 Wireless Network Adapter.) -- C:\WINDOWS\system32\drivers\aw5006.sys [556832]
O58 - SDL:[MD5.CFE3462A9E94A57DCD9676F6B7FE7F67] - 4.9.2011 - 9:12:28 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmb.sys [18176]
O58 - SDL:[MD5.8F2A94F991F8C73CEC26B4B5620D1EDC] - 4.9.2011 - 9:12:32 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys [23168]
O58 - SDL:[MD5.30274D9BC25A43BF14891E710216EBC4] - 4.9.2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 4.9.2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.E31464CE787E3A0FFEA55BAA591897F0] - 4.9.2011 - 14:41:10 ---A- . (.ESET - Amon monitor.) -- C:\WINDOWS\system32\drivers\eamon.sys [114472]
O58 - SDL:[MD5.2C95A7A87E4272C1FFF9BAF579677DB3] - 4.9.2011 - 14:47:14 ---A- . (.ESET - ESET Helper driver.) -- C:\WINDOWS\system32\drivers\ehdrv.sys [107256]
O58 - SDL:[MD5.C2C9A92B560A775C65B89E78DCB6951A] - 4.9.2011 - 14:49:22 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\WINDOWS\system32\drivers\epfw.sys [133000]
O58 - SDL:[MD5.73FC7C4A5952B5493C6BE2708D1538C0] - 4.9.2011 - 14:49:26 ---A- . (.ESET - ESET Personal Firewall NDIS filter.) -- C:\WINDOWS\system32\drivers\epfwndis.sys [33096]
O58 - SDL:[MD5.CD6D97A7A88A78FA6F1732B75971EAD0] - 4.9.2011 - 14:49:26 ---A- . (.ESET - ESET Personal Firewall TDI filter.) -- C:\WINDOWS\system32\drivers\epfwtdi.sys [55768]
O58 - SDL:[MD5.0C79689B4840EF8EC522598343F26849] - 4.9.2011 - 10:13:18 ---A- . (.Aladdin Knowledge Systems Ltd. - SmartKey Parallel Driver.) -- C:\WINDOWS\system32\drivers\eusk2par.sys [25680]
O58 - SDL:[MD5.315FE3219404A7B88E2D35DABC4A085E] - 4.9.2011 - 12:02:02 ---A- . (.Eutron - SmartKey USB Driver for Windows.) -- C:\WINDOWS\system32\drivers\eusk3usb.sys [43968]
O58 - SDL:[MD5.D03D10F7DED688FECF50F8FBF1EA9B8A] - 4.9.2011 - 22:22:06 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys [49920]
O58 - SDL:[MD5.89F41658929393487B6B7D13C8528CE3] - 4.9.2011 - 22:22:07 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496]
O58 - SDL:[MD5.ABCB05CCDBF03000354B9553820E39F8] - 4.9.2011 - 22:22:08 R--A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21568]
O58 - SDL:[MD5.FCCF4AE4EF72CBABA6D6BEFEFD77E940] - 4.9.2011 - 18:48:40 ---A- . (.Ahead Software AG and its licensors - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys [89184]
O58 - SDL:[MD5.9FA7207D1B1ADEAD88AE8EED9CDBBAA5] - 4.9.2011 - 14:41:48 ---A- . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- C:\WINDOWS\system32\drivers\Monfilt.sys [1389056]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 4.9.2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.99145C5D4B6C4D6F5CE83EE6ABFFE294] - 4.9.2011 - 9:09:48 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys [137600]
O58 - SDL:[MD5.FAEE7B61C6885B091CEC1FF06DA2E1AB] - 4.9.2011 - 9:09:48 ---A- . (.Nokia - Nokia USB Phone Generic Client.) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [8576]
O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 4.9.2011 - 9:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [18816]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 4.9.2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 4.9.2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 4.9.2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.20F8E21AF426BF61881981452B3C3370] - 4.9.2011 - 8:57:36 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [130688]
O58 - SDL:[MD5.39C5C2FBF652C9F8C194873D5C8A1F58] - 4.9.2011 - 10:46:36 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtHDMIV.sys [143328]
O58 - SDL:[MD5.1AE3CFF80017EF89DA959350724C7194] - 4.9.2011 - 16:13:30 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [5063168]
O58 - SDL:[MD5.6F62BAFE6150F3952F877051C65786FE] - 4.9.2011 - 10:50:25 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RTKVHDA.sys [1841312]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 4.9.2011 - 17:39:14 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.0E6AD03CCBBF777C58CAB10B65800B97] - 4.9.2011 - 11:49:16 ---A- . (.EUTRON - SmartKey USB Driver for Windows.) -- C:\WINDOWS\system32\drivers\skeyusb.sys [45277]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 4.9.2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.EC01DA44B090D2651FC032C8B9257232] - 4.9.2011 - 9:12:36 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys [8192]
O58 - SDL:[MD5.4ABD37CFBD710E64F01F9DA8710C73F7] - 4.9.2011 - 9:12:38 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys [8192]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 4.9.2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.A0D62056B9B494C09EE9AC6FD94E4074] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9035]
O58 - SDL:[MD5.DA8B7EA06BA5148E453C53DF877DBA68] - 4.9.2011 - 10:30:08 ---A- . (.AzureWave Technologies, Inc. - Driver for Atheros AR5001 Wireless Network Adapter.) -- C:\WINDOWS\system32\aw5006.sys [556832]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.2DE9700B53CD22189CCAEE42246DF396] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4880]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.70F45786F35CAB62DEDD2291B0051DA8] - 4.9.2011 - 15:37:17 -SHA- . (...) -- C:\WINDOWS\system32\KGyGaAvL.sys [952]
O58 - SDL:[MD5.C1B822C0E789D22ADBFFE4FB3B2CEC7A] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27898]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.8856178A5F96B98C55F3C7987F02F36B] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [33904]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 4.9.2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Scan Drivers in 00mn 01s
---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 30.12.1899 - C:\ComboFix\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
O64 - Services: CurCS - 30.12.1899 - C:\WINDOWS\system32\Drivers\DgiVecp.sys (.not file.) - DgiVecp (DgiVecp) .(...) - LEGACY_DGIVECP
O64 - Services: CurCS - 14.4.2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) - LEGACY_DMBOOT
O64 - Services: CurCS - 18.8.2004 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 14.5.2009 - C:\WINDOWS\system32\DRIVERS\eamon.sys - eamon(eamon) .(.ESET - Amon monitor.) - LEGACY_EAMON
O64 - Services: CurCS - 14.5.2009 - C:\WINDOWS\system32\DRIVERS\ehdrv.sys - ehdrv(ehdrv) .(.ESET - ESET Helper driver.) - LEGACY_EHDRV
O64 - Services: CurCS - 14.5.2009 - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe - ESET Service(ekrn) .(.ESET - ESET Service.) - LEGACY_EKRN
O64 - Services: CurCS - 14.5.2009 - C:\WINDOWS\system32\DRIVERS\epfw.sys - epfw(epfw) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFW
O64 - Services: CurCS - 14.5.2009 - C:\WINDOWS\system32\DRIVERS\epfwtdi.sys - epfwtdi(epfwtdi) .(.ESET - ESET Personal Firewall TDI filter.) - LEGACY_EPFWTDI
O64 - Services: CurCS - 18.12.2008 - C:\WINDOWS\system32\Drivers\eusk2par.sys - Aladdin SmartKey Parallel Driver(eusk2par) .(.Aladdin Knowledge Systems Ltd. - SmartKey Parallel Driver.) - LEGACY_EUSK2PAR
O64 - Services: CurCS - 22.8.2010 - C:\Program Files\Google\Update\GoogleUpdate.exe - Služba Google Update (gupdate)(gupdate) .(.Google Inc. - Instalační program Google.) - LEGACY_GUPDATE
O64 - Services: CurCS - 12.4.2009 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 15.10.2007 - C:\Program Files\Common Files\Motive\McciCMService.exe - McciCMService(McciCMService) .(.Motive Communications, Inc. - mcci+McciCMService.) - LEGACY_MCCICMSERVICE
O64 - Services: CurCS - 29.3.2008 - C:\PROGRA~1\COMMON~1\Motive\MREMP50.sys - MREMP50 NDIS Protocol Driver(MREMP50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_MREMP50
O64 - Services: CurCS - 29.3.2008 - C:\PROGRA~1\COMMON~1\Motive\MRESP50.sys - MRESP50 NDIS Protocol Driver(MRESP50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_MRESP50
O64 - Services: CurCS - 8.6.2011 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer(ServiceLayer) .(.Nokia - ServiceLayer Module.) - LEGACY_SERVICELAYER
O64 - Services: CurCS - 30.12.1899 - C:\WINDOWS\system32\Drivers\SSPORT.sys (.not file.) - SSPORT (SSPORT) .(...) - LEGACY_SSPORT
~ Scan Services in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor registru.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Editor registru.) -- C:\WINDOWS\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - ( ) - http://search.conduit.com
~ Scan Keys in 00mn 00s
---\\ Internet Feature Controls (IFC) (O81)
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
~ Scan Keys in 00mn 00s
---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.87E00892D6FAD88AB802E0E3E0FEF6A5] [SPRF][31.8.2011] (...) -- C:\Documents and Settings\euro-nabytek\Plocha\cc_20110831_214557.reg [10302]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25.7.2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25.7.2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
[MD5.DE2EB468A14E00F9A99326C6C9C07075] [SPRF][2.2.2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1914440]
[MD5.B8F39C9E0F0B71E454DBA431CF3B99C9] [SPRF][11.8.2005] (.Macrovision Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [417792]
~ Scan Files in 00mn 00s
---\\ Additionnal Scan (O88)
Database Version : 8617 - (29/08/2011)
Clés trouvées (Keys found) : 46
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 9
Fichiers trouvés (Files found) : 0
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1] =>Toolbar.AskTBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Toolbar.AskSBar
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Toolbar.AskSBar
[HKLM\Software\Classes\Toolbar.CT2611275] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar.CT2786678] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.AskSBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Toolbar.AskTBar
[HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Classes\CLSID\{70B07F69-5796-4F8D-BF4C-9B3151012CB1}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{7558E739-8E7C-44BB-BCE7-1BF0D72B7026}] =>Adware.BHO
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.AskSBar
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\CLSID\{96AFBE69-C3B0-4b00-8578-D933D2896EE2}] =>Virus.Virut
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.AskSBar
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.AskSBar
[HKLM\Software\Classes\CLSID\{AC6240AE-33B6-40D3-8683-31BBE86049A0}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6240AE-33B6-40D3-8683-31BBE86049A0}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar
[HKCU\Software\APN] =>Toolbar.Agent
[HKLM\Software\APN] =>Toolbar.Agent
[HKCU\Software\Ask.com] =>Toolbar.AskBar
[HKCU\Software\Ask.com] =>Toolbar.AskBarDis
[HKCU\Software\AskToolbar] =>Toolbar.AskTBar
[HKLM\Software\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\AppDataLow\AskToolbarInfo] =>Toolbar.AskTBar
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\conduitEngine] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Software\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Toolbar] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{30F9B915-B755-4826-820B-08FBA6BD249D} =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:ApnUpdater =>Toolbar.Ask
C:\Program Files\Ask.com =>Toolbar.AskBar
C:\Program Files\Conduit =>Toolbar.Conduit
C:\Program Files\ConduitEngine =>Toolbar.Conduit
C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\AskToolbar =>Toolbar.AskTBar
C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\Conduit =>Toolbar.Conduit
C:\Documents and Settings\euro-nabytek\Local Settings\Data aplikací\ConduitEngine =>Toolbar.Conduit
~ Scan Additionnel in 00mn 08s
---\\ Router Hijack DNS (O89)
Server: UnKnown
Address: 10.0.0.138
N˙zev: http://www.l.google.com
Addresses: 74.125.39.105, 74.125.39.106, 74.125.39.147, 74.125.39.99
74.125.39.103, 74.125.39.104
Aliases: http://www.google.fr, http://www.google.com
~ Scan DNS in 00mn 02s
---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 4.9.2011 573440 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SS - | Auto 593920 | (ATI Smart) . (...) - C:\WINDOWS\system32\ati2sgag.exe
SS - | Demand 4.9.2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Demand 4.9.2011 20680 | (EhttpSrv) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
SR - | Auto 4.9.2011 731840 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
SS - | Auto 4.9.2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 4.9.2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 4.9.2011 152984 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SR - | Auto 4.9.2011 303104 | (McciCMService) . (.Motive Communications, Inc..) - C:\Program Files\Common Files\Motive\McciCMService.exe
SR - | Demand 4.9.2011 633856 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
~ Scan Services in 00mn 03s
---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by euro-nabytek at 4.9.2011 12:32:35
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 nt!IofCallDriver[0x804E13B9] -> \Device\Harddisk0\DR0[0x86F74AB8]
3 CLASSPNP[0xF764FFD7] -> nt!IofCallDriver[0x804E13B9] -> \Device\0000006a[0x86F4B9E8]
5 ACPI[0xF75A6620] -> nt!IofCallDriver[0x804E13B9] -> \Device\Ide\IdeDeviceP2T0L0-5[0x86F78940]
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 05s
---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by euro-nabytek at 4.9.2011 12:32:37
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 07s
End of the scan (1421 lines in 02mn 59s)(0)
http://www.virustotal.com/file-scan/rep ... 1315132655
-
revolver 123
- Návštěvník
- Příspěvky: 6
- Registrován: 04 zář 2011 09:46
Re: Kryptik.sge
vřelé díky 
zde pož.soubory
První MBR
http://www.edisk.cz/stahni/77735/MBR.rar_552B.html
Druhý MBR
http://www.edisk.cz/stahni/65839/MBR.dat_512B.html
Combofix log:
ComboFix 11-09-03.01 - euro-nabytek 04.09.2011 13:03:10.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.477 [GMT 2:00]
Spuštěný z: c:\documents and settings\euro-nabytek\Dokumenty\Stažené soubory\ComboFix.exe
AV: ESET Smart Security 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SPService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-04 do 2011-09-04 )))))))))))))))))))))))))))))))
.
.
2011-09-04 10:32 . 2011-09-04 10:32 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-09-04 10:26 . 2011-09-04 10:32 -------- d-----w- C:\ZHP
2011-09-04 10:25 . 2011-09-04 10:32 -------- d-----w- c:\program files\ZHPDiag
2011-09-01 06:01 . 2011-09-01 06:01 -------- d-----w- c:\documents and settings\euro-nabytek\Local Settings\Data aplikací\AskToolbar
2011-08-26 15:32 . 2011-08-26 15:41 -------- d-----w- C:\vypalit
2011-08-26 15:32 . 2011-08-26 15:32 -------- d-----w- C:\driver
2011-08-26 15:21 . 2011-08-26 15:21 -------- d-----w- c:\documents and settings\Administrator
2011-08-26 14:40 . 2011-09-02 22:05 -------- d-----w- c:\program files\PokerStars
2011-08-25 18:35 . 2011-08-25 18:35 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2011-08-16 08:09 . 2011-08-16 08:09 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\Rovio
2011-08-11 11:01 . 2011-08-11 11:01 -------- d-----w- c:\documents and settings\euro-nabytek\Local Settings\Data aplikací\Thinstall
2011-08-11 11:01 . 2011-08-11 11:01 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\Thinstall
2011-08-11 09:08 . 2011-08-11 09:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\vsosdk
2011-08-11 08:41 . 2011-08-11 08:43 -------- d-----w- c:\documents and settings\euro-nabytek\avidemux
2011-08-11 08:21 . 2011-08-11 08:24 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\PSpad
2011-08-11 08:21 . 2011-08-11 08:21 -------- d-----w- c:\program files\PSPad editor
2011-08-11 07:15 . 2011-08-25 18:14 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\Vso
2011-08-11 07:15 . 2010-02-09 14:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2011-08-11 07:15 . 2010-02-09 14:37 217127 ----a-w- c:\windows\system32\drv43260.dll
2011-08-11 07:15 . 2010-02-09 14:37 208935 ----a-w- c:\windows\system32\drv33260.dll
2011-08-11 07:15 . 2010-02-09 14:37 176165 ----a-w- c:\windows\system32\drv23260.dll
2011-08-11 07:15 . 2010-02-09 14:37 102439 ----a-w- c:\windows\system32\sipr3260.dll
2011-08-11 07:15 . 2010-02-09 14:37 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2011-08-11 07:15 . 2010-02-09 14:37 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2011-08-11 07:14 . 2011-08-11 07:15 -------- d-----w- c:\program files\VSO
2011-08-10 11:53 . 2011-08-10 11:53 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\DDMSettings
2011-08-10 06:22 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 06:22 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-22 20:51 . 2010-03-10 19:29 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2009-04-03 07:37 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-21 18:18 . 2004-08-18 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2011-06-21 18:18 . 2004-08-18 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-06-21 18:18 . 2004-08-18 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-06-21 18:16 . 2004-08-18 12:00 370176 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-18 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-08-31 18:37 . 2011-05-28 09:23 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-04_08.18.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-09-04 11:09 . 2011-09-04 11:09 16384 c:\windows\Temp\Perflib_Perfdata_2c4.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-03-28 16:22 176936 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-03-28 16:22 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-23 19:20 1515688 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-03-28 176936]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-03-28 176936]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\sp]
@="{96AFBE69-C3B0-4b00-8578-D933D2896EE2}"
[HKEY_CLASSES_ROOT\CLSID\{96AFBE69-C3B0-4b00-8578-D933D2896EE2}]
2011-08-31 22:42 56832 ----a-w- c:\documents and settings\All Users\Data aplikací\Adobe\sp.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-12 148888]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-08-08 524288]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-08-23 887976]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\euro-nabytek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirPaceWifi]
2007-02-08 12:17 2240512 ----a-w- c:\program files\abit\abit uGuru\AirPacewifi.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2008-03-25 19:27 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-03-13 07:34 81920 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP2005]
2008-12-09 16:00 3259392 ----a-w- c:\program files\QIP\qip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2009-03-27 09:22 17567744 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"29626:TCP"= 29626:TCP:spport
"17615:TCP"= 17615:TCP:spport
"17157:TCP"= 17157:TCP:spport
"6357:TCP"= 6357:TCP:spport
"15342:TCP"= 15342:TCP:spport
"19098:TCP"= 19098:TCP:spport
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 107256]
R1 eusk2par;Aladdin SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [26.3.2011 12:01 25680]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.5.2009 15:47 731840]
R3 AR2425;abit AirPace Wi-Fi Wireless Network Adapter Service;c:\windows\system32\drivers\aw5006.sys [3.4.2009 11:40 556832]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22.8.2010 9:14 136176]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.4.2009 19:15 1684736]
S3 eusk3usb;SmartKey 3 USB;c:\windows\system32\drivers\eusk3usb.sys [26.3.2011 12:01 43968]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [22.8.2010 9:14 136176]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [20.7.2011 16:19 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [20.7.2011 16:19 8576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
netsvc REG_MULTI_SZ SPService a
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-22 07:13]
.
2011-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-22 07:13]
.
2011-09-04 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-08-23 19:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\euro-nabytek\Data aplikací\Mozilla\Firefox\Profiles\zrfpu1jy.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-04 13:11
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1132)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2992)
c:\documents and settings\all users\data aplikací\adobe\sp.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Celkový čas: 2011-09-04 13:12:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-04 11:12
ComboFix2.txt 2011-09-04 08:22
.
Před spuštěním: Volných bajtů: 128 923 779 072
Po spuštění: Volných bajtů: 128 906 543 104
.
- - End Of File - - 39E4D10C6199CCDFD2B5ED05EBF2F6CB
Ty samotné soubory z Eset karantény naleznu kde?
zde pož.soubory
První MBR
http://www.edisk.cz/stahni/77735/MBR.rar_552B.html
Druhý MBR
http://www.edisk.cz/stahni/65839/MBR.dat_512B.html
Combofix log:
ComboFix 11-09-03.01 - euro-nabytek 04.09.2011 13:03:10.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.477 [GMT 2:00]
Spuštěný z: c:\documents and settings\euro-nabytek\Dokumenty\Stažené soubory\ComboFix.exe
AV: ESET Smart Security 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SPService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-04 do 2011-09-04 )))))))))))))))))))))))))))))))
.
.
2011-09-04 10:32 . 2011-09-04 10:32 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-09-04 10:26 . 2011-09-04 10:32 -------- d-----w- C:\ZHP
2011-09-04 10:25 . 2011-09-04 10:32 -------- d-----w- c:\program files\ZHPDiag
2011-09-01 06:01 . 2011-09-01 06:01 -------- d-----w- c:\documents and settings\euro-nabytek\Local Settings\Data aplikací\AskToolbar
2011-08-26 15:32 . 2011-08-26 15:41 -------- d-----w- C:\vypalit
2011-08-26 15:32 . 2011-08-26 15:32 -------- d-----w- C:\driver
2011-08-26 15:21 . 2011-08-26 15:21 -------- d-----w- c:\documents and settings\Administrator
2011-08-26 14:40 . 2011-09-02 22:05 -------- d-----w- c:\program files\PokerStars
2011-08-25 18:35 . 2011-08-25 18:35 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2011-08-16 08:09 . 2011-08-16 08:09 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\Rovio
2011-08-11 11:01 . 2011-08-11 11:01 -------- d-----w- c:\documents and settings\euro-nabytek\Local Settings\Data aplikací\Thinstall
2011-08-11 11:01 . 2011-08-11 11:01 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\Thinstall
2011-08-11 09:08 . 2011-08-11 09:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\vsosdk
2011-08-11 08:41 . 2011-08-11 08:43 -------- d-----w- c:\documents and settings\euro-nabytek\avidemux
2011-08-11 08:21 . 2011-08-11 08:24 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\PSpad
2011-08-11 08:21 . 2011-08-11 08:21 -------- d-----w- c:\program files\PSPad editor
2011-08-11 07:15 . 2011-08-25 18:14 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\Vso
2011-08-11 07:15 . 2010-02-09 14:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2011-08-11 07:15 . 2010-02-09 14:37 217127 ----a-w- c:\windows\system32\drv43260.dll
2011-08-11 07:15 . 2010-02-09 14:37 208935 ----a-w- c:\windows\system32\drv33260.dll
2011-08-11 07:15 . 2010-02-09 14:37 176165 ----a-w- c:\windows\system32\drv23260.dll
2011-08-11 07:15 . 2010-02-09 14:37 102439 ----a-w- c:\windows\system32\sipr3260.dll
2011-08-11 07:15 . 2010-02-09 14:37 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2011-08-11 07:15 . 2010-02-09 14:37 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2011-08-11 07:14 . 2011-08-11 07:15 -------- d-----w- c:\program files\VSO
2011-08-10 11:53 . 2011-08-10 11:53 -------- d-----w- c:\documents and settings\euro-nabytek\Data aplikací\DDMSettings
2011-08-10 06:22 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 06:22 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-22 20:51 . 2010-03-10 19:29 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2009-04-03 07:37 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-21 18:18 . 2004-08-18 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2011-06-21 18:18 . 2004-08-18 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-06-21 18:18 . 2004-08-18 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-06-21 18:16 . 2004-08-18 12:00 370176 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-18 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-08-31 18:37 . 2011-05-28 09:23 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-04_08.18.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-09-04 11:09 . 2011-09-04 11:09 16384 c:\windows\Temp\Perflib_Perfdata_2c4.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-03-28 16:22 176936 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-03-28 16:22 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-23 19:20 1515688 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-03-28 176936]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-03-28 176936]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\sp]
@="{96AFBE69-C3B0-4b00-8578-D933D2896EE2}"
[HKEY_CLASSES_ROOT\CLSID\{96AFBE69-C3B0-4b00-8578-D933D2896EE2}]
2011-08-31 22:42 56832 ----a-w- c:\documents and settings\All Users\Data aplikací\Adobe\sp.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-12 148888]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-08-08 524288]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-08-23 887976]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\euro-nabytek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirPaceWifi]
2007-02-08 12:17 2240512 ----a-w- c:\program files\abit\abit uGuru\AirPacewifi.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2008-03-25 19:27 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-03-13 07:34 81920 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP2005]
2008-12-09 16:00 3259392 ----a-w- c:\program files\QIP\qip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2009-03-27 09:22 17567744 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"29626:TCP"= 29626:TCP:spport
"17615:TCP"= 17615:TCP:spport
"17157:TCP"= 17157:TCP:spport
"6357:TCP"= 6357:TCP:spport
"15342:TCP"= 15342:TCP:spport
"19098:TCP"= 19098:TCP:spport
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 107256]
R1 eusk2par;Aladdin SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [26.3.2011 12:01 25680]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.5.2009 15:47 731840]
R3 AR2425;abit AirPace Wi-Fi Wireless Network Adapter Service;c:\windows\system32\drivers\aw5006.sys [3.4.2009 11:40 556832]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22.8.2010 9:14 136176]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.4.2009 19:15 1684736]
S3 eusk3usb;SmartKey 3 USB;c:\windows\system32\drivers\eusk3usb.sys [26.3.2011 12:01 43968]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [22.8.2010 9:14 136176]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [20.7.2011 16:19 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [20.7.2011 16:19 8576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
netsvc REG_MULTI_SZ SPService a
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-22 07:13]
.
2011-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-22 07:13]
.
2011-09-04 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-08-23 19:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\euro-nabytek\Data aplikací\Mozilla\Firefox\Profiles\zrfpu1jy.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-04 13:11
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1132)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2992)
c:\documents and settings\all users\data aplikací\adobe\sp.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Celkový čas: 2011-09-04 13:12:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-04 11:12
ComboFix2.txt 2011-09-04 08:22
.
Před spuštěním: Volných bajtů: 128 923 779 072
Po spuštění: Volných bajtů: 128 906 543 104
.
- - End Of File - - 39E4D10C6199CCDFD2B5ED05EBF2F6CB
Ty samotné soubory z Eset karantény naleznu kde?
Přispějete na provoz fóra?