Rbot prosim ta kukni sa na môj log. dakujem
"Silent Runners.vbs", revision 52,
http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"nod32kui" = ""D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE" ["Eset "]
"EPSON Stylus DX3800 Series" = "D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"" ["SEIKO EPSON CORPORATION"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "D:\Program Files\Java\jre1.6.0\bin\ssv.dll" ["Sun Microsystems, Inc."]
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}\(Default) = (no title provided)
-> {HKLM...CLSID} = "EpsonToolBandKicker Class"
\InProcServer32\(Default) = "D:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll" ["SEIKO EPSON CORPORATION"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozšíření panelu Zobrazení pro panoramatické zobrazení"
-> {HKLM...CLSID} = "Rozšíření panelu Zobrazení pro panoramatické zobrazení"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozšíření ikony programu HyperTerminal"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "D:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{5E6AB780-7743-11CF-A12B-00AA004AE837}" = "Panel nástrojů Microsoft pro síť Internet"
-> {HKLM...CLSID} = "Panel nástrojů Microsoft pro síť Internet"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}" = "Stav stahování"
-> {HKLM...CLSID} = "Stav stahování"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}" = "Rozšířená složka prostředí"
-> {HKLM...CLSID} = "Rozšířená složka prostředí"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{6413BA2C-B461-11d1-A18A-080036B11A03}" = "Augmented Shell Folder 2"
-> {HKLM...CLSID} = "Augmented Shell Folder 2"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}" = "BandProxy"
-> {HKLM...CLSID} = "BandProxy"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}" = "Microsoft BrowserBand"
-> {HKLM...CLSID} = "Microsoft BrowserBand"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{30D02401-6A81-11d0-8274-00C04FD5AE38}" = "Search Band"
-> {HKLM...CLSID} = "Search Band"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}" = "Vyhledávat v podokně"
-> {HKLM...CLSID} = "Vyhledávat v podokně"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{07798131-AF23-11d1-9111-00A0C98BA67D}" = "Hledání na webu"
-> {HKLM...CLSID} = "Hledání na webu"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}" = "Nástroj možností registrového stromu"
-> {HKLM...CLSID} = "Nástroj možností registrového stromu"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}" = "&Adresa"
-> {HKLM...CLSID} = "&Adresa"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{A08C11D2-A228-11d0-825B-00AA005B4383}" = "Textové pole adresy"
-> {HKLM...CLSID} = "Textové pole adresy"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{00BB2763-6A77-11D0-A535-00C04FD7D062}" = "Automatické dokončování Microsoft"
-> {HKLM...CLSID} = "Automatické dokončování Microsoft"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{7376D660-C583-11d0-A3A5-00C04FD706EC}" = "TridentImageExtractor"
-> {HKLM...CLSID} = "TridentImageExtractor"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{6756A641-DE71-11d0-831B-00AA005B4383}" = "Automaticky dokončovaný seznam MRU"
-> {HKLM...CLSID} = "Automaticky dokončovaný seznam MRU"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}" = "Custom MRU AutoCompleted List"
-> {HKLM...CLSID} = "Custom MRU AutoCompleted List"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{7e653215-fa25-46bd-a339-34a2790f3cb7}" = "Přístupný"
-> {HKLM...CLSID} = "Přístupný"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{acf35015-526e-4230-9596-becbe19f0ac9}" = "Track Popup Bar"
-> {HKLM...CLSID} = "Track Popup Bar"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}" = "Address Bar Parser"
-> {HKLM...CLSID} = "Address Bar Parser"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{00BB2764-6A77-11D0-A535-00C04FD7D062}" = "Automaticky dokončovaný seznam historie"
-> {HKLM...CLSID} = "Automaticky dokončovaný seznam historie"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{03C036F1-A186-11D0-824A-00AA005B4383}" = "Automaticky se doplňující seznam složky prostředí společnosti Microsoft"
-> {HKLM...CLSID} = "Automaticky se doplňující seznam složky prostředí společnosti Microsoft"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{00BB2765-6A77-11D0-A535-00C04FD7D062}" = "Kontejner automatického dokončování více seznamů"
-> {HKLM...CLSID} = "Kontejner automatického dokončování více seznamů"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}" = "Nabídka serveru pruhu prostředí"
-> {HKLM...CLSID} = "Nabídka serveru pruhu prostředí"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}" = "Panel plochy aplikací prostředí"
-> {HKLM...CLSID} = "Panel plochy aplikací prostředí"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}" = "Panel plochy prostředí"
-> {HKLM...CLSID} = "Panel plochy prostředí"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}" = "Shell Rebar BandSite"
-> {HKLM...CLSID} = "Shell Rebar BandSite"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}" = "Asistence uživatele"
-> {HKLM...CLSID} = "Asistence uživatele"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}" = "Globální nastavení složek"
-> {HKLM...CLSID} = "Globální nastavení složek"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
"{23170F69-40C1-278A-1000-000100020000}" = "7-Zip Shell Extension"
-> {HKLM...CLSID} = "7-Zip Shell Extension"
\InProcServer32\(Default) = "D:\MATO\PROGRAMY\7-Zip\7-zip.dll" ["Igor Pavlov"]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {HKLM...CLSID} = "Portable Media Devices Menu"
\InProcServer32\(Default) = "D:\WINDOWS\system32\Audiodev.dll" [MS]
"{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}" = "UnlockerShellExtension"
-> {HKLM...CLSID} = "UnlockerShellExtension"
\InProcServer32\(Default) = "D:\MATO\PROGRAMY\Unlocker\UnlockerCOM.dll" [null data]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "D:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Prípona súboru ikony programu Outlook"
\InProcServer32\(Default) = "D:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "D:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders"
-> {HKLM...CLSID} = "My Sharing Folders"
\InProcServer32\(Default) = "D:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll" [MS]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\MATO\PROGRAMY\winrar\rarext.dll" [null data]
"{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension"
-> {HKLM...CLSID} = "SimpleShlExt Class"
\InProcServer32\(Default) = "D:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll" [empty string]
"{B089FE88-FB52-11D3-BDF1-0050DA34150D}" = "NOD32 Context Menu Shell Extension"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "D:\Program Files\Eset\nodshex.dll" [null data]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\
<<!>> "{438755C2-A8BA-11D1-B96B-00A0C90312E1}" = "Browseui preloader"
-> {HKLM...CLSID} = "Browseui preloader"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
<<!>> "{8C7461EF-2B13-11d2-BE35-3078302C2030}" = "Proces mezipaměti kategorií součástí"
-> {HKLM...CLSID} = "Proces mezipaměti kategorií součástí"
\InProcServer32\(Default) = "D:\WINDOWS\System32\browseui.dll" ["Společnost Microsoft"]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
HKLM\Software\Classes\PROTOCOLS\Filter\
<<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "D:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]
HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"
-> {HKLM...CLSID} = "7-Zip Shell Extension"
\InProcServer32\(Default) = "D:\MATO\PROGRAMY\7-Zip\7-zip.dll" ["Igor Pavlov"]
EPPShellEx\(Default) = "{509FE1AF-ADD5-49EC-BC55-7CF81FD16E78}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "D:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll" ["SEIKO EPSON CORPORATION"]
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "D:\Program Files\Eset\nodshex.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\MATO\PROGRAMY\winrar\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"
-> {HKLM...CLSID} = "7-Zip Shell Extension"
\InProcServer32\(Default) = "D:\MATO\PROGRAMY\7-Zip\7-zip.dll" ["Igor Pavlov"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\MATO\PROGRAMY\winrar\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "D:\Program Files\Eset\nodshex.dll" [null data]
UnlockerShellExtension\(Default) = "{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}"
-> {HKLM...CLSID} = "UnlockerShellExtension"
\InProcServer32\(Default) = "D:\MATO\PROGRAMY\Unlocker\UnlockerCOM.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\MATO\PROGRAMY\winrar\rarext.dll" [null data]
HKLM\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\
UnlockerShellExtension\(Default) = "{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}"
-> {HKLM...CLSID} = "UnlockerShellExtension"
\InProcServer32\(Default) = "D:\MATO\PROGRAMY\Unlocker\UnlockerCOM.dll" [null data]
Default executables:
--------------------
HKLM\Software\Classes\.hta\(Default) = (value not set)
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
Note: detected settings may not have any effect.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
"NoWindowsUpdate" = (REG_DWORD) hex:0x00000000
{User Configuration|Administrative Templates|Start Menu and Taskbar|
Remove links and access to Windows Update}
"NoRecentDocsMenu" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"NoFavoritesMenu" = (REG_DWORD) hex:0x00000000
{User Configuration|Administrative Templates|Start Menu and Taskbar|
Remove Favorites menu from Start Menu}
"NoSMMyDocs" = (REG_DWORD) hex:0x00000000
{User Configuration|Administrative Templates|Start Menu and Taskbar|
Remove Documents menu from Start Menu}
"NoSMMyPictures" = (REG_DWORD) hex:0x00000000
{User Configuration|Administrative Templates|Start Menu and Taskbar|
Remove My Pictures icon from Start Menu}
"NoStartMenuMyMusic" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"NoRecentDocsHistory" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"ClearRecentDocsOnExit" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"NoRecentDocsNetHood" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"NoSMHelp" = (REG_DWORD) hex:0x00000000
{User Configuration|Administrative Templates|Start Menu and Taskbar|
Remove Help menu from Start Menu}
"NoRun" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"NoUserNameInStartMenu" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"NoInstrumentation" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"NoStartMenuPinnedList" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"ForceStartMenuLogoff" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"NoSharedDocuments" = (REG_DWORD) hex:0x00000001
{User Configuration|Administrative Templates|Windows Components|Windows Explorer|
Remove Shared Documents from My Computer}
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
"NoRecentDocsMenu" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"NoFavoritesMenu" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"NoSMMyDocs" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"NoSMMyPictures" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"NoStartMenuMyMusic" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"NoRecentDocsHistory" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"NoRecentDocsNetHood" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"NoSMHelp" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"NoRun" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"NoInstrumentation" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
"NoSimpleStartMenu" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate\
"DisableWindowsUpdateAccess" = (REG_DWORD) hex:0x00000000
{User Configuration|Administrative Templates|Windows Components|Windows Update|
Remove access to use all Windows Update features}
HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\
"NoUpdateCheck" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\
"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}
"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "D:\WINDOWS\web\wallpaper\Nebe.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "D:\WINDOWS\Web\Wallpaper\MCE.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "D:\WINDOWS\System32\ss3dfo.scr" [MS]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
D:\WINDOWS\system32\imon.dll ["Eset "], 01 - 05, 21
%SystemRoot%\system32\mswsock.dll [MS], 06 - 08, 11 - 20
%SystemRoot%\system32\rsvpsp.dll [MS], 09 - 10
Toolbars, Explorer Bars, Extensions:
------------------------------------
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{EE5D279F-081B-4404-994D-C6B60AAEBA6D}"
-> {HKLM...CLSID} = "EPSON Web-To-Page"
\InProcServer32\(Default) = "D:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll" ["SEIKO EPSON CORPORATION"]
HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{EE5D279F-081B-4404-994D-C6B60AAEBA6D}" = (no title provided)
-> {HKLM...CLSID} = "EPSON Web-To-Page"
\InProcServer32\(Default) = "D:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll" ["SEIKO EPSON CORPORATION"]
Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\
HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Zdroje informácií"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL" [MS]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.6.0"
\InProcServer32\(Default) = "D:\Program Files\Java\jre1.6.0\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.6.0"
\InProcServer32\(Default) = "D:\Program Files\Java\jre1.6.0\bin\npjpi160.dll" ["Sun Microsystems, Inc."]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Zdroje informácií"
{E59EB121-F339-4851-A3BA-FE49C35617C2}\
"ButtonText" = "ICQ6"
"MenuText" = "ICQ6"
"Exec" = "D:\Program Files\ICQ6\ICQ.exe" ["ICQ, Inc."]
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "D:\Program Files\Messenger\msmsgs.exe" [MS]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Ati HotKey Poller, Ati HotKey Poller, "D:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
NOD32 Kernel Service, NOD32krn, ""D:\Program Files\Eset\nod32krn.exe"" ["Eset "]
Windows User Mode Driver Framework, UMWdf, "D:\WINDOWS\system32\wdfmgr.exe" [MS]
Print Monitors:
---------------
HKLM\System\CurrentControlSet\Control\Print\Monitors\
EPSON Stylus DX3800 Series 2KMonitor5E\Driver = "E_FLMACE.DLL" ["SEIKO EPSON CORPORATION"]
Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]
---------- (launch time: 2007-11-25 00:11:40)
<<!>>: Suspicious data at a malware launch point.
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 98 seconds, including 15 seconds for message boxes)
// nie do code
