Provjera i jos nesto

Provjera i jos nesto

offline
  • Pridružio: 15 Sep 2008
  • Poruke: 74

Trebao bih samo da mi pregledate komp jel ima sta sumnjivo.
A i NOD mi je detektiro kao neki virus i ja sam to obriso preko NODa
i sad nemogu uci ni u C ni u D disc :S
Kaze da fali nesto "MSI.com"

_____________________________________________________________

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:45:46, on 27.4.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Documents and Settings\All Users\Application Data\SeekappSrch\seekapp135.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SeekappSrch\seekapp.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Korisnik\Desktop\Nova mapa\TR3.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.hr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=%s
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Windows Live Pomoc za prijavu - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [nodenable] C:\Program Files\eset\nodenable.exe /s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Software Installer] c:\Wsystem\MSI.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SeekappSrch Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekappSrch\seekapp135.exe

--
End of file - 5746 bytes

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...



Arrow Pokreni ESET Smart Security/ESET NOD32 na sledeci nacin :
Start>All Programs>ESET>ESET Smart Security ili pak ESET NOD32 Antivirus(ukoliko koristis samo Antivirus resenje).

* Kada ti se otvori glavni prozor programa, klikni na Setup opciju sa leve strane prozora;
* Izaberi Antivirus and antispyware opciju i klikni na Temporarily disable Antivirus and antispyware protection.
* Na sledece pitanje klikni Yes.




Arrow Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

offline
  • Pridružio: 15 Sep 2008
  • Poruke: 74

ComboFix 09-04-27.02 - Korisnik 27.04.2009 21:56.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.385.1033.18.1023.621 [GMT 2:00]
Running from: c:\documents and settings\Korisnik\Desktop\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)
FW: ESET Personal firewall *enabled*
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
c:\program files\QUAD Utilities
c:\program files\QUAD Utilities\QUAD Registry Cleaner\Vista Scheduler.dll
c:\windows\system32\AutoRun.inf
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-05-27 to 2009-4-27 )))))))))))))))))))))))))))))))
.

2009-04-27 18:02 . 2009-04-27 18:02 -------- d-----w c:\documents and settings\Korisnik\Application Data\Malwarebytes
2009-04-27 18:02 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-27 18:02 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-27 18:02 . 2009-04-27 18:02 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-27 18:02 . 2009-04-27 18:02 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-26 23:26 . 2009-04-27 16:23 -------- d-sh--r C:\Wsystem
2009-04-25 20:03 . 2009-04-25 20:03 -------- d-----w c:\documents and settings\Korisnik\Application Data\DriverCure
2009-04-25 20:03 . 2009-04-25 20:03 -------- d-----w c:\program files\Common Files\ParetoLogic
2009-04-25 20:03 . 2009-04-27 08:12 -------- d-----w c:\documents and settings\All Users\Application Data\DriverCure
2009-04-25 20:03 . 2009-04-25 20:03 -------- d-----w c:\documents and settings\All Users\Application Data\ParetoLogic
2009-04-24 22:24 . 2009-04-24 22:24 -------- d-----w c:\documents and settings\All Users\Application Data\SeekappSrch
2009-04-24 22:24 . 2009-04-24 22:24 -------- d-----w c:\program files\SeekappSrch
2009-04-24 17:18 . 2009-04-24 17:18 -------- d-s---w c:\documents and settings\Korisnik\UserData
2009-04-21 17:18 . 2009-04-27 16:49 -------- d-----w c:\program files\KaraFun
2009-04-19 20:50 . 2009-04-19 20:50 -------- d-----w c:\program files\mp3DirectCut
2009-04-14 02:19 . 2009-04-14 02:19 41808 ----a-w c:\windows\system32\xfcodec.dll
2009-04-12 19:34 . 2009-04-25 23:41 -------- d-----w c:\documents and settings\Korisnik\Application Data\Skype
2009-04-12 19:34 . 2009-04-12 19:34 -------- d-----r c:\program files\Skype
2009-04-12 19:34 . 2009-04-12 19:34 -------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-04-12 16:47 . 2009-04-12 16:47 -------- d-----w c:\documents and settings\Korisnik\Application Data\Xfire Plus
2009-04-12 16:46 . 2009-04-12 16:46 -------- d-----w c:\program files\Xfire Plus
2009-04-11 18:20 . 2009-04-11 18:34 -------- d-----w c:\documents and settings\Korisnik\Application Data\BitTorrent
2009-04-11 18:20 . 2009-04-11 18:20 -------- d-----w c:\documents and settings\Korisnik\Local Settings\Application Data\DNA
2009-04-11 18:20 . 2009-04-15 17:27 -------- d-----w c:\program files\DNA
2009-04-11 18:20 . 2009-04-15 17:35 -------- d-----w c:\documents and settings\Korisnik\Application Data\DNA
2009-04-11 18:20 . 2009-04-11 18:20 -------- d-----w c:\program files\BitTorrent
2009-04-11 18:20 . 2009-04-11 18:20 -------- d-----w c:\program files\AskSearch
2009-04-11 18:20 . 2009-04-13 12:32 -------- d-----w c:\program files\AskBarDis
2009-04-09 12:12 . 2009-04-09 12:12 -------- d-----w c:\program files\Orban
2009-04-01 18:27 . 2009-04-01 18:27 -------- d-----w c:\documents and settings\Korisnik\Application Data\TeamViewer
2009-04-01 18:27 . 2009-04-01 18:27 -------- d-----w c:\program files\TeamViewer
2009-04-01 18:26 . 2009-04-01 18:26 -------- d-----w c:\documents and settings\Korisnik\temp
2009-03-30 14:54 . 2009-03-30 14:54 -------- d-----w c:\documents and settings\Korisnik\Application Data\Yahoo!
2009-03-30 14:54 . 2009-03-30 14:54 -------- d-----w c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-03-30 10:42 . 2009-03-30 10:42 -------- d-----w c:\documents and settings\Korisnik\Local Settings\Application Data\Google
2009-03-30 10:42 . 2009-04-04 10:28 -------- d-----w c:\program files\Google
2009-03-30 10:36 . 2009-03-30 10:36 -------- d-----w c:\program files\Common Files\SWF Studio
2009-03-30 10:34 . 2009-03-30 10:34 -------- d-----w c:\program files\Yahoo!
2009-03-30 10:33 . 2009-03-30 10:33 -------- d-----w c:\program files\The Weather Channel FW
2009-03-29 22:05 . 2009-04-04 10:50 -------- d-----w c:\program files\SpeedFan
2009-03-28 21:58 . 2009-03-28 22:07 -------- d-----w c:\windows\NV26002748.TMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-26 22:50 . 2009-03-10 16:22 189072 ----a-w c:\windows\system32\PnkBstrB.exe
2009-04-26 21:48 . 2009-03-10 16:22 138920 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-04-25 10:04 . 2009-02-27 22:40 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-24 11:03 . 2009-02-28 10:46 -------- d-----w c:\program files\Xfire
2009-04-20 11:19 . 2009-02-27 16:32 15800 ----a-w c:\documents and settings\Korisnik\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-15 17:27 . 2009-03-07 15:11 163712 ----a-w c:\windows\system32\drivers\vidstub.sys
2009-04-06 17:16 . 2009-03-21 00:52 -------- d-----w c:\program files\Java
2009-03-31 11:52 . 2009-02-28 10:48 -------- d-----w c:\program files\Winamp
2009-03-29 19:03 . 2009-02-27 16:26 86627 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-03-26 19:39 . 2009-03-26 19:39 -------- d-----w c:\program files\IrfanView
2009-03-25 22:51 . 2009-03-25 22:51 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-03-25 22:51 . 2009-02-28 10:54 -------- d-----w c:\program files\Common Files\Adobe
2009-03-23 23:41 . 2009-03-23 23:41 -------- d-----w c:\program files\Opera
2009-03-12 19:36 . 2009-03-12 19:35 -------- d-----w c:\program files\Hamachi
2009-03-12 19:35 . 2009-03-12 19:35 25280 ----a-w c:\windows\system32\drivers\hamachi.sys
2009-03-11 09:33 . 2009-03-11 09:29 122771 ----a-w c:\windows\hpoins14.dat
2009-03-11 09:33 . 2009-03-11 09:33 -------- d-----w c:\program files\Hewlett-Packard
2009-03-11 09:33 . 2009-03-11 09:33 -------- d-----w c:\program files\Common Files\Hewlett-Packard
2009-03-11 09:31 . 2009-03-11 09:31 -------- d-----w c:\program files\HP
2009-03-10 16:22 . 2009-03-10 16:22 75064 ----a-w c:\windows\system32\PnkBstrA.exe
2009-03-10 16:18 . 2009-03-10 16:18 2999 ----a-w c:\program files\Common Files\unins000.dat
2009-03-10 16:18 . 2009-03-10 16:18 728858 ----a-w c:\program files\Common Files\unins000.exe
2009-03-10 15:13 . 2009-02-27 16:58 -------- d-----w c:\program files\ESET
2009-03-09 03:19 . 2009-03-21 00:52 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-09 00:26 . 2009-03-09 00:25 -------- d-----w c:\program files\Windows Live
2009-03-09 00:25 . 2009-03-09 00:25 -------- d-----w c:\program files\Microsoft
2009-03-09 00:25 . 2009-03-09 00:25 -------- d-----w c:\program files\Windows Live SkyDrive
2009-03-09 00:24 . 2009-03-09 00:24 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-07 15:11 . 2009-03-07 15:11 -------- d-----w c:\program files\Common Files\Stardock
2009-03-07 15:11 . 2009-03-07 15:11 -------- d-----w c:\program files\Stardock
2009-03-07 15:02 . 2009-03-07 15:02 -------- d-----w c:\program files\FileSubmit
2009-03-06 23:45 . 2009-03-06 23:45 98304 ----a-w c:\windows\system32\CmdLineExt.dll
2009-03-03 18:43 . 2009-03-03 18:36 -------- d-----w c:\program files\Ahead
2009-03-03 18:42 . 2009-03-03 18:42 -------- d-----w c:\program files\Common Files\LightScribe
2009-03-03 18:39 . 2009-03-03 18:39 -------- d-----w c:\program files\Common Files\Nero
2009-03-03 18:36 . 2009-03-03 18:36 -------- d-----w c:\program files\Common Files\Ahead
2009-03-03 14:27 . 2009-03-03 14:27 -------- d-----w c:\program files\Common Files\Adobe Systems Shared
2009-02-28 17:04 . 2009-02-28 16:40 -------- d-----w c:\program files\Counter-Strike 1.6
2009-02-28 10:19 . 2009-02-28 10:19 -------- d-----w c:\program files\Opera 10 Preview
2009-02-28 09:57 . 2009-02-28 09:57 -------- d-----w c:\program files\Marvell
2009-02-27 23:03 . 2009-02-27 22:36 -------- d-----w c:\program files\Common Files\InstallShield
2009-02-27 22:40 . 2009-02-27 22:40 -------- d-----w c:\program files\Realtek
2009-02-27 22:37 . 2009-02-27 22:37 -------- d-----w c:\program files\Multimedia Combo Set
2009-02-27 22:36 . 2009-02-27 22:36 2466816 ----a-w c:\program files\Multimedia Combo Set.msi
2009-02-27 22:36 . 2009-02-27 22:36 4632 ----a-w c:\program files\0x0409.ini
2009-02-27 16:33 . 2009-02-27 16:33 664 -c--a-w c:\windows\system32\d3d9caps.dat
2009-02-27 16:33 . 2009-02-27 16:33 552 -c--a-w c:\windows\system32\d3d8caps.dat
2009-02-27 16:27 . 2009-02-27 16:27 -------- d-----w c:\program files\microsoft frontpage
2009-02-27 16:27 . 2001-08-23 10:00 67 --sha-w c:\windows\Fonts\desktop.ini
2009-02-27 16:24 . 2009-02-27 16:24 21640 -c--a-w c:\windows\system32\emptyregdb.dat
2009-02-16 22:17 . 2009-02-27 23:03 453152 ----a-w c:\windows\system32\NVUNINST.EXE
2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll
.

------- Sigcheck -------

[-] 2006-05-02 08:55 1580544 6E266AAF4168B3569A330C61AB01F6B4 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-09-29 15:24 325000 ----a-w c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-29 325000]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-29 325000]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nodenable"="c:\program files\eset\nodenable.exe" [2008-09-23 326823]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-06-10 1447168]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\hdashcut.exe [2005-10-13 61952]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-02-18 1657376]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-09-21 86016]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\ALCWZRD.EXE [2005-09-21 2807808]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^Korisnik^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\Korisnik\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"d:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Opera 10 Preview\\opera.exe"=
"d:\\Program Files\\Nova mapa\\kucni_server\\samp-server.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
R3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
R3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S0 BootScreen;BootScreen; [x]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
S2 SeekappSrch Service;SeekappSrch Service;c:\documents and settings\All Users\Application Data\SeekappSrch\seekapp135.exe [2009-04-24 54760]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Contents of the 'Scheduled Tasks' folder

2009-04-26 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]

2009-04-26 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Microsoft Software Installer - c:\wsystem\MSI.exe
Notify-WgaLogon - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.hr/
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=%s
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-04-27 21:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ìê*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\œEÆ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\t§*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\T¯*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\d¯*•‘|\Comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\<´*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\¸*•‘|\Comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\*º*•‘|\Comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ º*•‘|\Comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\üº*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\€¼*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ô¾*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\¬Á*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ŒÃ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\èÃ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Æ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\(È*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\,È*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ÈÈ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\üÈ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\°É*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ì*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\,Î*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\4Î*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\HÎ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\HÏ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ Ð*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\xÐ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\€Ð*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ Ñ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\XÑ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\lÒ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ÄÓ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\„Ô*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ˆÔ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\TÕ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\lÕ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\pÕ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\dÖ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\€×*•‘|\COMCTL32.DLL]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\×*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\À×*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ü×*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ Ø*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\<Ø*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ÜØ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ Ù*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\”Ù*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\¬Ù*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ÈÙ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ú*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Û*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\(Û*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\HÛ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\„Û*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ØÛ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\|Ü*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\„Ü*•‘|\Comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ˆÜ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ØÝ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\àÝ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\dÞ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Œß*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ðà*•‘|\COMCTL32.DLL]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ã*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ã*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$ã*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\(ã*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\¤ã*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\°ã*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ÜäÉ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Hå*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\*è*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Lè*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Àè*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\*é*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$ê*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Lë*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\àë*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\øì*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Dí*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\|í*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\XîÆ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Äï*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\,ðò*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\,ðý*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\,ðþ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ìðâ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ìðë*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ìðò*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ìðý*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ìðþ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ðð*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ðñ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\lô*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\œô*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$õ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ö*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ö*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\œöý*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Øö*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ ÷*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ü÷*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ù*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\tù*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Xû*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CBC127BB-A410-B7B7-77EB-CB684F63E03A}*]
"hakcgobphbebbjka"=hex:6a,61,70,62,62,6b,70,6e,62,6d,69,6e,64,6a,61,64,6f,6b,
61,63,00,22
"iaaimddlihgipgeigh"=hex:63,61,67,63,64,69,00,00
"iaecipekjimdlcnmmo"=hex:6a,61,61,63,6d,6a,6d,6e,67,70,68,6d,66,6d,61,64,68,6c,
70,61,00,22
.
Completion time: 2009-04-27 21:58
ComboFix-quarantined-files.txt 2009-04-27 19:58

Pre-Run: 31.587.184.640 bytes free
Post-Run: 31.598.993.408 bytes free

527

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Arrow Otvoriti Notepad i iskopirati sledeci tekst:


Folder::
C:\Wsystem
c:\documents and settings\All Users\Application Data\SeekappSrch
c:\program files\SeekappSrch

Driver::
SeekappSrch Service



Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.


-------------------------------------------------------------------------------------



Arrow Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa.
- Sacekaj koji sekund dok program izvrsi inicijalno skeniranje.
- Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi.
- Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak
- Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum.

Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

offline
  • Pridružio: 15 Sep 2008
  • Poruke: 74

Combofix log:

ComboFix 09-04-27.02 - Korisnik 27.04.2009 22:47.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.385.1033.18.1023.678 [GMT 2:00]
Running from: c:\documents and settings\Korisnik\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Korisnik\Desktop\CFScript.txt
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)
FW: ESET Personal firewall *enabled*
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-05-27 to 2009-4-27 )))))))))))))))))))))))))))))))
.

2009-04-27 18:02 . 2009-04-27 18:02 -------- d-----w c:\documents and settings\Korisnik\Application Data\Malwarebytes
2009-04-27 18:02 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-27 18:02 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-27 18:02 . 2009-04-27 18:02 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-27 18:02 . 2009-04-27 18:02 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-25 20:03 . 2009-04-25 20:03 -------- d-----w c:\documents and settings\Korisnik\Application Data\DriverCure
2009-04-25 20:03 . 2009-04-25 20:03 -------- d-----w c:\program files\Common Files\ParetoLogic
2009-04-25 20:03 . 2009-04-27 08:12 -------- d-----w c:\documents and settings\All Users\Application Data\DriverCure
2009-04-25 20:03 . 2009-04-25 20:03 -------- d-----w c:\documents and settings\All Users\Application Data\ParetoLogic
2009-04-24 17:18 . 2009-04-24 17:18 -------- d-s---w c:\documents and settings\Korisnik\UserData
2009-04-21 17:18 . 2009-04-27 16:49 -------- d-----w c:\program files\KaraFun
2009-04-19 20:50 . 2009-04-19 20:50 -------- d-----w c:\program files\mp3DirectCut
2009-04-14 02:19 . 2009-04-14 02:19 41808 ----a-w c:\windows\system32\xfcodec.dll
2009-04-12 19:34 . 2009-04-25 23:41 -------- d-----w c:\documents and settings\Korisnik\Application Data\Skype
2009-04-12 19:34 . 2009-04-12 19:34 -------- d-----r c:\program files\Skype
2009-04-12 19:34 . 2009-04-12 19:34 -------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-04-12 16:47 . 2009-04-12 16:47 -------- d-----w c:\documents and settings\Korisnik\Application Data\Xfire Plus
2009-04-12 16:46 . 2009-04-12 16:46 -------- d-----w c:\program files\Xfire Plus
2009-04-11 18:20 . 2009-04-11 18:34 -------- d-----w c:\documents and settings\Korisnik\Application Data\BitTorrent
2009-04-11 18:20 . 2009-04-11 18:20 -------- d-----w c:\documents and settings\Korisnik\Local Settings\Application Data\DNA
2009-04-11 18:20 . 2009-04-15 17:27 -------- d-----w c:\program files\DNA
2009-04-11 18:20 . 2009-04-15 17:35 -------- d-----w c:\documents and settings\Korisnik\Application Data\DNA
2009-04-11 18:20 . 2009-04-11 18:20 -------- d-----w c:\program files\BitTorrent
2009-04-11 18:20 . 2009-04-11 18:20 -------- d-----w c:\program files\AskSearch
2009-04-11 18:20 . 2009-04-13 12:32 -------- d-----w c:\program files\AskBarDis
2009-04-09 12:12 . 2009-04-09 12:12 -------- d-----w c:\program files\Orban
2009-04-01 18:27 . 2009-04-01 18:27 -------- d-----w c:\documents and settings\Korisnik\Application Data\TeamViewer
2009-04-01 18:27 . 2009-04-01 18:27 -------- d-----w c:\program files\TeamViewer
2009-04-01 18:26 . 2009-04-01 18:26 -------- d-----w c:\documents and settings\Korisnik\temp
2009-03-30 14:54 . 2009-03-30 14:54 -------- d-----w c:\documents and settings\Korisnik\Application Data\Yahoo!
2009-03-30 14:54 . 2009-03-30 14:54 -------- d-----w c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-03-30 10:42 . 2009-03-30 10:42 -------- d-----w c:\documents and settings\Korisnik\Local Settings\Application Data\Google
2009-03-30 10:42 . 2009-04-04 10:28 -------- d-----w c:\program files\Google
2009-03-30 10:36 . 2009-03-30 10:36 -------- d-----w c:\program files\Common Files\SWF Studio
2009-03-30 10:34 . 2009-03-30 10:34 -------- d-----w c:\program files\Yahoo!
2009-03-30 10:33 . 2009-03-30 10:33 -------- d-----w c:\program files\The Weather Channel FW
2009-03-29 22:05 . 2009-04-04 10:50 -------- d-----w c:\program files\SpeedFan
2009-03-28 21:58 . 2009-03-28 22:07 -------- d-----w c:\windows\NV26002748.TMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-26 22:50 . 2009-03-10 16:22 189072 ----a-w c:\windows\system32\PnkBstrB.exe
2009-04-26 21:48 . 2009-03-10 16:22 138920 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-04-25 10:04 . 2009-02-27 22:40 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-24 11:03 . 2009-02-28 10:46 -------- d-----w c:\program files\Xfire
2009-04-20 11:19 . 2009-02-27 16:32 15800 ----a-w c:\documents and settings\Korisnik\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-15 17:27 . 2009-03-07 15:11 163712 ----a-w c:\windows\system32\drivers\vidstub.sys
2009-04-06 17:16 . 2009-03-21 00:52 -------- d-----w c:\program files\Java
2009-03-31 11:52 . 2009-02-28 10:48 -------- d-----w c:\program files\Winamp
2009-03-29 19:03 . 2009-02-27 16:26 86627 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-03-26 19:39 . 2009-03-26 19:39 -------- d-----w c:\program files\IrfanView
2009-03-25 22:51 . 2009-03-25 22:51 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-03-25 22:51 . 2009-02-28 10:54 -------- d-----w c:\program files\Common Files\Adobe
2009-03-23 23:41 . 2009-03-23 23:41 -------- d-----w c:\program files\Opera
2009-03-12 19:36 . 2009-03-12 19:35 -------- d-----w c:\program files\Hamachi
2009-03-12 19:35 . 2009-03-12 19:35 25280 ----a-w c:\windows\system32\drivers\hamachi.sys
2009-03-11 09:33 . 2009-03-11 09:29 122771 ----a-w c:\windows\hpoins14.dat
2009-03-11 09:33 . 2009-03-11 09:33 -------- d-----w c:\program files\Hewlett-Packard
2009-03-11 09:33 . 2009-03-11 09:33 -------- d-----w c:\program files\Common Files\Hewlett-Packard
2009-03-11 09:31 . 2009-03-11 09:31 -------- d-----w c:\program files\HP
2009-03-10 16:22 . 2009-03-10 16:22 75064 ----a-w c:\windows\system32\PnkBstrA.exe
2009-03-10 16:18 . 2009-03-10 16:18 2999 ----a-w c:\program files\Common Files\unins000.dat
2009-03-10 16:18 . 2009-03-10 16:18 728858 ----a-w c:\program files\Common Files\unins000.exe
2009-03-10 15:13 . 2009-02-27 16:58 -------- d-----w c:\program files\ESET
2009-03-09 03:19 . 2009-03-21 00:52 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-09 00:26 . 2009-03-09 00:25 -------- d-----w c:\program files\Windows Live
2009-03-09 00:25 . 2009-03-09 00:25 -------- d-----w c:\program files\Microsoft
2009-03-09 00:25 . 2009-03-09 00:25 -------- d-----w c:\program files\Windows Live SkyDrive
2009-03-09 00:24 . 2009-03-09 00:24 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-07 15:11 . 2009-03-07 15:11 -------- d-----w c:\program files\Common Files\Stardock
2009-03-07 15:11 . 2009-03-07 15:11 -------- d-----w c:\program files\Stardock
2009-03-07 15:02 . 2009-03-07 15:02 -------- d-----w c:\program files\FileSubmit
2009-03-06 23:45 . 2009-03-06 23:45 98304 ----a-w c:\windows\system32\CmdLineExt.dll
2009-03-03 18:43 . 2009-03-03 18:36 -------- d-----w c:\program files\Ahead
2009-03-03 18:42 . 2009-03-03 18:42 -------- d-----w c:\program files\Common Files\LightScribe
2009-03-03 18:39 . 2009-03-03 18:39 -------- d-----w c:\program files\Common Files\Nero
2009-03-03 18:36 . 2009-03-03 18:36 -------- d-----w c:\program files\Common Files\Ahead
2009-03-03 14:27 . 2009-03-03 14:27 -------- d-----w c:\program files\Common Files\Adobe Systems Shared
2009-02-28 17:04 . 2009-02-28 16:40 -------- d-----w c:\program files\Counter-Strike 1.6
2009-02-28 10:19 . 2009-02-28 10:19 -------- d-----w c:\program files\Opera 10 Preview
2009-02-28 09:57 . 2009-02-28 09:57 -------- d-----w c:\program files\Marvell
2009-02-27 23:03 . 2009-02-27 22:36 -------- d-----w c:\program files\Common Files\InstallShield
2009-02-27 22:40 . 2009-02-27 22:40 -------- d-----w c:\program files\Realtek
2009-02-27 22:37 . 2009-02-27 22:37 -------- d-----w c:\program files\Multimedia Combo Set
2009-02-27 22:36 . 2009-02-27 22:36 2466816 ----a-w c:\program files\Multimedia Combo Set.msi
2009-02-27 22:36 . 2009-02-27 22:36 4632 ----a-w c:\program files\0x0409.ini
2009-02-27 16:33 . 2009-02-27 16:33 664 -c--a-w c:\windows\system32\d3d9caps.dat
2009-02-27 16:33 . 2009-02-27 16:33 552 -c--a-w c:\windows\system32\d3d8caps.dat
2009-02-27 16:27 . 2009-02-27 16:27 -------- d-----w c:\program files\microsoft frontpage
2009-02-27 16:27 . 2001-08-23 10:00 67 --sha-w c:\windows\Fonts\desktop.ini
2009-02-27 16:24 . 2009-02-27 16:24 21640 -c--a-w c:\windows\system32\emptyregdb.dat
2009-02-16 22:17 . 2009-02-27 23:03 453152 ----a-w c:\windows\system32\NVUNINST.EXE
2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll
.

------- Sigcheck -------

[-] 2006-05-02 08:55 1580544 6E266AAF4168B3569A330C61AB01F6B4 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-04-27_19.57.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-27 20:42 . 2009-04-27 20:42 16384 c:\windows\Temp\Perflib_Perfdata_46c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-09-29 15:24 325000 ----a-w c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-29 325000]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-29 325000]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nodenable"="c:\program files\eset\nodenable.exe" [2008-09-23 326823]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-06-10 1447168]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\hdashcut.exe [2005-10-13 61952]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-02-18 1657376]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-09-21 86016]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\ALCWZRD.EXE [2005-09-21 2807808]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^Korisnik^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\Korisnik\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"d:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Opera 10 Preview\\opera.exe"=
"d:\\Program Files\\Nova mapa\\kucni_server\\samp-server.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-04-06 38496]
R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
R3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
R3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S0 BootScreen;BootScreen; [x]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Contents of the 'Scheduled Tasks' folder

2009-04-26 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]

2009-04-26 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.hr/
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=%s
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-04-27 22:48
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ìê*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\œEÆ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\t§*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\T¯*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\d¯*•‘|\Comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\<´*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\¸*•‘|\Comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\*º*•‘|\Comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ º*•‘|\Comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\üº*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\€¼*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ô¾*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\¬Á*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ŒÃ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\èÃ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Æ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\(È*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\,È*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ÈÈ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\üÈ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\°É*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ì*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\,Î*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\4Î*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\HÎ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\HÏ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ Ð*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\xÐ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\€Ð*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ Ñ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\XÑ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\lÒ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ÄÓ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\„Ô*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ˆÔ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\TÕ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\lÕ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\pÕ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\dÖ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\€×*•‘|\COMCTL32.DLL]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\×*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\À×*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ü×*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ Ø*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\<Ø*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ÜØ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ Ù*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\”Ù*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\¬Ù*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ÈÙ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ú*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Û*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\(Û*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\HÛ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\„Û*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ØÛ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\|Ü*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\„Ü*•‘|\Comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ˆÜ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ØÝ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\àÝ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\dÞ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Œß*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ðà*•‘|\COMCTL32.DLL]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ã*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ã*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$ã*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\(ã*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\¤ã*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\°ã*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ÜäÉ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Hå*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\*è*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Lè*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Àè*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\*é*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$ê*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Lë*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\àë*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\øì*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Dí*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\|í*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\XîÆ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Äï*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\,ðò*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\,ðý*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\,ðþ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ìðâ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ìðë*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ìðò*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ìðý*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ìðþ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ðð*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ðñ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\lô*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\œô*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$õ*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\üõþ*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ö*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ö*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\œöý*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Øö*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ ÷*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ü÷*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ù*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\tù*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ú*•‘|\COMCTL32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Xû*•‘|\comctl32.dll]
"MUIVer"=hex(b):84,08,54,0b,00,00,06,00
"000600000b540a59"=dword:00000000

[HKEY_USERS\S-1-5-21-1935655697-1123561945-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CBC127BB-A410-B7B7-77EB-CB684F63E03A}*]
"hakcgobphbebbjka"=hex:6a,61,70,62,62,6b,70,6e,62,6d,69,6e,64,6a,61,64,6f,6b,
61,63,00,22
"iaaimddlihgipgeigh"=hex:63,61,67,63,64,69,00,00
"iaecipekjimdlcnmmo"=hex:6a,61,61,63,6d,6a,6d,6e,67,70,68,6d,66,6d,61,64,68,6c,
70,61,00,22
.
Completion time: 2009-04-27 22:49
ComboFix-quarantined-files.txt 2009-04-27 20:48
ComboFix2.txt 2009-04-27 20:43
ComboFix3.txt 2009-04-27 19:58

Pre-Run: 31.455.813.632 bytes free
Post-Run: 31.452.549.120 bytes free

526

-----------------------------------------------------------------------------------------------------------------------------

Sada idem i ovo sa USB Wink

offline
  • Pridružio: 15 Sep 2008
  • Poruke: 74

Evo i od USB



USBNoRisk 2.1 by bobby

Started at 27.4.2009 22:50:33

Scanning for connected USB Mass storage...
----------------------------------------
========================================

Scanning for other storage...
----------------------------------------
C: {a5bd3e14-04ef-11de-a458-806d6172696f}
D: {a5bd3e15-04ef-11de-a458-806d6172696f}
========================================


Scanning fixed storage for autorun.inf files...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for a5bd3e14-04ef-11de-a458-806d6172696f
----------------------------------------

No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for a5bd3e15-04ef-11de-a458-806d6172696f
----------------------------------------

autorun.inf found in Qoobox
----------------------------------------
Content of C:\QooBox\Quarantine\C\autorun.inf.vir
----------------------------------------
[autorun]
shellexecute=MSI.com
----------------------------------------
Content of C:\QooBox\Quarantine\C\WINDOWS\system32\autorun.inf.vir
----------------------------------------
[autorun]
open=setup.exe
icon=setup.exe,0
[Version]
CDGuid={B2C61EBB-F47C-48ba-B375-27A40F8F48F7}
SoftwareGuid=
InfrastructureDatabaseList=hpomdl14.dat
LanguagesInthisCD=enu,ell,plk,rus,trk,chs,cht,csy,dan,deu,esn,fin,fra,hun,ita,jpn,kor,nld,nob,ptb,sve,heb,ara
DefaultLanguageInThisRelease=enu
DIVISION=hpo
ICE_REV=14
FIRST_IO_REVISION=09
LAST_IO_REVISION=09
VCD_FILEVER=0
Manufacturer=HP
RegistryManufacturer=Hewlett-Packard
ProductSeries=Deskjet All-In-One Series
Pre-Install=%ProgramFilesx86%%Manufacturer%
SilentInstall=No
InvalidPathCharacters=#$&,%
ConnectivityPlugin=%sourcepath%setup\hpzdui%ICE_SUFFIX%.exe
PreloadICEEngineToGUIDFolder=%sourcepath%hpzprl01.dat
PreloadRecoveryMechanism=%sourcepath%hpzprl02.dat
PreloadRestingPad=%sourcepath%hpzprl03.dat
UI_03=No
UI_20=Yes
UI_21=No
UI_25=No
UI_30=Yes
UI_50=No
UI_80=swreinstall&NoDeviceConnected&NoDeviceDiscovery
UI_250=No
UI_260=Yes
UI_40=Yes
UI_60=Yes
UI_70=Yes
UI_110=Yes
UI_100=Yes
RegistryRebootLocation=DigitalImaging\Install
autorunid=DJ_AIO_DriverOnly_NonNetwork_DVD
ConnectivityStopAndRestart=%InstallMainBin%hpqtra08.exe
driverver=09/21/2007, 090.000.263.000
first_ca_revision=0
CPENetworkSupport=Yes
IEFIX=NoFix
last_ca_revision=0
log=1
maxinstalldirlength=64
maxinstalltime=35
maxpathforcd=100
mininstalltime=15
preloadiceexes=hpoprl10.dat
preloadlpmsis=hpoprl08.dat
preloadproductcontext=hpoprl09.dat
preloadproductmsis=hpoprl07.dat
preloadreadme=hpoprl06.dat
productfinishevent=somestring
provider=HP
setupfinishevent=somestring
shortcut=Yes
shortcutcheckbox=Yes
startup=Yes
UI_261=TimeoutIfSWFirst
DirectConnectSuccessTimeout=5
usingdevicediscovery=Yes
DeviceDiscoveryBucket=DeviceManagement_AIO
%DeviceManagementGUID%={5B7C6DB1-0CC1-4685-81BD-D089DAD14336}
[Strings]
_TargetDatFile=autorun,scr
%Preload%=%InstallDirx86%Digital Imaging\%CDGuid%\
%ICETemp%=%ProgramFilesx86%%ICETempInPF%\
%ICETempInPF%=%Manufacturer%\Temp\%CDGuid%
%Recovery%=%ICETemp%
%RecoveryInPF%=%ICETempInPF%
%Preloadx86%=%InstallDirx86%Digital Imaging\%CDGuid%\
%InstallMain%=%InstallDirx86%Digital Imaging\
%ProductScrubberDatfile%=hposcr14.dat
%autorunlocation%=.
%setupName%=hpzsetup.exe
%setupStubName%=setup.exe
%MSIRollbackDatFile%=hpzmsirb.dat
%DeviceInstanceRollbackFile%=hpzdirb.dat
%CUEVersion%=9.0
%CUEDivision%=hpq
%WebPrintVersion%=2.0
%DTSSVersion%=8.0
%SoftwareUpdateVersion%=8.0
%PhotosmartEssentialVersion%=2.01
%bounty_id%=D05
%DeviceManagementGUID%={5DD44B11-5236-4e00-BBCC-F30D94AA8741}
%DeviceManagement_ICE_REV%=01
%DeviceManagementDisplayName%=HP Imaging Device Functions
%DeviceManagementUninstallKey%=HP Imaging Device Functions
%eSupportGUID%={EFD54B7D-744F-4730-8F9C-AAF80E6028BA}
%eSupport_ICE_REV%=05
%eSupportDisplayName%=HP Solution Center
%eSupportUninstallKey%=HP Solution Center & Imaging Support Tools
%CustomerExperienceGUID%={BBE9EEF0-BBAC-4871-90DC-4CE0EC02D00B}
%CustomerExperience_ICE_REV%=06
%CustomerExperienceDisplayName%=HP Customer Participation Program
%CustomerExperienceUninstallKey%=HPExtendedCapabilities
%SoftwareUpdate_ICE_REV%=07
%SoftwareUpdateDisplayName%=HP Update
%SoftwareUpdateUninstallKey%={AB40272D-92AB-4F30-B36B-22EDE16F8FE5}
%OCRGUID%={E379D32C-7B7A-48ad-9166-732A48B5A435}
%OCR_ICE_REV%=11
%OCRDisplayName%=HP OCR Software
%OCRUninstallKey%=HPOCR
%WebPrintGUID%={2D1F2124-29E6-460A-B140-E9DF3BC594CE}
%WebPrint_ICE_REV%=15
%WebPrintDisplayName%=HP Smart Web Printing
%WebPrintUninstallKey%={820F9BE6-0998-4187-BE0C-8192BDDC2FEF}
%DTSSGUID%={3D74A00B-BBFC-4834-A728-0633F0D91840}
%DTSS_ICE_REV%=16
%DTSSDisplayName%=Shop for HP Supplies
%DTSSUninstallKey%={7902E313-FF0F-4493-ACB1-A8147B78DCD0}
%DTSSUpgradeCode%={FE9B929E-3BAF-40B1-BFFC-3A078ABAA0C8}
%PhotosmartEssentialGUID%={7FB920E4-5D4E-4e0f-BB7D-C178E5A11A51}
%PhotosmartEssential_ICE_REV%=13
%PhotosmartEssentialDisplayName%=HP Photosmart Essential %PhotosmartEssentialVersion%
%PhotosmartEssentialUninstallKey%=HP Photosmart Essential
%PhotosmartEssentialBASEGUID%={E4E30953-546D-477b-9C50-5B3E07A0A58E}
%PhotosmartEssentialTATTOOGUID%={EAF69D39-7A09-434e-B743-C2CDA5800D75}
%PhotosmartEssentialNOPODGUID%={3C2E7DE1-4FE5-475e-89D7-BA64C1C7B059}
%pcihelp%=%sourcepath%Setup\dj_aio_help\
%pcipath%=%InstallDirx86%Digital Imaging\%CDGuid%\Product\
%pcitour%=%sourcepath%Setup\Tour\
%prlhelp%=%InstallDirx86%Digital Imaging\%CDGuid%\Setup\dj_aio_help\
%prltour%=%InstallDirx86%Digital Imaging\%CDGuid%\Setup\Tour\
%InstallMainBin%=%InstallDirx86%Digital Imaging\bin\
[MSI]
InstallDir=%ProgramFilesx86%%Manufacturer%\
_TargetDatFile=autorun,scr
Launchbase=msiexec.exe
commandline=ICE_SUFFIX=%ICE_SUFFIX%
[SUI.OPTIN]
Qualifier=%LangQualifier%
LaunchBase=%sourcepath%setup\
1=hpzgat01.exe -on -gate MARS -f %datfile%
[SUI.OPTOUT]
Qualifier=%LangQualifier%
LaunchBase=%sourcepath%setup\
1=hpzgat01.exe -off -gate MARS -f %datfile%
[SUI]
Opt-In_Default=ON
[LanguageMap]
_TargetDatFile=autorun,scr
0x0409=enu
0x0404=cht
0x0804=chs
0x0405=csy
0x0406=dan
0x0407=deu
0x0408=ell
0x040a=esn
0x040b=fin
0x040c=fra
0x040e=hun
0x0410=ita
0x0411=jpn
0x0412=kor
0x0413=nld
0x0414=nob
0x0415=plk
0x0416=ptb
0x0419=rus
0x041d=sve
0x041f=trk
0x0c04=cht
0x1004=chs
0x1404=cht
0x0813=nld
0x0809=enu
0x0c09=enu
0x1009=enu
0x1409=enu
0x1809=enu
0x1c09=enu
0x2009=enu
0x2409=enu
0x2809=enu
0x2c09=enu
0x080c=fra
0x0c0c=fra
0x100c=fra
0x140c=fra
0x180c=fra
0x0456=esn
0x0807=deu
0x0c07=deu
0x1007=deu
0x1407=deu
0x0810=ita
0x0812=kor
0x0c0a=esn
0x080a=esn
0x100a=esn
0x140a=esn
0x180a=esn
0x1c0a=esn
0x200a=esn
0x240a=esn
0x280a=esn
0x2c0a=esn
0x300a=esn
0x340a=esn
0x380a=esn
0x3c0a=esn
0x400a=esn
0x440a=esn
0x480a=esn
0x4c0a=esn
0x500a=esn
0x042d=esn
0x0403=esn
0x081d=sve
0x0422=rus
0x0816=ptb
0x040d=heb
0x041e=xxx
0x0401=ara
0x0801=ara
0x0c01=ara
0x1001=ara
0x1401=ara
0x1801=ara
0x1c01=ara
0x2001=ara
0x2401=ara
0x2801=ara
0x2c01=ara
0x3001=ara
0x3401=ara
0x3801=ara
0x3c01=ara
0x4001=ara
[TwoLetterLanguageMap]
_TargetDatFile=autorun,scr
ara=ar
cht=zh
chs=zh
csy=cs
dan=da
deu=de
ell=el
enu=en
esn=es
fin=fi
fra=fr
heb=he
hun=hu
ita=it
jpn=ja
kor=ko
nld=nl
nob=no
plk=pl
ptb=pt
rus=ru
sve=sv
trk=tr
[PreInstalls]
1=Kahuna1
2=Kahuna2
3=Kahuna3
4=Kahuna4
5=Kahuna5
6=Kahuna6
7=Kahuna7
[PreInstalls.Kahuna1]
CDGUID={5D22B85D-6503-4c4d-8BE1-D5CD9E0F5181}
1={7AB63E68-A8E2-49EF-A575-CCEC39F66312}
2={45B6180B-DCAB-4093-8EE8-6164457517F0}
[PreInstalls.Kahuna2]
CDGUID={5D32B85D-6503-4c4d-8BE1-D5CD9E0F5181}
1={45B6180B-DCAB-4093-8EE8-6164457517F0}
2={19E1E220-E757-43bd-AC1A-EC095CB8A667}
3={F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}
[PreInstalls.Kahuna3]
CDGUID={C6C44651-7C66-4b11-92E8-17565D3D22DD}
1={45B6180B-DCAB-4093-8EE8-6164457517F0}
2={15B9DC72-73F9-4d99-9E28-848D66DA8D99}
3={F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}
4={0FABD3D7-3036-4e78-B29D-58957ADB0A12}
[PreInstalls.Kahuna4]
CDGUID={5E1494D4-3562-4FFB-B35C-600F80F6934C}
1={45B6180B-DCAB-4093-8EE8-6164457517F0}
2={15B9DC72-73F9-4d99-9E28-848D66DA8D99}
3={A1062847-0846-427A-92A1-BB8251A91E91}
[PreInstalls.Kahuna5]
CDGUID={0D182A5E-AEE0-42ca-BD1D-4EEB2FFA256D}
1={A1062847-0846-427A-92A1-BB8251A91E91}
2={4C04DF1B-6A39-4299-9DD1-1FA60000266E}
3={AAC4FC36-8F89-4587-8DD3-EBC57C83374D}
[PreInstalls.Kahuna6]
CDGUID={D0420D64-8D33-4374-A2B2-9225C7925CA6}
1={A1062847-0846-427A-92A1-BB8251A91E91}
2={4C04DF1B-6A39-4299-9DD1-1FA60000266E}
3={AAC4FC36-8F89-4587-8DD3-EBC57C83374D}
[PreInstalls.Kahuna7]
CDGUID={32498B7B-E1F3-4ad5-A23B-F26414E94BE0}
1={342C7C88-D335-4bc2-8CF1-281857629CE2}
2={ABA2B37F-AB88-486e-870A-52454A23FEE0}
3={BA2D9411-DBB4-43e4-9421-780413650A67}
[SystemRequirements]
AdminRightRequired=1
RunIfFailureAsynch=
RunIfFailureSynch=
RunIfFailureSynchTimeout=
RunIfWarningAsynch=
RunIfWarningSynch=
RunIfWarningSynchTimeout=
checkspooler=No
installspace=916
maxos=
mincolors=16
mincputext=Pentium II, K6, Transmeta 5400
mindisk=930
mindisplay=800x600
minie=6.00.2600.0000
minmhz=233
minram=56
minsysdisk=160
oslist=500,501,501_64,600,600_64
reccolors=16
reccputext=Pentium II, K6, Transmeta 5400
recdisk=930
recdisplay=800x600
recie=6.00.2600.0000
recmhz=233
recram=56
recsysdisk=160
sectionlist=MinSolution
warnproducttypelist=3
blockproducttypelist=3
[SystemRequirements.600]
MinBuildNumber=6000
RecBuildNumber=6000
checkspooler=No
installspace=916
maxos=
mincolors=16
mincputext=Pentium II, K6, Transmeta 5400
mindisk=930
mindisplay=800x600
minie=6.00.2600.0000
minmhz=233
minram=56
minsysdisk=160
oslist=500,501,501_64,600,600_64
reccolors=16
reccputext=Pentium II, K6, Transmeta 5400
recdisk=930
recdisplay=800x600
recie=6.00.2600.0000
recmhz=233
recram=56
recsysdisk=160
sectionlist=MinSolution
warnproducttypelist=3
blockproducttypelist=3
[SystemRequirements.Min]
SysReqPlugIn=%sourcepath%setup\hpzchk01.exe
[OSBlock.400]
launchbase=Setup\
1=hpzchk01.exe
[OSBlock.410]
launchbase=Setup\
1=hpzchk01.exe
[OSBlock.490]
launchbase=Setup\
1=hpzchk01.exe
[RunAs]
launchbase=Setup\
Qualifier=%OS%
[RunAs.500]
launchbase=Setup\
1=hpzchk01.exe
[RunAs.501]
launchbase=Setup\
1=hpzchk01.exe
[RunAs.501_64]
launchbase=Setup\
1=hpzchk01.exe
[Run1]
launchbase=%sourcepath%setup\
1=hpzpnp%ICE_SUFFIX%.exe
2=hpzpsc01.exe -OSUP
3=hpzrein01.exe
4=hpzwup01.exe
5=hpzshl%ICE_SUFFIX%.exe -m DelayedReboot
6=hpzshl%ICE_SUFFIX%.exe -m DelayedReboot
qualifier=%os%
[Run2]
launchbase=%sourcepath%setup\
1=hpzopt01.exe -forcetypical DriverOnly
2=hpzpsc01.exe -list ProductReleases -CPE
3=hpzsui01.exe
4=hpzshl%ICE_SUFFIX%.exe -m ICEPreShield,HPSecurity,CompositeDev,Printer,MassStorage,CloseManagerOfTrayApp
5=[Run.SetRecovery]
6=
qualifier=%os%
[Run3]
launchbase=%sourcepath%Setup\
1=[PatchesAvailable]
2=hpzprl%ICE_SUFFIX%.exe -m PreloadICEEngineToGUIDFolder
3=hpzprl%ICE_SUFFIX%.exe -m PreloadICEExes
4=[DPInstRunXML]
5=[dot4wrp]
6=[Run.stepbystep]
7=hpznop01.exe -PostRegisteredMessage WM_START_BITMAP_TIMER
8=hpzcdl01.exe -storesourcepath
9=[BucketsAvailable]
10=[Run.easyinstall]
11=[Run.CommitFull]
[Run.StepByStep]
1=hpzpnp%ICE_SUFFIX%.exe -clean -gateoncmdline easyinstall -runifoff
2=hpzdui%ICE_SUFFIX%.exe -gateoncmdline easyinstall -runifoff
3=hpzpnp%ICE_SUFFIX%.exe -clean -gateoncmdline easyinstall –runifoff
[Run.EasyInstall]
1=hpzpnp%ICE_SUFFIX%.exe -clean -gateoncmdline easyinstall
2=hpzdui%ICE_SUFFIX%.exe -gateoncmdline easyinstall
3=hpzpnp%ICE_SUFFIX%.exe -clean -gateoncmdline easyinstall
[Uninstall]
launchbase=%sourcepath%setup\
1=hpzscr%ICE_SUFFIX%.exe -datfile %ProductScrubberDatfile% -onestop
[ARP.SuppressRebootList]
hpzscr%ICE_SUFFIX%.exe=-r0
msiexec.exe=Reboot="ReallySuppress"
[Prescrub.CPE]
launchbase=%sourcepath%Setup\
SkipOnReinstall=SW
[MSI.FX]
Filename=netfx.msi
RefCount=No
Logfilename=%Temp%hpzFx_Log.txt
CopyToTemp=netfx.msi,netfx1.cab
[MSI.FXLangPack]
Filename=Langpacks\%lang%\langpack.msi
RefCount=No
Logfilename=%Temp%hpzFx%lang%_Log.txt
CopyToTemp=Langpacks\%lang%\langpack.msi,Langpacks\%lang%\langpac1.cab
[MSI.FXLangPack.0x9]
Filename=None.msi
RefCount=No
UI=No
CopyToTemp=hpzmsi01.exe
IgnoreReturnCode=Yes
[MSI.FXLangPack.0x1]
Filename=None.msi
RefCount=No
UI=No
CopyToTemp=hpzmsi01.exe
IgnoreReturnCode=Yes
[MSI.FXLangPack.0xd]
Filename=None.msi
RefCount=No
UI=Yes
CopyToTemp=hpzmsi01.exe
IgnoreReturnCode=Yes
[NetFx]
SkipIfOS=600,600_64
1=StopMSIService
2=Core
3=LangPack
[NetFx.StopMSIService]
1=%sourcepath%setup\hpzwis01.exe -stop
[NetFx.Core]
RegValueToLookFor=OCM
RegKeyToLookFor=SOFTWARE\Microsoft\NET Framework Setup\NDP\v1.1.4322
RegValueShouldBeEqualTo=1
1=%sourcepath%setup\hpzmsi01.exe -m FX
[NetFx.LangPack]
Qualifier=%PrimaryLangQualifier%
RegValueToLookFor=OCM
RegKeyToLookFor=SOFTWARE\Microsoft\NET Framework Setup\NDP\v1.1.4322\%langid%
RegValueShouldBeEqualTo=1
1=%sourcepath%setup\hpzmsi01.exe -m FXLangPack
[NetFx.LangPack.0x9]
1=%sourcepath%setup\hpznop01.exe
[NetFx.LangPack.0x1]
1=%sourcepath%setup\hpznop01.exe
[NetFx.LangPack.0xd]
1=%sourcepath%setup\hpznop01.exe
[NetFx.LangPack.0xa]
RegKeyToLookFor=SOFTWARE\Microsoft\NET Framework Setup\NDP\v1.1.4322\3082
[Setup.Text]
hpznfx01.exe=Installing Microsoft .NET Framework
hpzdxs01.exe=Installing Microsoft DirectX 9.0
HPZpsc01.exe=Searching for installed applications
HPZchk01.exe=Checking System Requirements
HPZwis01.exe=Updating Windows Installer Service
HPZpnp01.exe=Checking hardware
HPZscr01.exe=Uninstalling
HPZwrp01.exe=Installing Additional Software
HPZarp01.exe=Creating Add/Remove Programs entries
HPZrcv01.exe=Setting Recovery Point
HPZdui01.exe=Connecting device
HPZshl01.exe=Inspecting system
HPZopt01.exe=Waiting for user input
HPZsui01.exe=Waiting for user input
HPZrein01.exe=Waiting for user input
HPZtim01.exe=Waiting for user input
HPZdui40.exe=Connecting device
HPZpnp40.exe=Checking hardware
HPZscr40.exe=Uninstalling
HPZshl40.exe=Inspecting system
HPZnui01.exe=Installing Network Device
[Setup.Text.0x804]
hpznfx01.exe=ÕýÔÚ°²×° Microsoft .NET Framework
hpzdxs01.exe=ÕýÔÚ°²×° Microsoft DirectX 9.0
HPZpsc01.exe=²éÕÒÒÑ°²×°µÄÓ¦ÓóÌÐò
HPZchk01.exe=¼ì²éϵͳÐèÇó
HPZwis01.exe=¸üРWindows Installer ·þÎñ
HPZpnp01.exe=¼ì²éÓ²¼þ
HPZscr01.exe=жÔØ
HPZwrp01.exe=°²×°ÆäËûÈí¼þ
HPZarp01.exe=´´½¨¡°Ìí¼Ó/ɾ³ý³ÌÐò¡±ÏîÄ¿
HPZrcv01.exe=ÉèÖû¹Ô­µã
HPZdui01.exe=Á¬½ÓÉ豸
HPZshl01.exe=¼ì²éϵͳ
HPZopt01.exe=µÈ´ýÓû§ÊäÈë
HPZsui01.exe=µÈ´ýÓû§ÊäÈë
HPZrein01.exe=µÈ´ýÓû§ÊäÈë
HPZtim01.exe=µÈ´ýÓû§ÊäÈë
HPZdui40.exe=Á¬½ÓÉ豸
HPZpnp40.exe=¼ì²éÓ²¼þ
HPZscr40.exe=жÔØ
HPZshl40.exe=¼ì²éϵͳ
HPZnui01.exe=°²×°ÍøÂçÉ豸
[Setup.Text.0x404]
hpznfx01.exe=¦w¸Ë Microsoft .NET Framework
hpzdxs01.exe=¦w¸Ë Microsoft DirectX 9.0
HPZpsc01.exe=·j´M¤w¦w¸ËªºÀ³¥Îµ{¦¡
HPZchk01.exe=Àˬd¨t²Î»Ý¨D
HPZwis01.exe=¤É¯Å Windows Installer ªA°È
HPZpnp01.exe=ÀˬdµwÅé
HPZscr01.exe=¸Ñ°£¦w¸Ë¤¤
HPZwrp01.exe=¦w¸Ë¨ä¥L³nÅé
HPZarp01.exe=«Ø¥ß·s¼W/²¾°£µ{¦¡¶µ¥Ø
HPZrcv01.exe=³]©w­×´_ÂI
HPZdui01.exe=³s±µ¸Ë¸m
HPZshl01.exe=°»´ú¨t²Î
HPZopt01.exe=µ¥«Ý¨Ï¥ÎªÌ¿é¤J
HPZsui01.exe=µ¥«Ý¨Ï¥ÎªÌ¿é¤J
HPZrein01.exe=µ¥«Ý¨Ï¥ÎªÌ¿é¤J
HPZtim01.exe=µ¥«Ý¨Ï¥ÎªÌ¿é¤J
HPZdui40.exe=³s±µ¸Ë¸m
HPZpnp40.exe=ÀˬdµwÅé
HPZscr40.exe=¸Ñ°£¦w¸Ë¤¤
HPZshl40.exe=°»´ú¨t²Î
HPZnui01.exe=¦w¸Ëºô¸ô¸Ë¸m
[Setup.Text.0x5]
hpznfx01.exe=Instaluje se Microsoft .NET Framework
hpzdxs01.exe=Instaluje se Microsoft DirectX 9.0
HPZpsc01.exe=Vyhledávání nainstalovaných aplikací
HPZchk01.exe=Kontrola požadavkù na systém
HPZwis01.exe=Aktualizace služby Windows Installer
HPZpnp01.exe=Kontrola hardwaru
HPZscr01.exe=Odinstalace
HPZwrp01.exe=Instalace dalšího softwaru
HPZarp01.exe=Vytváøení položek v panelu Pøidat nebo odebrat programy
HPZrcv01.exe=Nastavení bodu obnovení
HPZdui01.exe=Pøipojení zaøízení
HPZshl01.exe=Kontrola systému
HPZopt01.exe=Èekání na vstup od uživatele
HPZsui01.exe=Èekání na vstup od uživatele
HPZrein01.exe=Èekání na vstup od uživatele
HPZtim01.exe=Èekání na vstup od uživatele
HPZdui40.exe=Pøipojení zaøízení
HPZpnp40.exe=Kontrola hardwaru
HPZscr40.exe=Odinstalace
HPZshl40.exe=Kontrola systému
HPZnui01.exe=Instalace síového zaøízení
[Setup.Text.0x6]
hpznfx01.exe=Installerer Microsoft .NET Framework
hpzdxs01.exe=Installerer Microsoft DirectX 9.0
HPZpsc01.exe=Søger efter allerede installerede programmer
HPZchk01.exe=Undersøger systemkrav
HPZwis01.exe=Opdaterer tjenesten Windows Installer
HPZpnp01.exe=Undersøger hardware
HPZscr01.exe=Fjerner
HPZwrp01.exe=Installerer yderligere software
HPZarp01.exe=Opretter poster i Tilføj/fjern programmer
HPZrcv01.exe=Indstiller gendannelsespunkt
HPZdui01.exe=Tilslutter enhed
HPZshl01.exe=Undersøger system
HPZopt01.exe=Venter på brugerinput
HPZsui01.exe=Venter på brugerinput
HPZrein01.exe=Venter på brugerinput
HPZtim01.exe=Venter på brugerinput
HPZdui40.exe=Tilslutter enhed
HPZpnp40.exe=Undersøger hardware
HPZscr40.exe=Fjerner
HPZshl40.exe=Undersøger system
HPZnui01.exe=Installerer netværksenhed
[Setup.Text.0x7]
hpznfx01.exe=Microsoft .NET Framework wird installiert
hpzdxs01.exe=Microsoft DirectX 9.0 wird installiert
HPZpsc01.exe=Installierte Anwendungen werden gesucht
HPZchk01.exe=Systemanforderungen werden geprüft
HPZwis01.exe=Windows-Installationsdienst wird aktualisiert
HPZpnp01.exe=Hardware wird geprüft
HPZscr01.exe=Deinstallieren
HPZwrp01.exe=Weitere Software wird installiert
HPZarp01.exe=Einträge zum Hinzufügen/Entfernen von Programmen werden erstellt
HPZrcv01.exe=Wiederherstellungsdaten werden gespeichert
HPZdui01.exe=Gerät wird verbunden
HPZshl01.exe=System wird untersucht
HPZopt01.exe=Warten auf Benutzereingabe
HPZsui01.exe=Warten auf Benutzereingabe
HPZrein01.exe=Warten auf Benutzereingabe
HPZtim01.exe=Warten auf Benutzereingabe
HPZdui40.exe=Gerät wird verbunden
HPZpnp40.exe=Hardware wird geprüft
HPZscr40.exe=Deinstallieren
HPZshl40.exe=System wird untersucht
HPZnui01.exe=Netzwerkgerät wird installiert
[Setup.Text.0x8]
hpznfx01.exe=ÅãêáôÜóôáóç Microsoft .NET Framework
hpzdxs01.exe=ÅãêáôÜóôáóç Microsoft DirectX 9.0
HPZpsc01.exe=ÁíáæÞôçóç åãêáôåóôçìÝíùí åöáñìïãþí
HPZchk01.exe=¸ëåã÷ïò ôùí áðáéôÞóåùí ôïõ óõóôÞìáôïò
HPZwis01.exe=ÁíáâÜèìéóç ôçò õðçñåóßáò Windows Installer
HPZpnp01.exe=¸ëåã÷ïò õëéêïý
HPZscr01.exe=ÊáôÜñãçóç åãêáôÜóôáóçò
HPZwrp01.exe=ÅãêáôÜóôáóç ðñüóèåôïõ ëïãéóìéêïý
HPZarp01.exe=Äçìéïõñãßá êáôá÷ùñÞóåùí ãéá ôçí åöáñìïãÞ "Ðñïóèáöáßñåóç ÐñïãñáììÜôùí"
HPZrcv01.exe=Ïñéóìüò óçìåßïõ áíÜêôçóçò
HPZdui01.exe=Óýíäåóç óõóêåõÞò
HPZshl01.exe=ÅîÝôáóç óõóôÞìáôïò
HPZopt01.exe=ÁíáìïíÞ åéóáãùãÞò áðü ôï ÷ñÞóôç
HPZsui01.exe=ÁíáìïíÞ åéóáãùãÞò áðü ôï ÷ñÞóôç
HPZrein01.exe=ÁíáìïíÞ åéóáãùãÞò áðü ôï ÷ñÞóôç
HPZtim01.exe=ÁíáìïíÞ åéóáãùãÞò áðü ôï ÷ñÞóôç
HPZdui40.exe=Óýíäåóç óõóêåõÞò
HPZpnp40.exe=¸ëåã÷ïò õëéêïý
HPZscr40.exe=ÊáôÜñãçóç åãêáôÜóôáóçò
HPZshl40.exe=ÅîÝôáóç óõóôÞìáôïò
HPZnui01.exe=ÅãêáôÜóôáóç óõóêåõÞò äéêôýïõ
[Setup.Text.0x9]
hpznfx01.exe=Installing Microsoft .NET Framework
hpzdxs01.exe=Installing Microsoft DirectX 9.0
HPZpsc01.exe=Searching for installed applications
HPZchk01.exe=Checking System Requirements
HPZwis01.exe=Updating Windows Installer Service
HPZpnp01.exe=Checking hardware
HPZscr01.exe=Uninstalling
HPZwrp01.exe=Installing Additional Software
HPZarp01.exe=Creating Add/Remove Programs entries
HPZrcv01.exe=Setting Recovery Point
HPZdui01.exe=Connecting device
HPZshl01.exe=Inspecting system
HPZopt01.exe=Waiting for user input
HPZsui01.exe=Waiting for user input
HPZrein01.exe=Waiting for user input
HPZtim01.exe=Waiting for user input
HPZdui40.exe=Connecting device
HPZpnp40.exe=Checking hardware
HPZscr40.exe=Uninstalling
HPZshl40.exe=Inspecting system
HPZnui01.exe=Installing Network Device
[Setup.Text.0xa]
hpznfx01.exe=Instalando Microsoft .NET Framework
hpzdxs01.exe=Instalando Microsoft DirectX 9.0
HPZpsc01.exe=Buscando aplicaciones instaladas
HPZchk01.exe=Comprobando los requisitos del sistema
HPZwis01.exe=Actualizando el servicio Windows Installer
HPZpnp01.exe=Comprobando el hardware
HPZscr01.exe=Desinstalando
HPZwrp01.exe=Instalando software adicional
HPZarp01.exe=Creando entradas para Agregar o quitar programas
HPZrcv01.exe=Estableciendo punto de recuperación
HPZdui01.exe=Conectando dispositivo
HPZshl01.exe=Inspeccionando el sistema
HPZopt01.exe=Esperando datos del usuario
HPZsui01.exe=Esperando datos del usuario
HPZrein01.exe=Esperando datos del usuario
HPZtim01.exe=Esperando datos del usuario
HPZdui40.exe=Conectando dispositivo
HPZpnp40.exe=Comprobando el hardware
HPZscr40.exe=Desinstalando
HPZshl40.exe=Inspeccionando el sistema
HPZnui01.exe=Instalando el dispositivo de red
[Setup.Text.0xb]
hpznfx01.exe=Ohjelma asentaa Microsoft .NET Framework -ohjelmaa
hpzdxs01.exe=Ohjelma asentaa Microsoft DirectX 9.0 -ohjelmaa
HPZpsc01.exe=Etsitään asennettuja sovelluksia
HPZchk01.exe=Tarkastetaan järjestelmävaatimuksia
HPZwis01.exe=Päivitetään Windows Installer -palvelua
HPZpnp01.exe=Tarkastetaan laitteistoa
HPZscr01.exe=Asennusta poistetaan
HPZwrp01.exe=Asennetaan muita ohjelmia
HPZarp01.exe=Luodaan Lisää tai poista sovellus -ikkunan tietoja
HPZrcv01.exe=Määritetään palautuspistettä
HPZdui01.exe=Kytketään laitetta
HPZshl01.exe=Tarkastetaan järjestelmää
HPZopt01.exe=Odotetaan käyttäjän syötettä
HPZsui01.exe=Odotetaan käyttäjän syötettä
HPZrein01.exe=Odotetaan käyttäjän syötettä
HPZtim01.exe=Odotetaan käyttäjän syötettä
HPZdui40.exe=Kytketään laitetta
HPZpnp40.exe=Tarkastetaan laitteistoa
HPZscr40.exe=Asennusta poistetaan
HPZshl40.exe=Tarkastetaan järjestelmää
HPZnui01.exe=Asennetaan verkkolaitetta
[Setup.Text.0xc]
hpznfx01.exe=Installation de Microsoft .NET Framework
hpzdxs01.exe=Installation de Microsoft DirectX 9.0
HPZpsc01.exe=Recherche des applications installées
HPZchk01.exe=Vérification de la configuration système requise
HPZwis01.exe=Mise à jour du service Windows Installer
HPZpnp01.exe=Vérification du matériel
HPZscr01.exe=Désinstallation
HPZwrp01.exe=Installation de logiciel supplémentaire
HPZarp01.exe=Création d'entrées dans la boîte de dialogue Ajout/Suppression de programmes
HPZrcv01.exe=Définition du point de récupération
HPZdui01.exe=Connexion du périphérique
HPZshl01.exe=Inspection du système
HPZopt01.exe=Attente d'une intervention de l'utilisateur
HPZsui01.exe=Attente d'une intervention de l'utilisateur
HPZrein01.exe=Attente d'une intervention de l'utilisateur
HPZtim01.exe=Attente d'une intervention de l'utilisateur
HPZdui40.exe=Connexion du périphérique
HPZpnp40.exe=Vérification du matériel
HPZscr40.exe=Désinstallation
HPZshl40.exe=Inspection du système
HPZnui01.exe=Installation du périphérique réseau
[Setup.Text.0xe]
hpznfx01.exe=Microsoft .NET Framework telepítése
hpzdxs01.exe=Microsoft DirectX 9.0 telepítése
HPZpsc01.exe=Telepített alkalmazások keresése
HPZchk01.exe=Rendszerkövetelmények ellenõrzése
HPZwis01.exe=Windows telepítõszolgáltatás frissítése
HPZpnp01.exe=Hardver ellenõrzése
HPZscr01.exe=Eltávolítás
HPZwrp01.exe=További programok telepítése
HPZarp01.exe=Elem létrehozása a Programok telepítése/törlése részben
HPZrcv01.exe=Helyreállítási pont beállítása
HPZdui01.exe=Kapcsolódás az eszközhöz
HPZshl01.exe=Rendszer elemzése
HPZopt01.exe=Várakozás felhasználói adatbevitelre
HPZsui01.exe=Várakozás felhasználói adatbevitelre
HPZrein01.exe=Várakozás felhasználói adatbevitelre
HPZtim01.exe=Várakozás felhasználói adatbevitelre
HPZdui40.exe=Kapcsolódás az eszközhöz
HPZpnp40.exe=Hardver ellenõrzése
HPZscr40.exe=Eltávolítás
HPZshl40.exe=Rendszer elemzése
HPZnui01.exe=Hálózati eszköz telepítése
[Setup.Text.0x10]
hpznfx01.exe=Installazione di Microsoft .NET Framework
hpzdxs01.exe=Installazione di Microsoft DirectX 9.0
HPZpsc01.exe=Ricerca delle applicazioni installate
HPZchk01.exe=Verifica dei requisiti di sistema
HPZwis01.exe=Aggiornamento del servizio Windows Installer
HPZpnp01.exe=Verifica dell'hardware
HPZscr01.exe=Disinstallazione
HPZwrp01.exe=Installazione del software supplementare
HPZarp01.exe=Creazione delle voci di Installazione applicazioni
HPZrcv01.exe=Impostazione del punto di ripristino
HPZdui01.exe=Collegamento della periferica
HPZshl01.exe=Analisi del sistema
HPZopt01.exe=Attesa input utente
HPZsui01.exe=Attesa input utente
HPZrein01.exe=Attesa input utente
HPZtim01.exe=Attesa input utente
HPZdui40.exe=Collegamento della periferica
HPZpnp40.exe=Verifica dell'hardware
HPZscr40.exe=Disinstallazione
HPZshl40.exe=Analisi del sistema
HPZnui01.exe=Installazione della periferica di rete
[Setup.Text.0x11]
hpznfx01.exe=Microsoft .NET Framework ‚ðƒCƒ“ƒXƒg[ƒ‹‚µ‚Ä‚¢‚Ü‚·
hpzdxs01.exe=Microsoft DirectX 9.0 ‚ðƒCƒ“ƒXƒg[ƒ‹‚µ‚Ä‚¢‚Ü‚·
HPZpsc01.exe=ƒCƒ“ƒXƒg[ƒ‹‚³‚ê‚Ä‚¢‚éƒAƒvƒŠƒP[ƒVƒ‡ƒ“‚ðŒŸõ‚µ‚Ä‚¢‚Ü‚·
HPZchk01.exe=ƒVƒXƒeƒ€•K—vðŒ‚̃`ƒFƒbƒN’†
HPZwis01.exe=Windows ƒCƒ“ƒXƒg[ƒ‰ ƒT[ƒrƒX‚ÌXV’†
HPZpnp01.exe=ƒn[ƒhƒEƒFƒA‚̃`ƒFƒbƒN’†
HPZscr01.exe=ƒAƒ“ƒCƒ“ƒXƒg[ƒ‹’†
HPZwrp01.exe=‚»‚Ì‘¼‚̃\ƒtƒgƒEƒFƒA‚ðƒCƒ“ƒXƒg[ƒ‹‚µ‚Ä‚¢‚Ü‚·
HPZarp01.exe=’ljÁ^휃vƒƒOƒ‰ƒ€ ƒGƒ“ƒgƒŠ‚ð쐬‚µ‚Ä‚¢‚Ü‚·
HPZrcv01.exe=‰ñ•œƒ|ƒCƒ“ƒg‚̐ݒ蒆
HPZdui01.exe=ƒfƒoƒCƒX‚̐ڑ±’†
HPZshl01.exe=ƒVƒXƒeƒ€ŒŸ¸’†
HPZopt01.exe=ƒ†[ƒU[‚©‚ç‚Ì“ü—Í‚ð‘Ò‚Á‚Ä‚¢‚Ü‚·
HPZsui01.exe=ƒ†[ƒU[‚©‚ç‚Ì“ü—Í‚ð‘Ò‚Á‚Ä‚¢‚Ü‚·
HPZrein01.exe=ƒ†[ƒU[‚©‚ç‚Ì“ü—Í‚ð‘Ò‚Á‚Ä‚¢‚Ü‚·
HPZtim01.exe=ƒ†[ƒU[‚©‚ç‚Ì“ü—Í‚ð‘Ò‚Á‚Ä‚¢‚Ü‚·
HPZdui40.exe=ƒfƒoƒCƒX‚̐ڑ±’†
HPZpnp40.exe=ƒn[ƒhƒEƒFƒA‚̃`ƒFƒbƒN’†
HPZscr40.exe=ƒAƒ“ƒCƒ“ƒXƒg[ƒ‹’†
HPZshl40.exe=ƒVƒXƒeƒ€ŒŸ¸’†
HPZnui01.exe=ƒlƒbƒgƒ[ƒN ƒfƒoƒCƒX‚̃Cƒ“ƒXƒg[ƒ‹
[Setup.Text.0x12]
hpznfx01.exe=Microsoft .NET Framework ¼³Ä¡
hpzdxs01.exe=Microsoft DirectX 9.0 ¼³Ä¡
HPZpsc01.exe=¼³Ä¡ÇÑ ÀÀ¿ë ÇÁ·Î±×·¥À» ã´Â Áß
HPZchk01.exe=½Ã½ºÅÛ ¿ä±¸ »çÇ× È®ÀÎ Áß
HPZwis01.exe=Windows ¼³Ä¡ ¼­ºñ½º ¾÷µ¥ÀÌÆ®ÇÏ´Â Áß
HPZpnp01.exe=Çϵå¿þ¾î¸¦ °Ë»çÇÏ´Â Áß
HPZscr01.exe=Á¦°Å Áß
HPZwrp01.exe=Ãß°¡ ¼ÒÇÁÆ®¿þ¾î ¼³Ä¡ Áß
HPZarp01.exe=ÇÁ·Î±×·¥ Ç׸ñ Ãß°¡/Á¦°Å ¸¸µå´Â Áß
HPZrcv01.exe=º¹±¸ Æ÷ÀÎÆ® ¼³Á¤ Áß
HPZdui01.exe=ÀåÄ¡ ¿¬°á Áß
HPZshl01.exe=½Ã½ºÅÛ °Ë»ç Áß
HPZopt01.exe=»ç¿ëÀÚ ÀÔ·Â ´ë±â Áß
HPZsui01.exe=»ç¿ëÀÚ ÀÔ·Â ´ë±â Áß
HPZrein01.exe=»ç¿ëÀÚ ÀÔ·Â ´ë±â Áß
HPZtim01.exe=»ç¿ëÀÚ ÀÔ·Â ´ë±â Áß
HPZdui40.exe=ÀåÄ¡ ¿¬°á Áß
HPZpnp40.exe=Çϵå¿þ¾î¸¦ °Ë»çÇÏ´Â Áß
HPZscr40.exe=Á¦°Å Áß
HPZshl40.exe=½Ã½ºÅÛ °Ë»ç Áß
HPZnui01.exe=³×Æ®¿öÅ© ÀåÄ¡ ¼³Ä¡ Áß
[Setup.Text.0x13]
hpznfx01.exe='Microsoft .NET Framework' installeren
hpzdxs01.exe='Microsoft DirectX 9.0' installeren
HPZpsc01.exe=Bezig met zoeken naar geïnstalleerde toepassingen
HPZchk01.exe=Bezig met controleren van systeemvereisten
HPZwis01.exe=Bezig met bijwerken van Windows Installer-service
HPZpnp01.exe=Bezig met controleren van hardware
HPZscr01.exe=Bezig met ongedaan maken van installatie
HPZwrp01.exe=Bezig met installeren van aanvullende software
HPZarp01.exe=Bezig met aanmaken van items voor Software
HPZrcv01.exe=Bezig met maken van herstelpunt
HPZdui01.exe=Bezig met aansluiten van apparaat
HPZshl01.exe=Bezig met systeemcontrole
HPZopt01.exe=Wachten op invoer van gebruiker
HPZsui01.exe=Wachten op invoer van gebruiker
HPZrein01.exe=Wachten op invoer van gebruiker
HPZtim01.exe=Wachten op invoer van gebruiker
HPZdui40.exe=Bezig met aansluiten van apparaat
HPZpnp40.exe=Bezig met controleren van hardware
HPZscr40.exe=Bezig met ongedaan maken van installatie
HPZshl40.exe=Bezig met systeemcontrole
HPZnui01.exe=Bezig met installeren van netwerkapparaat
[Setup.Text.0x14]
hpznfx01.exe=Installerer 'Microsoft .NET Framework'
hpzdxs01.exe=Installerer 'Microsoft DirectX 9.0'
HPZpsc01.exe=Søker etter installerte programmer
HPZchk01.exe=Kontrollerer systemkrav
HPZwis01.exe=Oppdaterer Windows-installeringstjeneste
HPZpnp01.exe=Kontrollerer maskinvare
HPZscr01.exe=Avinstallerer
HPZwrp01.exe=Installerer tilleggsprogramvare
HPZarp01.exe=Oppretter oppføringer for Legg til / fjern programmer
HPZrcv01.exe=Angir gjenopprettingspunkt
HPZdui01.exe=Kobler til enhet
HPZshl01.exe=Inspiserer system
HPZopt01.exe=Venter på brukerinndata
HPZsui01.exe=Venter på brukerinndata
HPZrein01.exe=Venter på brukerinndata
HPZtim01.exe=Venter på brukerinndata
HPZdui40.exe=Kobler til enhet
HPZpnp40.exe=Kontrollerer maskinvare
HPZscr40.exe=Avinstallerer
HPZshl40.exe=Inspiserer system
HPZnui01.exe=Installere nettverksenhet
[Setup.Text.0x15]
hpznfx01.exe=Instalacja 'Microsoft .NET Framework'
hpzdxs01.exe=Instalacja 'Microsoft DirectX 9.0'
HPZpsc01.exe=Trwa wyszukiwanie zainstalowanych aplikacji
HPZchk01.exe=Trwa sprawdzanie wymagañ systemowych
HPZwis01.exe=Trwa aktualizowanie us³ugi Instalator Windows
HPZpnp01.exe=Trwa sprawdzanie sprzêtu
HPZscr01.exe=Trwa odinstalowywanie
HPZwrp01.exe=Trwa instalowanie dodatkowego oprogramowania
HPZarp01.exe=Trwa tworzenie wpisów aplikacji Dodaj/Usuñ programy
HPZrcv01.exe=Trwa ustawianie punktu odzyskiwania danych
HPZdui01.exe=Trwa pod³¹czanie urz¹dzenia
HPZshl01.exe=Trwa inspekcja systemu
HPZopt01.exe=Trwa oczekiwanie na wprowadzenie danych przez u¿ytkownika
HPZsui01.exe=Trwa oczekiwanie na wprowadzenie danych przez u¿ytkownika
HPZrein01.exe=Trwa oczekiwanie na wprowadzenie danych przez u¿ytkownika
HPZtim01.exe=Trwa oczekiwanie na wprowadzenie danych przez u¿ytkownika
HPZdui40.exe=Trwa pod³¹czanie urz¹dzenia
HPZpnp40.exe=Trwa sprawdzanie sprzêtu
HPZscr40.exe=Trwa odinstalowywanie
HPZshl40.exe=Trwa inspekcja systemu
HPZnui01.exe=Trwa instalowanie urz¹dzenia sieciowego
[Setup.Text.0x16]
hpznfx01.exe=Instalando o Microsoft .NET Framework
hpzdxs01.exe=Instalando o Microsoft DirectX 9.0
HPZpsc01.exe=Procurando aplicativos instalados
HPZchk01.exe=Verificando exigências do sistema
HPZwis01.exe=Atualizando o serviço Windows Installer
HPZpnp01.exe=Verificando hardware
HPZscr01.exe=Desinstalando
HPZwrp01.exe=Instalando software adicional
HPZarp01.exe=Criando entradas em Adicionar ou Remover Programas
HPZrcv01.exe=Definindo ponto de recuperação
HPZdui01.exe=Conectando dispositivo
HPZshl01.exe=Inspecionando sistema
HPZopt01.exe=Aguardando entrada do usuário
HPZsui01.exe=Aguardando entrada do usuário
HPZrein01.exe=Aguardando entrada do usuário
HPZtim01.exe=Aguardando entrada do usuário
HPZdui40.exe=Conectando dispositivo
HPZpnp40.exe=Verificando hardware
HPZscr40.exe=Desinstalando
HPZshl40.exe=Inspecionando sistema
HPZnui01.exe=Instalando dispositivo de rede
[Setup.Text.0x19]
hpznfx01.exe=Óñòàíîâêà Microsoft .NET Framework
hpzdxs01.exe=Óñòàíîâêà Microsoft DirectX 9.0
HPZpsc01.exe=Ïîèñê óñòàíîâëåííûõ ïðèëîæåíèé
HPZchk01.exe=Ïðîâåðêà òðåáîâàíèé ê ñèñòåìå
HPZwis01.exe=Îáíîâëåíèå ñëóæáû óñòàíîâêè Windows
HPZpnp01.exe=Ïðîâåðêà àïïàðàòíîãî îáåñïå÷åíèÿ
HPZscr01.exe=Óäàëåíèå
HPZwrp01.exe=Óñòàíîâêà äîïîëíèòåëüíîãî ïðîãðàììíîãî îáåñïå÷åíèÿ
HPZarp01.exe=Ñîçäàíèå çàïèñåé â îêíå Óñòàíîâêà è óäàëåíèå ïðîãðàìì
HPZrcv01.exe=Óñòàíîâêà òî÷êè âîññòàíîâëåíèÿ
HPZdui01.exe=Ñîåäèíåíèå ñ óñòðîéñòâîì
HPZshl01.exe=Ïðîâåðêà ñèñòåìû
HPZopt01.exe=Îæèäàíèå äåéñòâèé ïîëüçîâàòåëÿ
HPZsui01.exe=Îæèäàíèå äåéñòâèé ïîëüçîâàòåëÿ
HPZrein01.exe=Îæèäàíèå äåéñòâèé ïîëüçîâàòåëÿ
HPZtim01.exe=Îæèäàíèå äåéñòâèé ïîëüçîâàòåëÿ
HPZdui40.exe=Ñîåäèíåíèå ñ óñòðîéñòâîì
HPZpnp40.exe=Ïðîâåðêà àïïàðàòíîãî îáåñïå÷åíèÿ
HPZscr40.exe=Óäàëåíèå
HPZshl40.exe=Ïðîâåðêà ñèñòåìû
HPZnui01.exe=Óñòàíîâêà ñåòåâîãî óñòðîéñòâà
[Setup.Text.0x1d]
hpznfx01.exe=Installerar Microsoft .NET Framework
hpzdxs01.exe=Installerar Microsoft DirectX 9.0
HPZpsc01.exe=Söker efter installerade program
HPZchk01.exe=Kontrollerar systemkrav
HPZwis01.exe=Uppdaterar tjänsten Windows Installer
HPZpnp01.exe=Kontrollerar maskinvara
HPZscr01.exe=Avinstallerar
HPZwrp01.exe=Installerar ytterligare programvara
HPZarp01.exe=Skapa poster för Lägg till/Ta bort program
HPZrcv01.exe=Skapar återställningspunkt
HPZdui01.exe=Ansluter enhet
HPZshl01.exe=Kontrollerar system
HPZopt01.exe=Väntar på användarindata
HPZsui01.exe=Väntar på användarindata
HPZrein01.exe=Väntar på användarindata
HPZtim01.exe=Väntar på användarindata
HPZdui40.exe=Ansluter enhet
HPZpnp40.exe=Kontrollerar maskinvara
HPZscr40.exe=Avinstallerar
HPZshl40.exe=Kontrollerar system
HPZnui01.exe=Installera nätverksenhet
[Setup.Text.0x1f]
hpznfx01.exe=Microsoft .NET Framework Yükleniyor
hpzdxs01.exe=Microsoft DirectX 9.0 Yükleniyor
HPZpsc01.exe=Yüklü uygulamalar aranýyor
HPZchk01.exe=Sistem Gereksinimleri Kontrol Ediliyor
HPZwis01.exe=Windows Yükleyici Hizmeti Güncelleþtiriliyor
HPZpnp01.exe=Donaným kontrol ediliyor
HPZscr01.exe=Yükleme kaldýrýlýyor
HPZwrp01.exe=Ek Yazýlým Yükleniyor
HPZarp01.exe=Program Ekle/Kaldýr giriþleri oluþturuluyor
HPZrcv01.exe=Geri Dönüþ Noktasý Ayarlanýyor
HPZdui01.exe=Aygýt baðlanýyor
HPZshl01.exe=Sistem denetleniyor
HPZopt01.exe=Kullanýcý giriþi bekleniyor
HPZsui01.exe=Kullanýcý giriþi bekleniyor
HPZrein01.exe=Kullanýcý giriþi bekleniyor
HPZtim01.exe=Kullanýcý giriþi bekleniyor
HPZdui40.exe=Aygýt baðlanýyor
HPZpnp40.exe=Donaným kontrol ediliyor
HPZscr40.exe=Yükleme kaldýrýlýyor
HPZshl40.exe=Sistem denetleniyor
HPZnui01.exe=Að Aygýtý Yükleniyor
[Setup.Text.0x1]
hpznfx01.exe=ÌÇÑí ÊËÈíÊ Microsoft .NET Framework
hpzdxs01.exe=ÌÇÑí ÊËÈíÊ Microsoft DirectX 9.0
HPZpsc01.exe=ÇáÈÍË Úä ÊØÈíÞÇÊ ãËÈÊÉ
HPZchk01.exe=ÝÍÕ ãÊØáÈÇÊ ÇáäÙÇã
HPZwis01.exe=ÊÍÏíË ÎÏãÉ ãËÈøÊ Windows
HPZpnp01.exe=ÝÍÕ ÇáÃÌåÒÉ
HPZscr01.exe=ÅáÛÇÁ ÇáÊËÈíÊ
HPZwrp01.exe=ÊËÈíÊ ÈÑÇãÌ ÅÖÇÝíÉ
HPZarp01.exe=ÅäÔÇÁ ÅÏÎÇáÇÊ 'ÅÖÇÝÉ/ÅÒÇáÉ ÈÑÇãÌ'
HPZrcv01.exe=ÖÈØ äÞØÉ ÇÓÊÑÏÇÏ
HPZdui01.exe=ÊæÕíá ÌåÇÒ
HPZshl01.exe=ÝÍÕ ÇáäÙÇã
HPZopt01.exe=ÇáÇäÊÙÇÑ Åáì ÅÏÎÇá ÇáãÓÊÎÏã
HPZsui01.exe=ÇáÇäÊÙÇÑ Åáì ÅÏÎÇá ÇáãÓÊÎÏã
HPZrein01.exe=ÇáÇäÊÙÇÑ Åáì ÅÏÎÇá ÇáãÓÊÎÏã
HPZtim01.exe=ÇáÇäÊÙÇÑ Åáì ÅÏÎÇá ÇáãÓÊÎÏã
HPZdui40.exe=ÊæÕíá ÌåÇÒ
HPZpnp40.exe=ÝÍÕ ÇáÃÌåÒÉ
HPZscr40.exe=ÅáÛÇÁ ÇáÊËÈíÊ
HPZshl40.exe=ÝÍÕ ÇáäÙÇã
HPZnui01.exe=ÊËÈíÊ ÌåÇÒ ÇáÔÈßÉ
[Setup.Text.0xd]
hpznfx01.exe=îú÷éï Microsoft .NET Framework
hpzdxs01.exe=îú÷éï Microsoft DirectX 9.0
HPZpsc01.exe=îçôù ééùåîéí îåú÷ðéí
HPZchk01.exe=áåã÷ ãøéùåú îòøëú
HPZwis01.exe=îòãëï àú ùéøåú Windows Installerþ
HPZpnp01.exe=áåã÷ çåîøä
HPZscr01.exe=îñéø äú÷ðä
HPZwrp01.exe=îú÷éï úåëðåú ðåñôåú
HPZarp01.exe=éåöø òøëé äåñôä/äñøä ùì úåëðéåú
HPZrcv01.exe=îâãéø ð÷åãú ùçæåø
HPZdui01.exe=îçáø àú ääú÷ï
HPZshl01.exe=áåçï àú äîòøëú
HPZopt01.exe=îîúéï ì÷ìè ùì äîùúîù
HPZsui01.exe=îîúéï ì÷ìè ùì äîùúîù
HPZrein01.exe=îîúéï ì÷ìè ùì äîùúîù
HPZtim01.exe=îîúéï ì÷ìè ùì äîùúîù
HPZdui40.exe=îçáø àú ääú÷ï
HPZpnp40.exe=áåã÷ çåîøä
HPZscr40.exe=îñéø äú÷ðä
HPZshl40.exe=áåçï àú äîòøëú
HPZnui01.exe=îú÷éï äú÷ï øùú
[MSI.SelfInstallingPortMonitor]
InstallDir=%System%
Filename=%sourcepath%setup\SIPM\HP_Standard_Port_Monitor.msi
RefCount=No
UI=No
IgnoreNewerVersion=No
SkipIfSilent=No
SkipOnReinstall=DRV
Logfilename=%Temp%%DIVISION%MSI_PortMonitor.log
TRANSFORMS=SIPM\%langid%.MST
[MSI.SelfInstallingPortMonitor_64]
InstallDir=%System%
Filename=%sourcepath%setup\SIPM_64\HP Standard Port Monitor.msi
RefCount=No
UI=No
IgnoreNewerVersion=No
SkipIfSilent=No
SkipOnReinstall=DRV
Logfilename=%Temp%%DIVISION%MSI_PortMonitor.log
TRANSFORMS=SIPM_64\%langid%.MST
[InstallPortMonitor.500]
1=hpzmsi01.exe -m SelfInstallingPortMonitor
[InstallPortMonitor.501]
1=hpzmsi01.exe -m SelfInstallingPortMonitor
[InstallPortMonitor.600]
1=hpzmsi01.exe -m SelfInstallingPortMonitor
[InstallPortMonitor.501_64]
1=hpzmsi01.exe -m SelfInstallingPortMonitor_64
[InstallPortMonitor.502_64]
1=hpzmsi01.exe -m SelfInstallingPortMonitor_64
[InstallPortMonitor.600_64]
1=hpzmsi01.exe -m SelfInstallingPortMonitor_64
[Recovery.LogAnalysis]
CollectLogs=Yes
[Recovery.Startup]
1=%Recovery%setup\hpzrcv01.exe -f ..\%autorunName% -recover
[Recovery.Recover]
1=%Recovery%Setup\hpzscr%ICE_SUFFIX%.exe -datfile .\%ProductScrubberDatfile% -d MsiUninstaller -unattended -forcereboot
[Recovery.SetupQuit]
launchbase=%sourcepath%Setup\
1=hpzrcv01.exe -unsetrecovery
[Uninstall.ERROR_FAILURE_CLEANUP]
launchbase=%sourcepath%Setup\
1=hpzrcv01.exe -recover -logs
[Uninstall.ERROR_FAILURE_CLEANUP.Run4]
launchbase=%sourcepath%Setup\
1=hpzrcv01.exe -recover Run4 -logs
[Recovery.Run4.Recover]
1=%Recovery%Setup\hpzscr%ICE_SUFFIX%.exe -datfile %DeviceInstanceRollbackFile% -unattended -forcereboot
[Recovery.MSIOnly.Startup]
1=%recovery%setup\hpzrcv01.exe -f ..\%autorunName% -recover MSIOnly -logs
[Recovery.MSIOnly.Recover]
SWOnly=Yes
1=%Recovery%Setup\hpzscr%ICE_SUFFIX%.exe -datfile %MsiRollbackDatFile% -unattended -forcereboot
[Recovery.MSIOnly.Error_Failure_Cleanup]
1=hpzrcv01.exe -recover MSIOnly -logs
[Run.SetRecovery]
launchbase=%sourcepath%setup\
1=hpzprl%ICE_SUFFIX%.exe -m PreloadRecoveryMechanism
2=hpzrcv01.exe -setrecovery
[Run.CommitProduct]
launchbase=%sourcepath%setup\
1=hpzmsi01.exe -commit
2=..\%setupName% -commitGuid %CDGuid%
3=hpzrcv01.exe -unsetrecovery
4=hpzrcv01.exe -setrecovery MSIOnly
[Run.CommitFull]
launchbase=%sourcepath%setup\
1=hpzmsi01.exe -commit
2=hpzrcv01.exe -unsetrecovery
[FilesThatForceReboot]
1=mscoree.dll
2=MICROS~1.NET\FRAMEW~1\V11~1.432
3=Microsoft.NET\Framework\v1.1.4322
[WUP]
SecondsToWaitForConnection=30
SecondsToWaitForDownloadComplete=600
[WUP.OptIn]
1=ProductAssistantOpted
2=ProductAssistantNever
3=HPSUNotify
4=HPSUDays
[Wup.OptOut]
1=ProductAssistantOpted
2=ProductAssistantNever
3=HPSUNotify
4=HPSUDays
[Wup.ProductAssistantOpted]
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\Product Assistant
Value=OptInCompleted
OptInData=1
OptOutData=1
[Wup.ProductAssistantOpted.501_64]
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Hewlett-Packard\Product Assistant
[Wup.ProductAssistantOpted.502_64]
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Hewlett-Packard\Product Assistant
[Wup.ProductAssistantOpted.600_64]
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Hewlett-Packard\Product Assistant
[Wup.ProductAssistantNever]
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\HP Software Update\Product Assistant
Value=Never
OptOutData=1
OptInData=0
[Wup.ProductAssistantNever.501_64]
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Hewlett-Packard\HP Software Update\Product Assistant
[Wup.ProductAssistantNever.502_64]
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Hewlett-Packard\HP Software Update\Product Assistant
[Wup.ProductAssistantNever.600_64]
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Hewlett-Packard\HP Software Update\Product Assistant
[Wup.HPSUNotify]
Key=HKEY_LOCAL_MACHINE\Software\Hewlett-Packard\HP Software Update
Value=Notify
OptInData=1
OptOutData=0
[WUP.HPSUNotify.501_64]
Key=HKEY_LOCAL_MACHINE\Software\Wow6432Node\Hewlett-Packard\HP Software Update
[Wup.HPSUNotify.502_64]
Key=HKEY_LOCAL_MACHINE\Software\Wow6432Node\Hewlett-Packard\HP Software Update
[Wup.HPSUNotify.600_64]
Key=HKEY_LOCAL_MACHINE\Software\Wow6432Node\Hewlett-Packard\HP Software Update
[Wup.HPSUDays]
Key=HKEY_LOCAL_MACHINE\Software\Hewlett-Packard\HP Software Update
Value=nDays
OptInData=7
OptOutData=30
[WUP.HPSUDays.501_64]
Key=HKEY_LOCAL_MACHINE\Software\Wow6432Node\Hewlett-Packard\HP Software Update
[Wup.HPSUDays.502_64]
Key=HKEY_LOCAL_MACHINE\Software\Wow6432Node\Hewlett-Packard\HP Software Update
[Wup.HPSUDays.600_64]
Key=HKEY_LOCAL_MACHINE\Software\Wow6432Node\Hewlett-Packard\HP Software Update
[Shield.ICEPreShield]
1=SynTPEnh
2=QTTask
3=.NETUninstall
4=CommonAdminTools
5=MsiExec
6=PlugPlay
7=LocalSoftware
8=LocalSystem
9=EnumRegKey
10=Config.Msi
11=ICE RegKey
12=ClassesRoot
13=softpubDll
14=wintrustDll
15=initpkiDll
16=cryptextDll
17=dssenhDll
18=rsaenhDll
19=gpkcspDll
20=sccbaseDll
21=slbcspDll
22=cryptdlgDll
23=DevicePathRegValue
24=Wow64LocalSoftware
25=Wow64ClassRoot
26=CryptSvc
27=Wow64softpubDll
28=Wow64wintrustDll
29=Wow64dssenhDll
30=Wow64rsaenhDll
31=Wow64gpkcspDll
32=Wow64sccbaseDll
33=Wow64slbcspDll
34=Wow64cryptdlgDll
[Shield.DevicePathRegValue.500]
Data=%SystemRoot%\inf
ReplaceWith=%SystemRoot%\inf
Type=EXPAND_SZ
Manufacturer=Microsoft
IssueType=RegData
Condition=Missing
Action=Autofix
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
Value=DevicePath
BlockIfFail=Yes
[Shield.DevicePathRegValue.501]
Data=%SystemRoot%\inf
ReplaceWith=%SystemRoot%\inf
Type=EXPAND_SZ
Manufacturer=Microsoft
IssueType=RegData
Condition=Missing
Action=Autofix
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
Value=DevicePath
BlockIfFail=Yes
[Shield.DevicePathRegValue.501_64]
Data=%SystemRoot%\inf
ReplaceWith=%SystemRoot%\inf
Type=EXPAND_SZ
Manufacturer=Microsoft
IssueType=RegData
Condition=Missing
Action=Autofix
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
Value=DevicePath
BlockIfFail=Yes
[Shield.DevicePathRegValue.600]
Data=%SystemRoot%\inf
ReplaceWith=%SystemRoot%\inf
Type=EXPAND_SZ
Manufacturer=Microsoft
IssueType=RegData
Condition=Missing
Action=Autofix
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
Value=DevicePath
BlockIfFail=Yes
[Shield.DevicePathRegValue.600_64]
Data=%SystemRoot%\inf
ReplaceWith=%SystemRoot%\inf
Type=EXPAND_SZ
Manufacturer=Microsoft
IssueType=RegData
Condition=Missing
Action=Autofix
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
Value=DevicePath
BlockIfFail=Yes
[Shield.CloseIZApps]
1=hpqselsk
2=hpqcopy
3=hpqgalry
4=hpqiscfg
5=hpqimvac
6=hpqpos
7=hpqvapa
[Shield.SynTPEnh]
IssueType=Process
MaxVersion=0x0005000000000893
MinVersion=0x0005000000000893
Manufacturer=HP
Action=Autofix
BlockIfFail=Yes
[Shield.QTTask]
IssueType=Process
MaxVersion=0x0006000100000000
MinVersion=0x0000000000000000
Manufacturer=Apple
Action=Autofix
BlockIfFail=Yes
[Shield..NETUninstall]
IssueType=RebootFile
Manufacturer=Microsoft
Action=Autofix
1=mscoree.dll
2=MICROS~1.NET\FRAMEW~1\V11~1.432
3=Microsoft.NET\Framework\v1.1.4322
Return=Reboot
BlockIfFail=No
[Shield.CommonAdminTools]
Manufacturer=Microsoft
IssueType=RegData
Condition=Contains
Action=Autofix
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
Value=Common Administrative Tools
Data=<Common Administrative Tools>.All Users\
ReplaceWith=%ALLUSERSPROFILE%\Start Menu\Programs\Administrative Tools
Type=EXPAND_SZ
BlockIfFail=Yes
[Shield.MsiExec]
IssueType=Service
ServiceName=MSIServer
Manufacturer=Microsoft
Action=FIX
Condition=DISABLED
DisplayName=Windows Installer
BlockIfFail=Yes
[Shield.PlugPlay]
IssueType=Service
ServiceName=PlugPlay
Manufacturer=Microsoft
Action=FIX
Condition=STOPPED
DisplayName=Plug and Play
BlockIfFail=Yes
[Shield.LocalSoftware.500]
Manufacturer=Microsoft
IssueType=RegKey
Action=Autofix
Condition=NotWriteable
Key=HKEY_LOCAL_MACHINE\SOFTWARE
DisplayName=LocalSoftware
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.LocalSoftware.501]
Manufacturer=Microsoft
IssueType=RegKey
Action=Autofix
Condition=NotWriteable
Key=HKEY_LOCAL_MACHINE\SOFTWARE
DisplayName=LocalSoftware
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.LocalSoftware.501_64]
Manufacturer=Microsoft
IssueType=RegKey
Action=Autofix
Condition=NotWriteable
Key=HKEY_LOCAL_MACHINE\SOFTWARE
DisplayName=LocalSoftware
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.LocalSoftware.600]
Manufacturer=Microsoft
IssueType=RegKey
Action=Autofix
Condition=NotWriteable
Key=HKEY_LOCAL_MACHINE\SOFTWARE
DisplayName=LocalSoftware
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.LocalSoftware.600_64]
Manufacturer=Microsoft
IssueType=RegKey
Action=Autofix
Condition=NotWriteable
Key=HKEY_LOCAL_MACHINE\SOFTWARE
DisplayName=LocalSoftware
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.Wow64LocalSoftware.501_64]
Manufacturer=Microsoft
IssueType=RegKey
Action=Autofix
Condition=NotWriteable
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node
DisplayName=LocalSoftware
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.Wow64LocalSoftware.600_64]
Manufacturer=Microsoft
IssueType=RegKey
Action=Autofix
Condition=NotWriteable
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node
DisplayName=LocalSoftware
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.LocalSystem.500]
Manufacturer=Microsoft
IssueType=RegKey
Action=Autofix
Condition=NotWriteable
Key=HKEY_LOCAL_MACHINE\SYSTEM
DisplayName=LocalSystem
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
[Shield.LocalSystem.501]
Manufacturer=Microsoft
IssueType=RegKey
Action=Autofix
Condition=NotWriteable
Key=HKEY_LOCAL_MACHINE\SYSTEM
DisplayName=LocalSystem
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
[Shield.LocalSystem.501_64]
Manufacturer=Microsoft
IssueType=RegKey
Action=Autofix
Condition=NotWriteable
Key=HKEY_LOCAL_MACHINE\SYSTEM
DisplayName=LocalSystem
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
[Shield.LocalSystem.600]
Manufacturer=Microsoft
IssueType=RegKey
Action=Autofix
Condition=NotWriteable
Key=HKEY_LOCAL_MACHINE\SYSTEM
DisplayName=LocalSystem
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
[Shield.LocalSystem.600_64]
Manufacturer=Microsoft
IssueType=RegKey
Action=Autofix
Condition=NotWriteable
Key=HKEY_LOCAL_MACHINE\SYSTEM
DisplayName=LocalSystem
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
[Shield.EnumRegKey.500]
IssueType=RegKey
Manufacturer=Microsoft
DisplayName=Enum
Key=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum
Condition=NotWriteable
Action=AutoFix
BlockIfFail=Yes
Recurse=Yes
OverwriteDacl=No
CheckAccess=SystemAccess
SetAccess=SystemAccess
Timeout=10
[Shield.EnumRegKey.501]
IssueType=RegKey
Manufacturer=Microsoft
DisplayName=Enum
Key=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum
Condition=NotWriteable
Action=AutoFix
BlockIfFail=Yes
Recurse=Yes
OverwriteDacl=No
CheckAccess=SystemAccess
SetAccess=SystemAccess
Timeout=10
[Shield.EnumRegKey.501_64]
IssueType=RegKey
Manufacturer=Microsoft
DisplayName=Enum
Key=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum
Condition=NotWriteable
Action=AutoFix
BlockIfFail=Yes
Recurse=Yes
OverwriteDacl=No
CheckAccess=SystemAccess
SetAccess=SystemAccess
Timeout=10
[Shield.Config.Msi]
IssueType=Folder
Manufacturer=Microsoft Corporation
FolderName=%WindowsDrive%Config.Msi
Action=AUTOFIX
Condition=~EXIST
HIDDEN=Y
[Shield.ICE RegKey]
IssueType=RegKey
Manufacturer=HP
DisplayName=ICE
Key=HKEY_LOCAL_MACHINE\SOFTWARE\ICE
Condition=NotWriteable
Action=Autofix
BlockIfFail=Yes
Recurse=Yes
OverwriteDacl=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
Timeout=10
[Shield.ClassesRoot.500]
IssueType=RegKey
Manufacturer=Microsoft
DisplayName=HKEY_CLASSES_ROOT
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Classes
Condition=NotWriteable
Action=Autofix
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.ClassesRoot.501]
IssueType=RegKey
Manufacturer=Microsoft
DisplayName=HKEY_CLASSES_ROOT
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Classes
Condition=NotWriteable
Action=Autofix
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.ClassesRoot.501_64]
IssueType=RegKey
Manufacturer=Microsoft
DisplayName=HKEY_CLASSES_ROOT
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Classes
Condition=NotWriteable
Action=Autofix
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.ClassesRoot.600]
IssueType=RegKey
Manufacturer=Microsoft
DisplayName=HKEY_CLASSES_ROOT
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Classes
Condition=NotWriteable
Action=Autofix
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.ClassesRoot.600_64]
IssueType=RegKey
Manufacturer=Microsoft
DisplayName=HKEY_CLASSES_ROOT
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Classes
Condition=NotWriteable
Action=Autofix
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.Wow64ClassRoot.501_64]
IssueType=RegKey
Manufacturer=Microsoft
DisplayName=HKEY_CLASSES_ROOT
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes
Condition=NotWriteable
Action=Autofix
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.Wow64ClassRoot.600_64]
IssueType=RegKey
Manufacturer=Microsoft
DisplayName=HKEY_CLASSES_ROOT
Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes
Condition=NotWriteable
Action=Autofix
BlockIfFail=Yes
Recurse=No
OverwriteDacl=No
SetOnlyIfInvalid=Yes
CheckAccess=CommonSidList
SetAccess=CommonSidList
CheckCreatedKey=Yes
[Shield.DXQVPFix]
1=QVP32
[Shield.QVP32]
Manufacturer=Microsoft
IssueType=RegData
Condition=Contains
Action=Autofix
Key=HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Value=DXDllRegExe
Data=dxdllreg.exe
ReplaceWith=%system%dxdllreg.exe
BlockIfFail=Yes
[Shield.CompositeDev]
1=USBInf
2=certclas
3=USBCCGP
[Shield.USBCheck]
1=USBInf
2=USBPrint
3=USBStor
4=USBScan
5=NTPrint
6=certclas
7=USBCCGP
[Shield.Printer]
1=PrintSpooler
2=ReadOnlyPNFs
3=USBPrint
4=NTPrint
5=certclas
6=PrintCoinstaller
[Shield.PnP.Printer]
1=USBPrint
[Shield.MassStorage]
1=Roxio
2=USBStor
3=certclas
4=hpusbfd
[Shield.PnP.MassStorage]
1=USBStor
[Shield.Scanner]
1=ReadOnlyPNFs
2=USBScan
3=certclas
[Shield.PnP.Scanner]
1=USBScan
[Shield.Camera]
1=ReadOnlyPNFs
2=certclas
[Shield.PnPFiles]
1=USBInf
2=certclas
3=USBCCGP
[Shield.USBInf.500]
DisplayName=USB.inf
IssueType=SystemDriver
Condition=~Exists
DriverInfName=usb.inf
DriverSysName=usbhub.sys
SectionToInstall=Composite.Dev.NT
MinVersion=5000008870001
DriverSysMinVersion=5000008850001
Manufacturer=Microsoft
[Shield.USBInf.501]
DisplayName=USB.inf
IssueType=SystemDriver
Condition=~Exists
DriverInfName=usb.inf
DriverSysName=usbccgp.sys
SectionToInstall=Composite.Dev.NT
MinVersion=500010A280000
DriverSysMinVersion=500010A280000
Manufacturer=Microsoft
[Shield.USBInf.501_64]
DisplayName=USB.inf
IssueType=SystemDriver
Condition=~Exists
DriverInfName=usb.inf
DriverSysName=usbccgp.sys
SectionToInstall=Composite.Dev.NT
MinVersion=500010A280000
DriverSysMinVersion=500010A280000
Manufacturer=Microsoft
[Shield.USBPrint.500]
DisplayName=USBPrint
IssueType=SystemDriver
Condition=~Exists
DriverInfName=usbprint.inf
DriverSysName=usbprint.sys
SectionToInstall=USBPRINT_Inst.NT
MinVersion=5000008870001
DriverSysMinVersion=5000008740001
Manufacturer=Microsoft
[Shield.USBPrint.501]
DisplayName=USBPrint
IssueType=SystemDriver
Condition=~Exists
DriverInfName=usbprint.inf
DriverSysName=usbprint.sys
SectionToInstall=USBPRINT_Inst.NT
MinVersion=500010A280000
DriverSysMinVersion=500010A280000
Manufacturer=Microsoft
[Shield.USBPrint.501_64]
DisplayName=USBPrint
IssueType=SystemDriver
Condition=~Exists
DriverInfName=usbprint.inf
DriverSysName=usbprint.sys
SectionToInstall=USBPRINT_Inst.NT
MinVersion=500010A280000
DriverSysMinVersion=500010A280000
Manufacturer=Microsoft
[Shield.NTPrint.500]
DisplayName=NTPrint
IssueType=SystemDriver
Condition=~Exists
DriverInfName=ntprint.inf
DriverSysName=
SectionToInstall=
MinVersion=0
Manufacturer=Microsoft
[Shield.NTPrint.501]
DisplayName=NTPrint
IssueType=SystemDriver
Condition=~Exists
DriverInfName=ntprint.inf
DriverSysName=
SectionToInstall=
MinVersion=0
Manufacturer=Microsoft
[Shield.NTPrint.501_64]
DisplayName=NTPrint
IssueType=SystemDriver
Condition=~Exists
DriverInfName=ntprint.inf
DriverSysName=
SectionToInstall=
MinVersion=0
Manufacturer=Microsoft
[Shield.NTPrint.600]
DisplayName=NTPrint
IssueType=SystemDriver
Condition=~Exists
DriverInfName=ntprint.inf
DriverSysName=
SectionToInstall=
MinVersion=0
Manufacturer=Microsoft
[Shield.NTPrint.600_64]
DisplayName=NTPrint
IssueType=SystemDriver
Condition=~Exists
DriverInfName=ntprint.inf
DriverSysName=
SectionToInstall=
MinVersion=0
Manufacturer=Microsoft
[Shield.certclas.500]
DisplayName=Certclas.inf
IssueType=SystemDriver
Condition=~Exists
DriverInfName=certclas.inf
DriverSysName=
SectionToInstall=
MinVersion=5000008870001
Manufacturer=Microsoft
[Shield.CertClas.501]
DisplayName=Certclas.inf
IssueType=SystemDriver
Condition=~Exists
DriverInfName=Certclas.inf
DriverSysName=
SectionToInstall=
MinVersion=5000109E70000
Manufacturer=Microsoft
[Shield.CertClas.501_64]
DisplayName=Certclas.inf
IssueType=SystemDriver
Condition=~Exists
DriverInfName=Certclas.inf
DriverSysName=
SectionToInstall=
MinVersion=5000109E70000
Manufacturer=Microsoft
[Shield.USBStor.500]
DisplayName=USBStor
IssueType=SystemDriver
Condition=~Exists
DriverInfName=usbstor.inf
DriverSysName=usbstor.sys
SectionToInstall=USBSTOR_BULK.NT
MinVersion=5000008870001
DriverSysMinVersion=50000085A0001
Manufacturer=Microsoft
[Shield.USBStor.501]
DisplayName=USBStor
IssueType=SystemDriver
Condition=~Exists
DriverInfName=usbstor.inf
DriverSysName=usbstor.sys
SectionToInstall=USBSTOR_BULK.NT
MinVersion=500010A280000
DriverSysMinVersion=500010A280000
Manufacturer=Microsoft
[Shield.USBStor.501_64]
DisplayName=USBStor
IssueType=SystemDriver
Condition=~Exists
DriverInfName=usbstor.inf
DriverSysName=usbstor.sys
SectionToInstall=USBSTOR_BULK.NT
MinVersion=500010A280000
DriverSysMinVersion=500010A280000
Manufacturer=Microsoft
[Shield.USBScan.500]
DisplayName=USBScan
IssueType=SystemDriver
Condition=~Exists
DriverInfName=sti.inf
DriverSysName=usbscan.sys
SectionToInstall=STI.USBSection
MinVersion=5000008870001
DriverSysMinVersion=5000008670001
Manufacturer=Microsoft
[Shield.USBScan.501]
DisplayName=USBScan
IssueType=SystemDriver
Condition=~Exists
DriverInfName=sti.inf
DriverSysName=usbscan.sys
SectionToInstall=STI.USBSection
MinVersion=500010A280000
DriverSysMinVersion=500010A280000
Manufacturer=Microsoft
[Shield.USBScan.501_64]
DisplayName=USBScan
IssueType=SystemDriver
Condition=~Exists
DriverInfName=sti.inf
DriverSysName=usbscan.sys
SectionToInstall=STI.USBSection
MinVersion=500010A280000
DriverSysMinVersion=500010A280000
Manufacturer=Microsoft
[Shield.PrintCoinstaller.500]
Manufacturer=Microsoft
IssueType=RegData
Condition=Missing
Action=Autofix
Key=HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}
Value=Installer32
BlockIfFail=Yes
Data=ntprint.dll,ClassInstall32
ReplaceWith=ntprint.dll,ClassInstall32
[Shield.PrintCoinstaller.501]
Manufacturer=Microsoft
IssueType=RegData
Condition=Missing
Action=Autofix
Key=HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}
Value=Installer32
BlockIfFail=Yes
Data=ntprint.dll,ClassInstall32
ReplaceWith=ntprint.dll,ClassInstall32
[Shield.PrintCoinstaller.501_64]
Manufacturer=Microsoft
IssueType=RegData
Condition=Missing
Action=Autofix
Key=HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}
Value=Installer32
BlockIfFail=Yes
Data=ntprint.dll,ClassInstall32
ReplaceWith=ntprint.dll,ClassInstall32
[Shield.PrintCoinstaller.600]
Manufacturer=Microsoft
IssueType=RegData
Condition=Missing
Action=Autofix
Key=HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}
Value=Installer32
BlockIfFail=Yes
Data=ntprint.dll,ClassInstall32
ReplaceWith=ntprint.dll,ClassInstall32
[Shield.PrintCoinstaller.600_64]
Manufacturer=Microsoft
IssueType=RegData
Condition=Missing
Action=Autofix
Key=HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}
Value=Installer32
BlockIfFail=Yes
Data=ntprint.dll,ClassInstall32
ReplaceWith=ntprint.dll,ClassInstall32
[Shield.PrintSpooler]
IssueType=Service
ServiceName=Spooler
Manufacturer=Microsoft
Action=FIX
Condition=STOPPED
DisplayName=Print Spooler
BlockIfFail=Yes
AutoStartService=Yes
[Shield.hpusbfd]
Manufacturer=Hewlett-Packard
IssueType=RegData
Condition=Contains
Action=Autofix
Key=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}
Value=UpperFilter
Data=hpusbfd
Type=MULTI_SZ
ReplaceWith=*
BlockIfFail=Yes
[Shield.Roxio.500]
IssueType=File
Manufacturer=Roxio
MaxVersion=0x0002000000000046
MinVersion=0x0002000000000046
Action=STOP
Condition=EXIST
DisplayName=Easy CD Creator 5
BlockIfFail=Yes
FileName=%system%drivers\PrtSeqRd.sys
SpecialText=Shield.Roxio.Text
[Shield.Roxio.501]
IssueType=File
Manufacturer=Roxio
MaxVersion=0x0002000000000046
MinVersion=0x0002000000000046
Action=STOP
Condition=EXIST
DisplayName=Easy CD Creator 5
FileName=%system%drivers\PrtSeqRd.sys
BlockIfFail=Yes
SpecialText=Shield.Roxio.Text
[Shield.Roxio.501_64]
IssueType=File
Manufacturer=Roxio
MaxVersion=0x0002000000000046
MinVersion=0x0002000000000046
Action=STOP
Condition=EXIST
DisplayName=Easy CD Creator 5
FileName=%system%drivers\PrtSeqRd.sys
BlockIfFail=Yes
SpecialText=Shield.Roxio.Text
[Shield.Roxio.600]
IssueType=File
Manufacturer=Roxio
MaxVersion=0x0002000000000046
MinVersion=0x0002000000000046
Action=STOP
Condition=EXIST
DisplayName=Easy CD Creator 5
FileName=%system%drivers\PrtSeqRd.sys
BlockIfFail=Yes
SpecialText=Shield.Roxio.Text
[Shield.Roxio.600_64]
IssueType=File
Manufacturer=Roxio
MaxVersion=0x0002000000000046
MinVersion=0x0002000000000046
Action=STOP
Condition=EXIST
DisplayName=Easy CD Creator 5
FileName=%system%drivers\PrtSeqRd.sys
BlockIfFail=Yes
SpecialText=Shield.Roxio.Text
[Shield.Firewalls]
1=Smc
2=Zapro
3=Ccapp
4=BlackIce
5=MpfAgent
6=Ca
7=ccEvtMgr
8=SndSrvc
9=ccProxy
10=ccPwdSvc
11=ccSetMgr
12=Zlclient
13=Pavfires
[Shield.Smc.500]
IssueType=Service
ServiceName=SmcService
DisplayName=Sygate Security Agent: Firewall
Manufacturer=Sygate Technologies
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Smc.501]
IssueType=Service
ServiceName=SmcService
DisplayName=Sygate Security Agent: Firewall
Manufacturer=Sygate Technologies
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Smc.501_64]
IssueType=Service
ServiceName=SmcService
DisplayName=Sygate Security Agent: Firewall
Manufacturer=Sygate Technologies
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Smc.600]
IssueType=Service
ServiceName=SmcService
DisplayName=Sygate Security Agent: Firewall
Manufacturer=Sygate Technologies
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Smc.600_64]
IssueType=Service
ServiceName=SmcService
DisplayName=Sygate Security Agent: Firewall
Manufacturer=Sygate Technologies
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Zapro.500]
IssueType=Service
ServiceName=vsmon
DisplayName=Zone Alarm TrueVector Internet Monitor
Manufacturer=Broderbund/Zone Labs,LLC
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Zapro.501]
IssueType=Service
ServiceName=vsmon
DisplayName=Zone Alarm TrueVector Internet Monitor
Manufacturer=Broderbund/Zone Labs,LLC
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Zapro.501_64]
IssueType=Service
ServiceName=vsmon
DisplayName=Zone Alarm TrueVector Internet Monitor
Manufacturer=Broderbund/Zone Labs,LLC
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Zapro.600]
IssueType=Service
ServiceName=vsmon
DisplayName=Zone Alarm TrueVector Internet Monitor
Manufacturer=Broderbund/Zone Labs,LLC
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Zapro.600_64]
IssueType=Service
ServiceName=vsmon
DisplayName=Zone Alarm TrueVector Internet Monitor
Manufacturer=Broderbund/Zone Labs,LLC
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Ccapp.500]
IssueType=Service
ServiceName=Symantec Core LC
DisplayName=Symantec Core LC: Firewall
Manufacturer=Symantec
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Ccapp.501]
IssueType=Service
ServiceName=Symantec Core LC
DisplayName=Symantec Core LC: Firewall
Manufacturer=Symantec
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Ccapp.501_64]
IssueType=Service
ServiceName=Symantec Core LC
DisplayName=Symantec Core LC: Firewall
Manufacturer=Symantec
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Ccapp.600]
IssueType=Service
ServiceName=Symantec Core LC
DisplayName=Symantec Core LC: Firewall
Manufacturer=Symantec
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.Ccapp.600_64]
IssueType=Service
ServiceName=Symantec Core LC
DisplayName=Symantec Core LC: Firewall
Manufacturer=Symantec
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.BlackIce.500]
IssueType=Service
ServiceName=BlackICE
DisplayName=BlackICE: Firewall
Manufacturer=Internet Security Systems
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.BlackIce.501]
IssueType=Service
ServiceName=BlackICE
DisplayName=BlackICE: Firewall
Manufacturer=Internet Security Systems
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.BlackIce.501_64]
IssueType=Service
ServiceName=BlackICE
DisplayName=BlackICE: Firewall
Manufacturer=Internet Security Systems
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.BlackIce.600]
IssueType=Service
ServiceName=BlackICE
DisplayName=BlackICE: Firewall
Manufacturer=Internet Security Systems
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.BlackIce.600_64]
IssueType=Service
ServiceName=BlackICE
DisplayName=BlackICE: Firewall
Manufacturer=Internet Security Systems
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.MpfAgent.500]
IssueType=Service
ServiceName=MpfService
DisplayName=McAfee Personal Firewall Service
Manufacturer=McAfee Security
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.MpfAgent.501]
IssueType=Service
ServiceName=MpfService
DisplayName=McAfee Personal Firewall Service
Manufacturer=McAfee Security
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.MpfAgent.501_64]
IssueType=Service
ServiceName=MpfService
DisplayName=McAfee Personal Firewall Service
Manufacturer=McAfee Security
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.MpfAgent.600]
IssueType=Service
ServiceName=MpfService
DisplayName=McAfee Personal Firewall Service
Manufacturer=McAfee Security
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.MpfAgent.600_64]
IssueType=Service
ServiceName=MpfService
DisplayName=McAfee Personal Firewall Service
Manufacturer=McAfee Security
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.ccEvtMgr.500]
IssueType=Service
ServiceName=ccEvtMgr
DisplayName=Symantec Event Manager: Firewall
Manufacturer=Symantec
Action=NoFix
Condition=Running
SpecialText=Shield.Firewalls.Text
[Shield.ccEvtMgr.501]
IssueType=Service
ServiceName=ccEvtMgr
DisplayName=Symantec Event Manager: Firewall
Manufacturer=Symantec
Action=NoFix

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Kakvo je sada stanje?

Ako je sve ok, uradi sledeæe:

Deinstalacija ComboFix-a:
Klikni START a zatim RUN.

U liniju za unos teksta ukucaj (iskopiraj) sledeæe:

Combofix /u



a zatim klikni OK.

Saèekaj da se proces deinstalacije završi.



To bi onda bilo sve.

offline
  • Pridružio: 15 Sep 2008
  • Poruke: 74

Ok je sada sve...mogu uæi i u C i u D disk.

Hvala Vam puno! Wink

Ko je trenutno na forumu
 

Ukupno su 1285 korisnika na forumu :: 32 registrovanih, 4 sakrivenih i 1249 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 9k38, amaterSRB, antonije64, bojank, bojcistv, bokisha253, CikaKURE, dekir, Dimitrije Paunovic, DonRumataEstorski, drimer, Excalibur13, Georgius, gorval, janbo, JimmyNapoli, Kibice, Kubovac, kuntalo, Lazarus, Leonov, milenko crazy north, milutin134, novator, sasa87, Skywhaler, Srky Boy, stegonosa, Toper, Trpe Grozni, vasa.93, vathra