Actualización problemática de IExplorer/Windows (CERRADO)
Actualización problemática de IExplorer/Windows (CERRADO)
Hace uno o dos meses tuve problemas con un virus que no se iba de mi ordenador. Por fin logré acabar con él y poco después, cuando mi ordenador ya iba bien, tal como me aconsejaron, actualicé tanto el sistema operativo como Internet Explorer. A partir de entonces a pesar de que ahora uso Opera el ordenador va mucho más lento y tarda más en arrancar. Mi ordenador no puede albergar demasiada información y al parecer el tener actualizado Windows e Internet Explorer es demasiado para la capacidad de mi ordenador. He intentado volver a la situación original pero después de cada intento de restauración del sistema no me deja. Tenéis algún consejo para intentar solucionar el problema? Mi ordenador va mucho más lento que antes a pesar de que ya no tengo virus. La información de mi equipo es la siguiente: Windows XP SP2, InterCeleron, 40 GB, 495 MB RAM,1400 MHg,1.40GHz.
Re: Actualización problemática de IExplorer/Windows
Mira haz una cosa primero , descargate este programa que te indico para ver si realmente no tienes virus
http://www.zonavirus.com/descargas/sproces.asp
Nos pegas el log que te dejara en C llamado sproclog.txt. Lo miramos y asi vemos si no hay virus , que tienes en el inicio y todos esos pequeños datos que parece que no pero son importantes. Saludos.
Nos pegas el log que te dejara en C llamado sproclog.txt. Lo miramos y asi vemos si no hay virus , que tienes en el inicio y todos esos pequeños datos que parece que no pero son importantes. Saludos.
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
Y te faltan muchos parches si tienes el "Windows XP SP2" ..., lanza un windowsupdate, que el SP3 aparte de parchear mas de 1000 vulnerabilidades, acelera un 10 % el sistema.
Y como que no nos dices el virus que eliminaste, por si hubieran quedado restos en el registro, antes del SPROCES, lanza el ELISTARA, Y LUEGO EL OTRO, Y NOS POSTEAS LOS INFORMES RESULTANTES DE LOS DOS, GRACIAS:
y si en el informe no detecta nada ni pide el envio de ninguna muestra sospechosas para analizar, lanza el SPROCES y posteanos el informe resultante:
SPROCES (herramienta de investigación)
http://www.zonavirus.com/descargas/sproces.asp
Tras lanzarlo, pulsar en SALIR y con un copiar y pegar, nos posteas el contenido del C:\sproclog.txt en tu proximo post, como respuesta de este Tema
saludos
ms, 27-1-2011
Y como que no nos dices el virus que eliminaste, por si hubieran quedado restos en el registro, antes del SPROCES, lanza el ELISTARA, Y LUEGO EL OTRO, Y NOS POSTEAS LOS INFORMES RESULTANTES DE LOS DOS, GRACIAS:
[quote][b]ELISTARA:[/b] http://www.zonavirus.com/descargas/elistara.asp
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso[/quote]
y si en el informe no detecta nada ni pide el envio de ninguna muestra sospechosas para analizar, lanza el SPROCES y posteanos el informe resultante:
SPROCES (herramienta de investigación)
Tras lanzarlo, pulsar en SALIR y con un copiar y pegar, nos posteas el contenido del C:\sproclog.txt en tu proximo post, como respuesta de este Tema
saludos
ms, 27-1-2011
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Actualización problemática de IExplorer/Windows
Muchas gracias por tus consejos. He hecho lo que me decías: he actualizado Windows XP a Pack3 y he lanzado Elistara primero y luego Sproces. He visto que el Elistara me ha detectado 21 amenazas (o virus) que ha eliminado. Los virus que tuve en noviembre-diciembre fueron bastantes, pero no recuerdo sus nombres. Sé que tenía muchos troyanos. Bueno, aquí están los resultados:
(29-1-2011 12:23:41 (GMT))
EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(29-1-2011 12:50:47 (GMT))
EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179111.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179117.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179120.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179216.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179267.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179272.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179274.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179325.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179390.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179396.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179399.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179436.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179499.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179505.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179508.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179553.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179620.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179626.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179629.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP514\A0183556.DLL --> Eliminado, CrawlerToolbar(bho/tb)
C:\WINDOWS\NIRCMD.EXE --> Eliminado, Tool-NirCmd
Nº Total de Directorios: 6121
Nº Total de Ficheros: 97699
Nº de Ficheros Analizados: 44238
Nº de Ficheros Infectados: 21
Nº de Ficheros Limpiados: 21
(29-1-2011 13:51:46 GMT)
SProces v5.0 (c)2010 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Microsoft Windows XP (v5.1.2600) Service Pack 3
Parche MS08-067 (Servicio Servidor) Instalado.
Internet Explorer: (v8.0.6001.18702) 0
Nombre Equipo: YOUR-G5GMB6N1SD
Nombre Usuario: A-50a
Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM\ORBITDOWNLOADER\ORBITDM.EXE
C:\PROGRAM\ORBITDOWNLOADER\ORBITNET.EXE
C:\PROGRAM\OPERA\OPERA.EXE
C:\DOWNLOADS\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program\Orbitdownloader\GrabPro.dll
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"
O4 - HKCU\..\RunOnce: [TSClientAXDisabler] cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TouchED] C:\Program\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [SmoothView] C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe
O4 - HKLM\..\Run: [PSUNMain] "C:\Program\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Panda Security Toolbar Antiphishing] "C:\Documents and Settings\All Users\Application Data\Panda Security Toolbar Antiphishing\panda2_0dn.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_2] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmnetmgr.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_3] C:\WINDOWS\system32\regsvr32 /s /u "C:\WINDOWS\system32\wmv8dmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_4] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_5] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvdmoe2.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_6] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmadmoe.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_7] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmspdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_8] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmspdmoe.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_9] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmoe.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_10] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmoe2.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_20] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmadmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_21] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mpg4dmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_22] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mp43dmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_23] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mp4sdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_24] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_30] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\laprxy.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_31] "C:\WINDOWS\system32\logagent.exe" /RegServer
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_32] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvcore.dll"
O4 - HKLM\..\RunOnce: [KB923561] rundll32.exe apphelp.dll,ShimFlushCache
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
O4 - Startup: Orbit.lnk = C:\Program\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -http://www.bitdefender.es/scan_es/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1291742229038
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_20) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) -http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msencarta - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL
O18 - Protocol: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\msero.dll
O18 - Protocol: msref - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DIMSNTFY - %SYSTEMROOT%\SYSTEM32\DIMSNTFY.DLL
O20 - Winlogon Notify: IGFXCUI - IGFXSRVC.DLL
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - %SystemRoot%\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll
Información Adicional:
----------------------
WinSys\Drivers\ati2mtag.sys (de 701440 bytes) () ATI Technologies Inc.
WinSys\Drivers\dmboot.sys (de 800000 bytes) () Microsoft Corporation, Veritas Software
WinSys\Drivers\hsfcxts2.sys (de 685056 bytes) () Conexant Systems, Inc.
WinSys\Drivers\LTSM.sys (de 809872 bytes) () LT
WinSys\Drivers\mod7700.sys (de 621056 bytes) () DiBcom SA
WinSys\Drivers\mrxsmb.sys (de 456576 bytes) () Microsoft Corporation
WinSys\Drivers\mtxparhm.sys (de 452736 bytes) () Matrox Graphics Inc.
WinSys\Drivers\ntfs.sys (de 574976 bytes) () Microsoft Corporation
WinSys\Drivers\slntamr.sys (de 404990 bytes) () Smart Link
WinSys\Drivers\sptd.sys (de 685816 bytes) () Duplex Secure Ltd.
WinSys\Drivers\w70n51.sys (de 979840 bytes) () Intel® Corporation
WinSys\Drivers\wdf01000.sys (de 492000 bytes) () Microsoft Corporation
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DCSHost.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program\Java\jre6\bin\jqs.exe" -service -config "C:\Program\Java\jre6\lib\deploy\jqs\jqs.con (file missing)
O23 - Service: AEGIS Protocol (IEEE 802.1x) v2.2.1.0 (MDC8021X) - Meetinghouse Data Communications - C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: TOSHIBA Network Device Usermode I/O Protocol (Netdevio) - TOSHIBA Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\netdevio.sys
O23 - Service: PSINAflt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINAflt.sys
O23 - Service: PSINFile - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINFile.sys
O23 - Service: PSINProc - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProc.sys
O23 - Service: PSINProt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProt.sys
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: WLAN Transport (s24trans) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s24trans.sys
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Alps Pointing-device Filter Driver (ApfiltrService) - Alps Electric Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys
O23 - Service: cpudrv - Unknown owner - C:\Program\SystemRequirementsLab\cpudrv.sys
**O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corporation, Veritas Software - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Intel(R) PRO Adapter Driver (E100B) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys
O23 - Service: Huawei DataCard USB Modem and USB Serial (hwdatacard) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbmdm.sys
O23 - Service: Huawei DataCard USB Fake (hwusbfake) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbfake.sys
O23 - Service: ialm - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys
O23 - Service: kwwalpgr - Unknown owner - C:\DOCUME~1\A-50a\LOKALA~1\Temp\kwwalpgr.sys (file missing)
O23 - Service: Logitech SetPoint KMDF HID Filter Driver (LHidFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys
O23 - Service: Logitech SetPoint KMDF Mouse Filter Driver (LMouFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys
O23 - Service: Logitech SetPoint KMDF USB Filter (LUsbFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\Drivers\LUsbFilt.Sys
O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Nokia - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys
O23 - Service: VSO Software pcouffin (pcouffin) - VSO Software - C:\WINDOWS\SYSTEM32\Drivers\pcouffin.sys
O23 - Service: Direct Parallel Link Driver (Ptilink) - Parallel Technologies, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys
O23 - Service: ServiceLayer - Nokia - C:\Program\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony USB Filter Driver (SONYPVU1) (SONYPVU1) - Sony Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS
O23 - Service: Audio Driver (WDM) - SigmaTel CODEC (STAC97) - SigmaTel, Inc. - C:\WINDOWS\SYSTEM32\drivers\stac97.sys
O23 - Service: Handelsbanken card reader (Tdsshbecr) - Todos Data System AB - C:\WINDOWS\SYSTEM32\DRIVERS\shbecr.sys
O23 - Service: TOSHIBA Software Modem (TOSHIBASoftModem) - LT - C:\WINDOWS\SYSTEM32\DRIVERS\LTSM.sys
O23 - Service: UnlockerDriver4 Driver (UnlockerDriver4) - Unknown owner - C:\Program\Unlocker\UnlockerDriver4.sys
O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2200-adapter (w22n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w22n51.sys
O23 - Service: Controlador de la Conexión de red Intel(R) PRO/Wireless 2200BG para Windows XP (w29n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w29n51.sys
O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2100-adapter (w70n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w70n51.sys
O23 - Service: Intel(R) Graphics Platform (SoftBIOS) Driver ({6080A529-897E-4629-A488-ABA0C29B635E}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmsbw.sys
O23 - Service: Intel(R) Graphics Chipset (KCH) Driver ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmkchw.sys
O23 - Service: AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011 ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\wA301a.sys
Listado de Servicios (Deshabilitados):
--------------------------------------
**O23 - Service: dmboot - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmboot.sys
**O23 - Service: dmio - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmio.sys
**O23 - Service: dmload - Microsoft Corp., Veritas Software. - C:\WINDOWS\SYSTEM32\drivers\dmload.sys
O23 - Service: dwshd - Unknown owner - C:\WINDOWS\System32\drivers\dwshd.sys (file missing)
O23 - Service: sptd - Duplex Secure Ltd. - C:\WINDOWS\SYSTEM32\Drivers\sptd.sys
45 Servicios.
14 de Carga Automatica.
26 de Carga Manual.
5 Deshabilitados.
(29-1-2011 12:23:41 (GMT))
EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(29-1-2011 12:50:47 (GMT))
EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179111.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179117.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179120.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179216.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179267.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179272.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179274.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179325.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179390.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179396.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179399.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179436.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179499.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179505.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179508.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179553.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179620.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179626.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179629.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP514\A0183556.DLL --> Eliminado, CrawlerToolbar(bho/tb)
C:\WINDOWS\NIRCMD.EXE --> Eliminado, Tool-NirCmd
Nº Total de Directorios: 6121
Nº Total de Ficheros: 97699
Nº de Ficheros Analizados: 44238
Nº de Ficheros Infectados: 21
Nº de Ficheros Limpiados: 21
(29-1-2011 13:51:46 GMT)
SProces v5.0 (c)2010 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Microsoft Windows XP (v5.1.2600) Service Pack 3
Parche MS08-067 (Servicio Servidor) Instalado.
Internet Explorer: (v8.0.6001.18702) 0
Nombre Equipo: YOUR-G5GMB6N1SD
Nombre Usuario: A-50a
Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM\ORBITDOWNLOADER\ORBITDM.EXE
C:\PROGRAM\ORBITDOWNLOADER\ORBITNET.EXE
C:\PROGRAM\OPERA\OPERA.EXE
C:\DOWNLOADS\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program\Orbitdownloader\GrabPro.dll
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"
O4 - HKCU\..\RunOnce: [TSClientAXDisabler] cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TouchED] C:\Program\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [SmoothView] C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe
O4 - HKLM\..\Run: [PSUNMain] "C:\Program\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Panda Security Toolbar Antiphishing] "C:\Documents and Settings\All Users\Application Data\Panda Security Toolbar Antiphishing\panda2_0dn.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_2] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmnetmgr.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_3] C:\WINDOWS\system32\regsvr32 /s /u "C:\WINDOWS\system32\wmv8dmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_4] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_5] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvdmoe2.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_6] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmadmoe.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_7] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmspdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_8] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmspdmoe.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_9] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmoe.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_10] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmoe2.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_20] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmadmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_21] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mpg4dmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_22] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mp43dmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_23] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mp4sdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_24] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_30] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\laprxy.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_31] "C:\WINDOWS\system32\logagent.exe" /RegServer
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_32] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvcore.dll"
O4 - HKLM\..\RunOnce: [KB923561] rundll32.exe apphelp.dll,ShimFlushCache
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
O4 - Startup: Orbit.lnk = C:\Program\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_20) -
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) -
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msencarta - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL
O18 - Protocol: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\msero.dll
O18 - Protocol: msref - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DIMSNTFY - %SYSTEMROOT%\SYSTEM32\DIMSNTFY.DLL
O20 - Winlogon Notify: IGFXCUI - IGFXSRVC.DLL
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - %SystemRoot%\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll
Información Adicional:
----------------------
WinSys\Drivers\ati2mtag.sys (de 701440 bytes) () ATI Technologies Inc.
WinSys\Drivers\dmboot.sys (de 800000 bytes) () Microsoft Corporation, Veritas Software
WinSys\Drivers\hsfcxts2.sys (de 685056 bytes) () Conexant Systems, Inc.
WinSys\Drivers\LTSM.sys (de 809872 bytes) () LT
WinSys\Drivers\mod7700.sys (de 621056 bytes) () DiBcom SA
WinSys\Drivers\mrxsmb.sys (de 456576 bytes) () Microsoft Corporation
WinSys\Drivers\mtxparhm.sys (de 452736 bytes) () Matrox Graphics Inc.
WinSys\Drivers\ntfs.sys (de 574976 bytes) () Microsoft Corporation
WinSys\Drivers\slntamr.sys (de 404990 bytes) () Smart Link
WinSys\Drivers\sptd.sys (de 685816 bytes) () Duplex Secure Ltd.
WinSys\Drivers\w70n51.sys (de 979840 bytes) () Intel® Corporation
WinSys\Drivers\wdf01000.sys (de 492000 bytes) () Microsoft Corporation
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DCSHost.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program\Java\jre6\bin\jqs.exe" -service -config "C:\Program\Java\jre6\lib\deploy\jqs\jqs.con (file missing)
O23 - Service: AEGIS Protocol (IEEE 802.1x) v2.2.1.0 (MDC8021X) - Meetinghouse Data Communications - C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: TOSHIBA Network Device Usermode I/O Protocol (Netdevio) - TOSHIBA Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\netdevio.sys
O23 - Service: PSINAflt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINAflt.sys
O23 - Service: PSINFile - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINFile.sys
O23 - Service: PSINProc - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProc.sys
O23 - Service: PSINProt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProt.sys
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: WLAN Transport (s24trans) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s24trans.sys
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Alps Pointing-device Filter Driver (ApfiltrService) - Alps Electric Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys
O23 - Service: cpudrv - Unknown owner - C:\Program\SystemRequirementsLab\cpudrv.sys
**O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corporation, Veritas Software - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Intel(R) PRO Adapter Driver (E100B) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys
O23 - Service: Huawei DataCard USB Modem and USB Serial (hwdatacard) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbmdm.sys
O23 - Service: Huawei DataCard USB Fake (hwusbfake) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbfake.sys
O23 - Service: ialm - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys
O23 - Service: kwwalpgr - Unknown owner - C:\DOCUME~1\A-50a\LOKALA~1\Temp\kwwalpgr.sys (file missing)
O23 - Service: Logitech SetPoint KMDF HID Filter Driver (LHidFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys
O23 - Service: Logitech SetPoint KMDF Mouse Filter Driver (LMouFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys
O23 - Service: Logitech SetPoint KMDF USB Filter (LUsbFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\Drivers\LUsbFilt.Sys
O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Nokia - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys
O23 - Service: VSO Software pcouffin (pcouffin) - VSO Software - C:\WINDOWS\SYSTEM32\Drivers\pcouffin.sys
O23 - Service: Direct Parallel Link Driver (Ptilink) - Parallel Technologies, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys
O23 - Service: ServiceLayer - Nokia - C:\Program\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony USB Filter Driver (SONYPVU1) (SONYPVU1) - Sony Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS
O23 - Service: Audio Driver (WDM) - SigmaTel CODEC (STAC97) - SigmaTel, Inc. - C:\WINDOWS\SYSTEM32\drivers\stac97.sys
O23 - Service: Handelsbanken card reader (Tdsshbecr) - Todos Data System AB - C:\WINDOWS\SYSTEM32\DRIVERS\shbecr.sys
O23 - Service: TOSHIBA Software Modem (TOSHIBASoftModem) - LT - C:\WINDOWS\SYSTEM32\DRIVERS\LTSM.sys
O23 - Service: UnlockerDriver4 Driver (UnlockerDriver4) - Unknown owner - C:\Program\Unlocker\UnlockerDriver4.sys
O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2200-adapter (w22n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w22n51.sys
O23 - Service: Controlador de la Conexión de red Intel(R) PRO/Wireless 2200BG para Windows XP (w29n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w29n51.sys
O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2100-adapter (w70n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w70n51.sys
O23 - Service: Intel(R) Graphics Platform (SoftBIOS) Driver ({6080A529-897E-4629-A488-ABA0C29B635E}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmsbw.sys
O23 - Service: Intel(R) Graphics Chipset (KCH) Driver ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmkchw.sys
O23 - Service: AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011 ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\wA301a.sys
Listado de Servicios (Deshabilitados):
--------------------------------------
**O23 - Service: dmboot - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmboot.sys
**O23 - Service: dmio - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmio.sys
**O23 - Service: dmload - Microsoft Corp., Veritas Software. - C:\WINDOWS\SYSTEM32\drivers\dmload.sys
O23 - Service: dwshd - Unknown owner - C:\WINDOWS\System32\drivers\dwshd.sys (file missing)
O23 - Service: sptd - Duplex Secure Ltd. - C:\WINDOWS\SYSTEM32\Drivers\sptd.sys
45 Servicios.
14 de Carga Automatica.
26 de Carga Manual.
5 Deshabilitados.
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
El ELISTARA ya ha eliminado los malwares conocidos, aunque estuvieran aparcados en el RESTORE. y ahora solo vemos claves que lanzan estos tres ficheros sospechosos:
apphelp.dll
C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys
envianoslos para analizar y tras ello informaremos del resultado
>[b]ENVIO DE MUESTRAS Y ELIMINACIÓN DE CLAVES - Para ello recordar[/b] :
https://foros.zonavirus.com/viewtopic.php?f=5&t=14253
Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos
saludos
ms, 29-1-2011
apphelp.dll
C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys
envianoslos para analizar y tras ello informaremos del resultado
>
Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos
saludos
ms, 29-1-2011
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
Recibidas las muestras solicitadas, no han resultado ser maliciosas, asi que puedes dejarlas estar y ver si tras reiniciar persiste alguna anomalia o ya se ha solucionado el problema, y nos informas al respecto, gracias
saludos
ms, 31-1-2011
saludos
ms, 31-1-2011
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Actualización problemática de IExplorer/Windows
El ordenador va parece algo mejor pero bastante más lento que antes de la actualización. No sé si se debe a la actualización o a otros motivos. He intentado quitar algunos programas y limpio regularmente el ordenador con Ccleaner o con Advanced System Care, pero va aun así lento y sobre todo tarda mucho más que antes en arrancar.
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
Pues aparte de virus, cabe indicar estas entradas anomalas:
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_2] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmnetmgr.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_3] C:\WINDOWS\system32\regsvr32 /s /u "C:\WINDOWS\system32\wmv8dmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_4] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_5] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvdmoe2.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_6] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmadmoe.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_7] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmspdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_8] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmspdmoe.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_9] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmoe.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_10] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmoe2.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_20] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmadmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_21] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mpg4dmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_22] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mp43dmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_23] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mp4sdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_24] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_30] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\laprxy.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_31] "C:\WINDOWS\system32\logagent.exe" /RegServer
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_32] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvcore.dll"
O4 - HKLM\..\RunOnce: [KB923561] rundll32.exe apphelp.dll,ShimFlushCache
parece como si estuviera a medias una instalacion del parche KB923561 (http://www.google.es/url?sa=t&source=web&cd=2&ved=0CCUQFjAB&url=http%3A%2F%2Fsupport.microsoft.com%2Fkb%2F923561&ei=fsBJTbjcFY648gPXl6XdDg&usg=AFQjCNGbpJsxbqjw9d6cMz5exYpvjb-K7Q )
Sugiero ver si en Panel de Control -> Agregar o quitar programas, aparece dicha instalacion y en tal caso, desinstalarla y volverla a instalar, pues no está bien instalada (aunque no se trate de virus)
Por lo demas todo lo vemos ya normal.
saludos
ms, 2-2-2011
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_2] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmnetmgr.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_3] C:\WINDOWS\system32\regsvr32 /s /u "C:\WINDOWS\system32\wmv8dmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_4] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_5] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvdmoe2.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_6] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmadmoe.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_7] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmspdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_8] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmspdmoe.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_9] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmoe.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_10] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmoe2.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_20] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmadmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_21] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mpg4dmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_22] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mp43dmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_23] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\mp4sdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_24] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmsdmod.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_30] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\laprxy.dll"
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_31] "C:\WINDOWS\system32\logagent.exe" /RegServer
O4 - HKLM\..\RunOnce: [OE_WMPWMFSDK_Install_32] C:\WINDOWS\system32\regsvr32 /s "C:\WINDOWS\system32\wmvcore.dll"
O4 - HKLM\..\RunOnce: [KB923561] rundll32.exe apphelp.dll,ShimFlushCache
parece como si estuviera a medias una instalacion del parche KB923561 (
Sugiero ver si en Panel de Control -> Agregar o quitar programas, aparece dicha instalacion y en tal caso, desinstalarla y volverla a instalar, pues no está bien instalada (aunque no se trate de virus)
Por lo demas todo lo vemos ya normal.
saludos
ms, 2-2-2011
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Actualización problemática de IExplorer/Windows
En agregar o quitar programas del panel de control no aparece la actualización KB923561. ¿La instalo pese a todo? ¿O puede que esté a medias instalada en mi ordenador aunque no aparezca en el panel de control?
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
Parece como si la instalacion estuviera a medias.
SI no la ves instalada, prueba de instalarla, como dices, y tras reiniciar dinos si persiste alguna anomalia, gracias
saludos
ms, 5-2-2011
SI no la ves instalada, prueba de instalarla, como dices, y tras reiniciar dinos si persiste alguna anomalia, gracias
saludos
ms, 5-2-2011
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Actualización problemática de IExplorer/Windows
La verdad es que no noto ningún cambio significativo después de haber instalado (o reinstalado) la actualización KB923561. El ordenador sigue lento y tarda en arrancar más que antes, hace un par de meses. ES cierto que va algo mejor que en las semanas previas que iba fatal pero esto tal vez se deba simplemente a que tengo una conexión más rápida a internet. No sé si se puede hacer algo más o me tenga quizás que resignar a que el ordenador va más lento que antes.
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
Debería ir tan rápido como antes o incluso mas, pues el SP3 acelera como en un 10 % la velocidad de proceso.
Lanza ahora el SPROCES y posteanos el informe resultante actual, a ver si queda algo que podamos mejorar.
saludos
ms, 5-2-2011
Lanza ahora el SPROCES y posteanos el informe resultante actual, a ver si queda algo que podamos mejorar.
saludos
ms, 5-2-2011
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Actualización problemática de IExplorer/Windows
He lanzado el SProces y el resultado ha sido este:
(7-2-2011 18:32:29 GMT)
SProces v5.0 (c)2010 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Microsoft Windows XP (v5.1.2600) Service Pack 3
Parche MS08-067 (Servicio Servidor) Instalado.
Internet Explorer: (v8.0.6001.18702) 0
Nombre Equipo: YOUR-G5GMB6N1SD
Nombre Usuario: Administratör
Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM\OPERA\OPERA.EXE
C:\PROGRAM\ORBITDOWNLOADER\ORBITDM.EXE
C:\PROGRAM\ORBITDOWNLOADER\ORBITNET.EXE
C:\DOWNLOADS\SPROCES(1).EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Uninstall_CToolbar] "C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\CUninst.exe" "/remove"
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TouchED] C:\Program\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [SmoothView] C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe
O4 - HKLM\..\Run: [PSUNMain] "C:\Program\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe"
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
O4 - Startup: Orbit.lnk = C:\Program\Orbitdownloader\orbitdm.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -http://www.bitdefender.es/scan_es/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1291742229038
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_20) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) -http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msencarta - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL
O18 - Protocol: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\msero.dll
O18 - Protocol: msref - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DIMSNTFY - %SYSTEMROOT%\SYSTEM32\DIMSNTFY.DLL
O20 - Winlogon Notify: IGFXCUI - IGFXSRVC.DLL
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - %SystemRoot%\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll
Información Adicional:
----------------------
WinSys\Drivers\ati2mtag.sys (de 701440 bytes) () ATI Technologies Inc.
WinSys\Drivers\dmboot.sys (de 800000 bytes) () Microsoft Corporation, Veritas Software
WinSys\Drivers\hsfcxts2.sys (de 685056 bytes) () Conexant Systems, Inc.
WinSys\Drivers\LTSM.sys (de 809872 bytes) () LT
WinSys\Drivers\mod7700.sys (de 621056 bytes) () DiBcom SA
WinSys\Drivers\mrxsmb.sys (de 456576 bytes) () Microsoft Corporation
WinSys\Drivers\mtxparhm.sys (de 452736 bytes) () Matrox Graphics Inc.
WinSys\Drivers\ntfs.sys (de 574976 bytes) () Microsoft Corporation
WinSys\Drivers\slntamr.sys (de 404990 bytes) () Smart Link
WinSys\Drivers\sptd.sys (de 685816 bytes) () Duplex Secure Ltd.
WinSys\Drivers\w70n51.sys (de 979840 bytes) () Intel® Corporation
WinSys\Drivers\wdf01000.sys (de 492000 bytes) () Microsoft Corporation
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DCSHost.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program\Java\jre6\bin\jqs.exe" -service -config "C:\Program\Java\jre6\lib\deploy\jqs\jqs.con (file missing)
O23 - Service: AEGIS Protocol (IEEE 802.1x) v2.2.1.0 (MDC8021X) - Meetinghouse Data Communications - C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: TOSHIBA Network Device Usermode I/O Protocol (Netdevio) - TOSHIBA Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\netdevio.sys
O23 - Service: PSINAflt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINAflt.sys
O23 - Service: PSINFile - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINFile.sys
O23 - Service: PSINProc - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProc.sys
O23 - Service: PSINProt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProt.sys
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: WLAN Transport (s24trans) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s24trans.sys
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Alps Pointing-device Filter Driver (ApfiltrService) - Alps Electric Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys
O23 - Service: cpudrv - Unknown owner - C:\Program\SystemRequirementsLab\cpudrv.sys
**O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corporation, Veritas Software - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Intel(R) PRO Adapter Driver (E100B) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys
O23 - Service: Huawei DataCard USB Modem and USB Serial (hwdatacard) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbmdm.sys
O23 - Service: Huawei DataCard USB Fake (hwusbfake) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbfake.sys
O23 - Service: ialm - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys
O23 - Service: kwwalpgr - Unknown owner - C:\DOCUME~1\A-50a\LOKALA~1\Temp\kwwalpgr.sys (file missing)
O23 - Service: Logitech SetPoint KMDF HID Filter Driver (LHidFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys
O23 - Service: Logitech SetPoint KMDF Mouse Filter Driver (LMouFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys
O23 - Service: Logitech SetPoint KMDF USB Filter (LUsbFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\Drivers\LUsbFilt.Sys
O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Nokia - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys
O23 - Service: VSO Software pcouffin (pcouffin) - VSO Software - C:\WINDOWS\SYSTEM32\Drivers\pcouffin.sys
O23 - Service: Direct Parallel Link Driver (Ptilink) - Parallel Technologies, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys
O23 - Service: ServiceLayer - Nokia - C:\Program\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony USB Filter Driver (SONYPVU1) (SONYPVU1) - Sony Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS
O23 - Service: Audio Driver (WDM) - SigmaTel CODEC (STAC97) - SigmaTel, Inc. - C:\WINDOWS\SYSTEM32\drivers\stac97.sys
O23 - Service: Handelsbanken card reader (Tdsshbecr) - Todos Data System AB - C:\WINDOWS\SYSTEM32\DRIVERS\shbecr.sys
O23 - Service: TOSHIBA Software Modem (TOSHIBASoftModem) - LT - C:\WINDOWS\SYSTEM32\DRIVERS\LTSM.sys
O23 - Service: UnlockerDriver4 Driver (UnlockerDriver4) - Unknown owner - C:\Program\Unlocker\UnlockerDriver4.sys
O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2200-adapter (w22n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w22n51.sys
O23 - Service: Controlador de la Conexión de red Intel(R) PRO/Wireless 2200BG para Windows XP (w29n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w29n51.sys
O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2100-adapter (w70n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w70n51.sys
O23 - Service: Intel(R) Graphics Platform (SoftBIOS) Driver ({6080A529-897E-4629-A488-ABA0C29B635E}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmsbw.sys
O23 - Service: Intel(R) Graphics Chipset (KCH) Driver ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmkchw.sys
O23 - Service: AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011 ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\wA301a.sys
Listado de Servicios (Deshabilitados):
--------------------------------------
**O23 - Service: dmboot - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmboot.sys
**O23 - Service: dmio - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmio.sys
**O23 - Service: dmload - Microsoft Corp., Veritas Software. - C:\WINDOWS\SYSTEM32\drivers\dmload.sys
O23 - Service: dwshd - Unknown owner - C:\WINDOWS\System32\drivers\dwshd.sys (file missing)
O23 - Service: sptd - Duplex Secure Ltd. - C:\WINDOWS\SYSTEM32\Drivers\sptd.sys
45 Servicios.
14 de Carga Automatica.
26 de Carga Manual.
5 Deshabilitados.
(7-2-2011 18:32:29 GMT)
SProces v5.0 (c)2010 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Microsoft Windows XP (v5.1.2600) Service Pack 3
Parche MS08-067 (Servicio Servidor) Instalado.
Internet Explorer: (v8.0.6001.18702) 0
Nombre Equipo: YOUR-G5GMB6N1SD
Nombre Usuario: Administratör
Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM\OPERA\OPERA.EXE
C:\PROGRAM\ORBITDOWNLOADER\ORBITDM.EXE
C:\PROGRAM\ORBITDOWNLOADER\ORBITNET.EXE
C:\DOWNLOADS\SPROCES(1).EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Uninstall_CToolbar] "C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\CUninst.exe" "/remove"
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TouchED] C:\Program\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [SmoothView] C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe
O4 - HKLM\..\Run: [PSUNMain] "C:\Program\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe"
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
O4 - Startup: Orbit.lnk = C:\Program\Orbitdownloader\orbitdm.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_20) -
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) -
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msencarta - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL
O18 - Protocol: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\msero.dll
O18 - Protocol: msref - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DIMSNTFY - %SYSTEMROOT%\SYSTEM32\DIMSNTFY.DLL
O20 - Winlogon Notify: IGFXCUI - IGFXSRVC.DLL
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - %SystemRoot%\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll
Información Adicional:
----------------------
WinSys\Drivers\ati2mtag.sys (de 701440 bytes) () ATI Technologies Inc.
WinSys\Drivers\dmboot.sys (de 800000 bytes) () Microsoft Corporation, Veritas Software
WinSys\Drivers\hsfcxts2.sys (de 685056 bytes) () Conexant Systems, Inc.
WinSys\Drivers\LTSM.sys (de 809872 bytes) () LT
WinSys\Drivers\mod7700.sys (de 621056 bytes) () DiBcom SA
WinSys\Drivers\mrxsmb.sys (de 456576 bytes) () Microsoft Corporation
WinSys\Drivers\mtxparhm.sys (de 452736 bytes) () Matrox Graphics Inc.
WinSys\Drivers\ntfs.sys (de 574976 bytes) () Microsoft Corporation
WinSys\Drivers\slntamr.sys (de 404990 bytes) () Smart Link
WinSys\Drivers\sptd.sys (de 685816 bytes) () Duplex Secure Ltd.
WinSys\Drivers\w70n51.sys (de 979840 bytes) () Intel® Corporation
WinSys\Drivers\wdf01000.sys (de 492000 bytes) () Microsoft Corporation
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DCSHost.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program\Java\jre6\bin\jqs.exe" -service -config "C:\Program\Java\jre6\lib\deploy\jqs\jqs.con (file missing)
O23 - Service: AEGIS Protocol (IEEE 802.1x) v2.2.1.0 (MDC8021X) - Meetinghouse Data Communications - C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: TOSHIBA Network Device Usermode I/O Protocol (Netdevio) - TOSHIBA Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\netdevio.sys
O23 - Service: PSINAflt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINAflt.sys
O23 - Service: PSINFile - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINFile.sys
O23 - Service: PSINProc - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProc.sys
O23 - Service: PSINProt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProt.sys
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: WLAN Transport (s24trans) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s24trans.sys
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Alps Pointing-device Filter Driver (ApfiltrService) - Alps Electric Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys
O23 - Service: cpudrv - Unknown owner - C:\Program\SystemRequirementsLab\cpudrv.sys
**O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corporation, Veritas Software - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Intel(R) PRO Adapter Driver (E100B) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys
O23 - Service: Huawei DataCard USB Modem and USB Serial (hwdatacard) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbmdm.sys
O23 - Service: Huawei DataCard USB Fake (hwusbfake) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbfake.sys
O23 - Service: ialm - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys
O23 - Service: kwwalpgr - Unknown owner - C:\DOCUME~1\A-50a\LOKALA~1\Temp\kwwalpgr.sys (file missing)
O23 - Service: Logitech SetPoint KMDF HID Filter Driver (LHidFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys
O23 - Service: Logitech SetPoint KMDF Mouse Filter Driver (LMouFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys
O23 - Service: Logitech SetPoint KMDF USB Filter (LUsbFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\Drivers\LUsbFilt.Sys
O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Nokia - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys
O23 - Service: VSO Software pcouffin (pcouffin) - VSO Software - C:\WINDOWS\SYSTEM32\Drivers\pcouffin.sys
O23 - Service: Direct Parallel Link Driver (Ptilink) - Parallel Technologies, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys
O23 - Service: ServiceLayer - Nokia - C:\Program\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony USB Filter Driver (SONYPVU1) (SONYPVU1) - Sony Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS
O23 - Service: Audio Driver (WDM) - SigmaTel CODEC (STAC97) - SigmaTel, Inc. - C:\WINDOWS\SYSTEM32\drivers\stac97.sys
O23 - Service: Handelsbanken card reader (Tdsshbecr) - Todos Data System AB - C:\WINDOWS\SYSTEM32\DRIVERS\shbecr.sys
O23 - Service: TOSHIBA Software Modem (TOSHIBASoftModem) - LT - C:\WINDOWS\SYSTEM32\DRIVERS\LTSM.sys
O23 - Service: UnlockerDriver4 Driver (UnlockerDriver4) - Unknown owner - C:\Program\Unlocker\UnlockerDriver4.sys
O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2200-adapter (w22n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w22n51.sys
O23 - Service: Controlador de la Conexión de red Intel(R) PRO/Wireless 2200BG para Windows XP (w29n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w29n51.sys
O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2100-adapter (w70n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w70n51.sys
O23 - Service: Intel(R) Graphics Platform (SoftBIOS) Driver ({6080A529-897E-4629-A488-ABA0C29B635E}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmsbw.sys
O23 - Service: Intel(R) Graphics Chipset (KCH) Driver ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmkchw.sys
O23 - Service: AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011 ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\wA301a.sys
Listado de Servicios (Deshabilitados):
--------------------------------------
**O23 - Service: dmboot - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmboot.sys
**O23 - Service: dmio - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmio.sys
**O23 - Service: dmload - Microsoft Corp., Veritas Software. - C:\WINDOWS\SYSTEM32\drivers\dmload.sys
O23 - Service: dwshd - Unknown owner - C:\WINDOWS\System32\drivers\dwshd.sys (file missing)
O23 - Service: sptd - Duplex Secure Ltd. - C:\WINDOWS\SYSTEM32\Drivers\sptd.sys
45 Servicios.
14 de Carga Automatica.
26 de Carga Manual.
5 Deshabilitados.
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
pues puedes enviarnos estos ficheros para analizar:
C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\CUninst.exe
C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys
No los conocemos, en ningun sentido, los analizaremos e informaremos
Dinos igualmente si los conoces y han sido instalados voluntariamente, gracias
saludos
ms, 8-2-2011
C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\CUninst.exe
C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys
No los conocemos, en ningun sentido, los analizaremos e informaremos
Dinos igualmente si los conoces y han sido instalados voluntariamente, gracias
saludos
ms, 8-2-2011
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Actualización problemática de IExplorer/Windows
Los archivos C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
y
C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys
ya os los mandé hace unos días y me dijisteis que no había problema. Me parece que son archivos para internet móvil que usé hace unos meses. El otro archivo que me decíais acabo de enviarlo.
y
C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys
ya os los mandé hace unos días y me dijisteis que no había problema. Me parece que son archivos para internet móvil que usé hace unos meses. El otro archivo que me decíais acabo de enviarlo.
Re: Actualización problemática de IExplorer/Windows
Pues hoy te lo analizaran y te diran algo al respecto. Estate atento al post, saludos.
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
Pues el fichero recibido es la desinstalacion del Crawler Toolbar, puede ejecutarlo a ver si asi elimina el dichoso Crawler o eliminarlo si ya lo ha hecho.
y, tras reiniciar, nos informas del resultado, gracias
saludos
ms, 11-202-2011
y, tras reiniciar, nos informas del resultado, gracias
saludos
ms, 11-202-2011
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Actualización problemática de IExplorer/Windows
Hola,
Después de un año sigue el ordenador lento, mucho más lento que antes. Pero en las últimas semanas he observado alguna cosa rara y he sospechado que podía tener algún virus. He lanzado el Elistar y después el Sproces y os adjunto los dos informes que recibí. Creeis que ahora está todo bien?
Un saludo y gracias por adelantado. A continuación tenéis los dos informes:
(29-1-2011 12:23:41 (GMT))
EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(29-1-2011 12:50:47 (GMT))
EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179111.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179117.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179120.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179216.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179267.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179272.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179274.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179325.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179390.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179396.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179399.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179436.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179499.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179505.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179508.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179553.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179620.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179626.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179629.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP514\A0183556.DLL --> Eliminado, CrawlerToolbar(bho/tb)
C:\WINDOWS\NIRCMD.EXE --> Eliminado, Tool-NirCmd
Nº Total de Directorios: 6121
Nº Total de Ficheros: 97699
Nº de Ficheros Analizados: 44238
Nº de Ficheros Infectados: 21
Nº de Ficheros Limpiados: 21
(26-3-2011 11:53:54 (GMT))
EliStartPage v22.89 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 25 de Marzo del 2011)
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Restaurado "Userinit"
[Userinit anterior] = "c:\windows\system32\userinit.exe,"
[Userinit actual] = "C:\WINDOWS\SYSTEM32\Userinit.exe,"
Por favor, envienos el INFOSAT.TXT y una muestra del fichero
C:\Muestras\PANDA_URL_FILTERING.EXE.Muestra EliStartPage v22.89
a "virus@satinfo.es ". Gracias.
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\PANDA SECURITY URL FILTERING\PANDA_URL_FILTERING.EXE --> Eliminado
Entrada Eliminada [HKLM\...\Run] "PANDA SECURITY URL FILTERING"=""C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe""
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(26-3-2011 12:10:41 (GMT))
EliStartPage v22.89 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 25 de Marzo del 2011)
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP545\A0217009.EXE --> Eliminado, Tool-NirCmd
Nº Total de Directorios: 5975
Nº Total de Ficheros: 76030
Nº de Ficheros Analizados: 26988
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
(25-2-2012 15:16:47 (GMT))
EliStartPage v24.96 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 24 de Febrero del 2012)
--------------------------------------------------
Usuario: A-50a
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(25-2-2012 15:16:57 (GMT))
EliStartPage v24.96 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 24 de Febrero del 2012)
--------------------------------------------------
Usuario: Administratör
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(25-2-2012 15:17:13 (GMT))
EliStartPage v24.96 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 24 de Febrero del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(25-2-2012 15:32:15 (GMT))
EliStartPage v24.96 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 24 de Febrero del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 4952
Nº Total de Ficheros: 59806
Nº de Ficheros Analizados: 21577
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
(25-2-2012 15:45:05 GMT)
SProces v5.9 (c)2011 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Microsoft Windows XP (v5.1.2600) Service Pack 3
Parche MS08-067 (Servicio Servidor) Instalado.
Internet Explorer: (v8.0.6001.18702) 0
Equipo: YOUR-G5GMB6N1SD
Usuario: Administratör
Sesión de Usuario: Administratör
17 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM\FOXMAIL\FOXMAIL.EXE
C:\PROGRAM\OPERA\OPERA.EXE
C:\PROGRAM\ORBITDOWNLOADER\ORBITDM.EXE
C:\PROGRAM\ORBITDOWNLOADER\ORBITNET.EXE
C:\PROGRAM\WINRAR\WINRAR.EXE
C:\DOCUME~1\ADMINI~1\LOKALA~1\TEMP\RAR$EX00.841\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKUS\S-1-5-21-3133523642-25887482-1457699603-1006\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'A-50a')
R0 - HKUS\S-1-5-21-3133523642-25887482-1457699603-1006\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'A-50a')
R0 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'Gäst')
R0 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'Gäst')
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Uninstall_CToolbar] "C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\CUninst.exe" "/remove"
O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-1006\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe (User 'A-50a')
O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'A-50a')
O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Gäst')
O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe (User 'Gäst')
O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\..\Run: [swg] "C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Gäst')
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TouchED] C:\Program\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [SmoothView] C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe
O4 - HKLM\..\Run: [PSUNMain] "C:\Program\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Program\Orbitdownloader\orbitdm.exe /H
O8 - Extra context menu item: &Download by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/201 (User 'A-50a')
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/204 (User 'A-50a')
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/203 (User 'A-50a')
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/202 (User 'A-50a')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -http://www.bitdefender.es/scan_es/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1291742229038
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_20) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) -http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msencarta - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL
O18 - Protocol: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\msero.dll
O18 - Protocol: msref - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DIMSNTFY - %SYSTEMROOT%\SYSTEM32\DIMSNTFY.DLL
O20 - Winlogon Notify: IGFXCUI - IGFXSRVC.DLL
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - %SystemRoot%\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll
Información Adicional:
----------------------
WinSys\Drivers\ati2mtag.sys (de 701440 bytes) () ATI Technologies Inc.
WinSys\Drivers\dmboot.sys (de 800000 bytes) () Microsoft Corporation, Veritas Software
WinSys\Drivers\hsfcxts2.sys (de 685056 bytes) () Conexant Systems, Inc.
WinSys\Drivers\LTSM.sys (de 809872 bytes) () LT
WinSys\Drivers\mod7700.sys (de 621056 bytes) () DiBcom SA
WinSys\Drivers\mrxsmb.sys (de 456576 bytes) () Microsoft Corporation
WinSys\Drivers\mtxparhm.sys (de 452736 bytes) () Matrox Graphics Inc.
WinSys\Drivers\ntfs.sys (de 574976 bytes) () Microsoft Corporation
WinSys\Drivers\slntamr.sys (de 404990 bytes) () Smart Link
WinSys\Drivers\sptd.sys (de 685816 bytes) () Duplex Secure Ltd.
WinSys\Drivers\w70n51.sys (de 979840 bytes) () Intel® Corporation
WinSys\Drivers\wdf01000.sys (de 492000 bytes) () Microsoft Corporation
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DCSHost.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program\Java\jre6\bin\jqs.exe" -service -config "C:\Program\Java\jre6\lib\deploy\jqs\jqs.con (file missing)
O23 - Service: AEGIS Protocol (IEEE 802.1x) v2.2.1.0 (MDC8021X) - Meetinghouse Data Communications - C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: TOSHIBA Network Device Usermode I/O Protocol (Netdevio) - TOSHIBA Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\netdevio.sys
O23 - Service: PSINAflt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINAflt.sys
O23 - Service: PSINFile - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINFile.sys
O23 - Service: PSINProc - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProc.sys
O23 - Service: PSINProt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProt.sys
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: WLAN Transport (s24trans) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s24trans.sys
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Alps Pointing-device Filter Driver (ApfiltrService) - Alps Electric Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys
O23 - Service: cpudrv - Unknown owner - C:\Program\SystemRequirementsLab\cpudrv.sys
**O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corporation, Veritas Software - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Intel(R) PRO Adapter Driver (E100B) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys
O23 - Service: Huawei DataCard USB Modem and USB Serial (hwdatacard) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbmdm.sys
O23 - Service: Huawei DataCard USB Fake (hwusbfake) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbfake.sys
O23 - Service: ialm - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys
O23 - Service: kwwalpgr - Unknown owner - C:\DOCUME~1\A-50a\LOKALA~1\Temp\kwwalpgr.sys (file missing)
O23 - Service: Logitech SetPoint KMDF HID Filter Driver (LHidFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys
O23 - Service: Logitech SetPoint KMDF Mouse Filter Driver (LMouFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys
O23 - Service: Logitech SetPoint KMDF USB Filter (LUsbFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\Drivers\LUsbFilt.Sys
O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Nokia - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys
O23 - Service: VSO Software pcouffin (pcouffin) - VSO Software - C:\WINDOWS\SYSTEM32\Drivers\pcouffin.sys
O23 - Service: Direct Parallel Link Driver (Ptilink) - Parallel Technologies, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys
O23 - Service: ServiceLayer - Nokia - C:\Program\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: USB PC Camera (SN9C102) (snpstd) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\snpstd.sys
O23 - Service: Sony USB Filter Driver (SONYPVU1) (SONYPVU1) - Sony Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS
O23 - Service: Audio Driver (WDM) - SigmaTel CODEC (STAC97) - SigmaTel, Inc. - C:\WINDOWS\SYSTEM32\drivers\stac97.sys
O23 - Service: Handelsbanken card reader (Tdsshbecr) - Todos Data System AB - C:\WINDOWS\SYSTEM32\DRIVERS\shbecr.sys
O23 - Service: TOSHIBA Software Modem (TOSHIBASoftModem) - LT - C:\WINDOWS\SYSTEM32\DRIVERS\LTSM.sys
O23 - Service: UnlockerDriver4 Driver (UnlockerDriver4) - Unknown owner - C:\Program\Unlocker\UnlockerDriver4.sys
O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2200-adapter (w22n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w22n51.sys
O23 - Service: Controlador de la Conexión de red Intel(R) PRO/Wireless 2200BG para Windows XP (w29n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w29n51.sys
O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2100-adapter (w70n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w70n51.sys
O23 - Service: Intel(R) Graphics Platform (SoftBIOS) Driver ({6080A529-897E-4629-A488-ABA0C29B635E}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmsbw.sys
O23 - Service: Intel(R) Graphics Chipset (KCH) Driver ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmkchw.sys
O23 - Service: AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011 ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\wA301a.sys
Listado de Servicios (Deshabilitados):
--------------------------------------
**O23 - Service: dmboot - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmboot.sys
**O23 - Service: dmio - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmio.sys
**O23 - Service: dmload - Microsoft Corp., Veritas Software. - C:\WINDOWS\SYSTEM32\drivers\dmload.sys
O23 - Service: dwshd - Unknown owner - C:\WINDOWS\System32\drivers\dwshd.sys (file missing)
O23 - Service: sptd - Duplex Secure Ltd. - C:\WINDOWS\SYSTEM32\Drivers\sptd.sys
46 Servicios.
14 de Carga Automatica.
27 de Carga Manual.
5 Deshabilitados.
Después de un año sigue el ordenador lento, mucho más lento que antes. Pero en las últimas semanas he observado alguna cosa rara y he sospechado que podía tener algún virus. He lanzado el Elistar y después el Sproces y os adjunto los dos informes que recibí. Creeis que ahora está todo bien?
Un saludo y gracias por adelantado. A continuación tenéis los dos informes:
(29-1-2011 12:23:41 (GMT))
EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(29-1-2011 12:50:47 (GMT))
EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179111.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179117.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\Fifoed\A0179120.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179216.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179267.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179272.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179274.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179325.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179390.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179396.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179399.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179436.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179499.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179505.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179508.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP505\A0179553.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179620.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179626.PIF --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP506\A0179629.EXE --> Eliminado, Tool-NirCmd
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP514\A0183556.DLL --> Eliminado, CrawlerToolbar(bho/tb)
C:\WINDOWS\NIRCMD.EXE --> Eliminado, Tool-NirCmd
Nº Total de Directorios: 6121
Nº Total de Ficheros: 97699
Nº de Ficheros Analizados: 44238
Nº de Ficheros Infectados: 21
Nº de Ficheros Limpiados: 21
(26-3-2011 11:53:54 (GMT))
EliStartPage v22.89 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 25 de Marzo del 2011)
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Restaurado "Userinit"
[Userinit anterior] = "c:\windows\system32\userinit.exe,"
[Userinit actual] = "C:\WINDOWS\SYSTEM32\Userinit.exe,"
Por favor, envienos el INFOSAT.TXT y una muestra del fichero
C:\Muestras\PANDA_URL_FILTERING.EXE.Muestra EliStartPage v22.89
a "
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\PANDA SECURITY URL FILTERING\PANDA_URL_FILTERING.EXE --> Eliminado
Entrada Eliminada [HKLM\...\Run] "PANDA SECURITY URL FILTERING"=""C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe""
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(26-3-2011 12:10:41 (GMT))
EliStartPage v22.89 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 25 de Marzo del 2011)
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\System Volume Information\_restore{2B3EED6B-301D-4E17-A6B5-D6587705CB41}\RP545\A0217009.EXE --> Eliminado, Tool-NirCmd
Nº Total de Directorios: 5975
Nº Total de Ficheros: 76030
Nº de Ficheros Analizados: 26988
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
(25-2-2012 15:16:47 (GMT))
EliStartPage v24.96 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 24 de Febrero del 2012)
--------------------------------------------------
Usuario: A-50a
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(25-2-2012 15:16:57 (GMT))
EliStartPage v24.96 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 24 de Febrero del 2012)
--------------------------------------------------
Usuario: Administratör
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(25-2-2012 15:17:13 (GMT))
EliStartPage v24.96 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 24 de Febrero del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(25-2-2012 15:32:15 (GMT))
EliStartPage v24.96 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 24 de Febrero del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 4952
Nº Total de Ficheros: 59806
Nº de Ficheros Analizados: 21577
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
(25-2-2012 15:45:05 GMT)
SProces v5.9 (c)2011 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Microsoft Windows XP (v5.1.2600) Service Pack 3
Parche MS08-067 (Servicio Servidor) Instalado.
Internet Explorer: (v8.0.6001.18702) 0
Equipo: YOUR-G5GMB6N1SD
Usuario: Administratör
Sesión de Usuario: Administratör
17 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM\FOXMAIL\FOXMAIL.EXE
C:\PROGRAM\OPERA\OPERA.EXE
C:\PROGRAM\ORBITDOWNLOADER\ORBITDM.EXE
C:\PROGRAM\ORBITDOWNLOADER\ORBITNET.EXE
C:\PROGRAM\WINRAR\WINRAR.EXE
C:\DOCUME~1\ADMINI~1\LOKALA~1\TEMP\RAR$EX00.841\SPROCES.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKUS\S-1-5-21-3133523642-25887482-1457699603-1006\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'A-50a')
R0 - HKUS\S-1-5-21-3133523642-25887482-1457699603-1006\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'Gäst')
R0 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\Software\Microsoft\Internet Explorer\Main,Search Page =
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Uninstall_CToolbar] "C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\CUninst.exe" "/remove"
O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-1006\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe (User 'A-50a')
O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'A-50a')
O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Gäst')
O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe (User 'Gäst')
O4 - HKUS\S-1-5-21-3133523642-25887482-1457699603-501\..\Run: [swg] "C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Gäst')
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TouchED] C:\Program\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [SmoothView] C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe
O4 - HKLM\..\Run: [PSUNMain] "C:\Program\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Program\Orbitdownloader\orbitdm.exe /H
O8 - Extra context menu item: &Download by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/201 (User 'A-50a')
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/204 (User 'A-50a')
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/203 (User 'A-50a')
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program\Orbitdownloader\orbitmxt.dll/202 (User 'A-50a')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\WSHBTH.DLL
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_20) -
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) -
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msencarta - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL
O18 - Protocol: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\msero.dll
O18 - Protocol: msref - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program\Delade filer\Microsoft Shared\Reference 2001\MSREF.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DIMSNTFY - %SYSTEMROOT%\SYSTEM32\DIMSNTFY.DLL
O20 - Winlogon Notify: IGFXCUI - IGFXSRVC.DLL
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - %SystemRoot%\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll
Información Adicional:
----------------------
WinSys\Drivers\ati2mtag.sys (de 701440 bytes) () ATI Technologies Inc.
WinSys\Drivers\dmboot.sys (de 800000 bytes) () Microsoft Corporation, Veritas Software
WinSys\Drivers\hsfcxts2.sys (de 685056 bytes) () Conexant Systems, Inc.
WinSys\Drivers\LTSM.sys (de 809872 bytes) () LT
WinSys\Drivers\mod7700.sys (de 621056 bytes) () DiBcom SA
WinSys\Drivers\mrxsmb.sys (de 456576 bytes) () Microsoft Corporation
WinSys\Drivers\mtxparhm.sys (de 452736 bytes) () Matrox Graphics Inc.
WinSys\Drivers\ntfs.sys (de 574976 bytes) () Microsoft Corporation
WinSys\Drivers\slntamr.sys (de 404990 bytes) () Smart Link
WinSys\Drivers\sptd.sys (de 685816 bytes) () Duplex Secure Ltd.
WinSys\Drivers\w70n51.sys (de 979840 bytes) () Intel® Corporation
WinSys\Drivers\wdf01000.sys (de 492000 bytes) () Microsoft Corporation
Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DCSHost.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program\Java\jre6\bin\jqs.exe" -service -config "C:\Program\Java\jre6\lib\deploy\jqs\jqs.con (file missing)
O23 - Service: AEGIS Protocol (IEEE 802.1x) v2.2.1.0 (MDC8021X) - Meetinghouse Data Communications - C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: TOSHIBA Network Device Usermode I/O Protocol (Netdevio) - TOSHIBA Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\netdevio.sys
O23 - Service: PSINAflt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINAflt.sys
O23 - Service: PSINFile - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINFile.sys
O23 - Service: PSINProc - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProc.sys
O23 - Service: PSINProt - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSINProt.sys
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: WLAN Transport (s24trans) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s24trans.sys
Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Alps Pointing-device Filter Driver (ApfiltrService) - Alps Electric Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys
O23 - Service: cpudrv - Unknown owner - C:\Program\SystemRequirementsLab\cpudrv.sys
**O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corporation, Veritas Software - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Intel(R) PRO Adapter Driver (E100B) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys
O23 - Service: Huawei DataCard USB Modem and USB Serial (hwdatacard) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbmdm.sys
O23 - Service: Huawei DataCard USB Fake (hwusbfake) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ewusbfake.sys
O23 - Service: ialm - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys
O23 - Service: kwwalpgr - Unknown owner - C:\DOCUME~1\A-50a\LOKALA~1\Temp\kwwalpgr.sys (file missing)
O23 - Service: Logitech SetPoint KMDF HID Filter Driver (LHidFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys
O23 - Service: Logitech SetPoint KMDF Mouse Filter Driver (LMouFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys
O23 - Service: Logitech SetPoint KMDF USB Filter (LUsbFilt) - Logitech, Inc. - C:\WINDOWS\SYSTEM32\Drivers\LUsbFilt.Sys
O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Nokia - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys
O23 - Service: VSO Software pcouffin (pcouffin) - VSO Software - C:\WINDOWS\SYSTEM32\Drivers\pcouffin.sys
O23 - Service: Direct Parallel Link Driver (Ptilink) - Parallel Technologies, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys
O23 - Service: ServiceLayer - Nokia - C:\Program\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: USB PC Camera (SN9C102) (snpstd) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\snpstd.sys
O23 - Service: Sony USB Filter Driver (SONYPVU1) (SONYPVU1) - Sony Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS
O23 - Service: Audio Driver (WDM) - SigmaTel CODEC (STAC97) - SigmaTel, Inc. - C:\WINDOWS\SYSTEM32\drivers\stac97.sys
O23 - Service: Handelsbanken card reader (Tdsshbecr) - Todos Data System AB - C:\WINDOWS\SYSTEM32\DRIVERS\shbecr.sys
O23 - Service: TOSHIBA Software Modem (TOSHIBASoftModem) - LT - C:\WINDOWS\SYSTEM32\DRIVERS\LTSM.sys
O23 - Service: UnlockerDriver4 Driver (UnlockerDriver4) - Unknown owner - C:\Program\Unlocker\UnlockerDriver4.sys
O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2200-adapter (w22n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w22n51.sys
O23 - Service: Controlador de la Conexión de red Intel(R) PRO/Wireless 2200BG para Windows XP (w29n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w29n51.sys
O23 - Service: Drivrutin för Intel(R) PRO/trådlös 2100-adapter (w70n51) - Intel® Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\w70n51.sys
O23 - Service: Intel(R) Graphics Platform (SoftBIOS) Driver ({6080A529-897E-4629-A488-ABA0C29B635E}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmsbw.sys
O23 - Service: Intel(R) Graphics Chipset (KCH) Driver ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\ialmkchw.sys
O23 - Service: AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011 ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}) - Intel Corporation - C:\WINDOWS\SYSTEM32\drivers\wA301a.sys
Listado de Servicios (Deshabilitados):
--------------------------------------
**O23 - Service: dmboot - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmboot.sys
**O23 - Service: dmio - Microsoft Corporation, Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmio.sys
**O23 - Service: dmload - Microsoft Corp., Veritas Software. - C:\WINDOWS\SYSTEM32\drivers\dmload.sys
O23 - Service: dwshd - Unknown owner - C:\WINDOWS\System32\drivers\dwshd.sys (file missing)
O23 - Service: sptd - Duplex Secure Ltd. - C:\WINDOWS\SYSTEM32\Drivers\sptd.sys
46 Servicios.
14 de Carga Automatica.
27 de Carga Manual.
5 Deshabilitados.
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
Pues hay este fichero sospechoso:
C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
envienoslo para analizar:
Para ello recordar[/b] :
https://foros.zonavirus.com/viewtopic.php?f=5&t=14253
Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos
saludos
ms, 27-2-2012
C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
envienoslo para analizar:
Para ello recordar
Tras recibirlo/s, lo/s analizaremos e implementaremos su control y eliminación, si procede, en nuestras utilidades, de lo cual informaremos
saludos
ms, 27-2-2012
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
El fichero recibido ni queda residente ni modifica claves de registro, SOLO CREA UNA CARPETA de DATA CARD SERVICES y crea un log e instala un servicio...
Su descripcion es
[b][i]product..................: DCSHOST
internal name............: DCSHOST
copyright................: Copyright (C) 2008
original name............: DCSHOST.EXE
file version.............: 2, 0, 0, 18
description..............: DCSHOST[/i] [/b]
No se considera malicioso, a pesar de que hay esta deteccion por ByteHero:
[b][i]Trojan.Malware.Win32.xPack.m 20120225[/i] [/b]
Si no lo conoce ni es voluntario, eliminelo, pero no lo pasamos a controlar.
saludos
ms, 29-2-2012
Su descripcion es
internal name............: DCSHOST
copyright................: Copyright (C) 2008
original name............: DCSHOST.EXE
file version.............: 2, 0, 0, 18
description..............: DCSHOST
No se considera malicioso, a pesar de que hay esta deteccion por ByteHero:
Si no lo conoce ni es voluntario, eliminelo, pero no lo pasamos a controlar.
saludos
ms, 29-2-2012
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Actualización problemática de IExplorer/Windows
Muchas gracias por la ayuda. Aprovecho también para preguntaros una cosa: Debido a que mi ordenador va demasiado lento lo utilizo muy a menudo en línea "en modo seguro, o a prueba de fallos" (creo que se llama así). Ya que el nombre es "modo seguro" me sentía tranquilo protegido de virus en mis consultas en internet, pero después caí en la cuenta de que el antivirus y el cortafuegos están desactivados en esos casos. Hay entonces riesgo serio de coger virus? Es más seguro usar el ordenador con antivirus en modo normal?
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
El arrancar en MODO SEGURO es para que no se cargue mas que el sistema de windows, con lo que algunos de los malwares que se han instalado no se cargan en memoria y asi windows permite eliminarlos, y al no tener conexion a internet, claro que se evita la entrada de ellos, pero con que selecciones modo seguro con funciones de red, ya tiene acceso y puede recibir, e infectarse tanto o mas, al no tener el antivirus residente, como lo tendria arrancando en modo normal.
Y diganos si conoce el fichero de marras, y si no, tras eliminarlo, diganos si se ha solucionado el problem, gracias
saludos
ms, 29-2-2012
Y diganos si conoce el fichero de marras, y si no, tras eliminarlo, diganos si se ha solucionado el problem, gracias
saludos
ms, 29-2-2012
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Actualización problemática de IExplorer/Windows
El fichero DCSHOST.EXE creo que es de internet móvil que instalé hace año y medio, o sea que debe ser un falso positivo. Por eso no lo he eliminado. Saludos.
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
Pues por si se tratara de algun RootKit no visible, lance el MCAFEE ROOTKIT DETECTIVE y posteenos el informe resultante:
mcafee rootkit detective
http://download.nai.com/products/mcafee-avert/McafeeRootkitDetective.zip
saludos
ms, 3-3-2012
mcafee rootkit detective
saludos
ms, 3-3-2012
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Actualización problemática de IExplorer/Windows
El informe del Rootkit es este:
Object-Type: Registry-key
Object-Name: 000d180151f3ystem32\drivers\PSINProc.sys
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-value
Object-Name: 00128abb0565
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-value
Object-Name: 001370a5fc5c
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-key
Object-Name: 0D79C293C1ED61418462E24595C90D04HPORT\Parameters\Keys\000d180151f3
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden
Object-Type: Registry-key
Object-Name: 000d180151f3olSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-value
Object-Name: 00128abb0565
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-value
Object-Name: 001370a5fc5c
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-key
Object-Name: 0D79C293C1ED61418462E24595C90D04HPORT\Parameters\Keys\000d180151f3
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden
Object-Type: Registry-key
Object-Name: 0D79C293C1ED61418462E24595C90D04td\Cfg\0D79C293C1ED61418462E24595C90D04
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden
Object-Type: Registry-key
Object-Name: 000d180151f3olSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-value
Object-Name: 00128abb0565
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-value
Object-Name: 001370a5fc5c
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-key
Object-Name: 0D79C293C1ED61418462E24595C90D04HPORT\Parameters\Keys\000d180151f3
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden
Object-Type: Registry-value
Object-Name: {e9523f94-f971-422a-9ad5-578d5aea1969}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\ahead\NeroVision\Effects
Status: Registy value-data mismatch
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\ProxyStubClsid
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\ProxyStubClsid32
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\TypeLib
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\TypeLib
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\ProxyStubClsid
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\ProxyStubClsid32
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\TypeLib
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\TypeLib
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: 0OFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: 2d0a49a13cd865bc
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 64545cb3ccafc424
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 37121f3b17b4ceef
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 5ee681619865568e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 73859ebbe5faf090
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 07474156ec9947f2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 95e710f2ecdf2114
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a0d42d24d
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8ecab3918
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a83af09ccc
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8d28c8ace
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5aa85a9e21
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a2acf22d3
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5afdd07f4a
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a6ac274e5
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5ae8709f33
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a8caaf8d9
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a27c4a825
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a30ed5ae3
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5aedb96f49
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a3e9f1b2c
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5ab9e40001
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a8f2fab2e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a508432b2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a244d5f89
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a03e6d26d
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a13f7814f
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a790e6d04
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a1007083e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5afdaf9eb3
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a353d8f43
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a22464935
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 1e7c04d30016a059
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c5038989
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a83868a0b5
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8d58caf6e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a844b059a7
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c2e2bef9
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8d2046514
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a86aa07389
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c7b3ec08
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a86142b1ee
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a805ac5838
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8bf2ed774
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8295c9e16
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c307920d
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a81cac0b91
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8a721a774
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a83182a4ef
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8a4b04a07
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a861711260
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c86ea4ef
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8fba70e01
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8b17c1d4f
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 3bb7df5375b8c672
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c23465cad
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: b5de661fb0b1c58f
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c0787955b
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: f4122c45b8b6205b
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 6f0ba7eb4a0efa86
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-key
Object-Name: 0.mapARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: 2d0a49a13cd865bc
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 64545cb3ccafc424
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 37121f3b17b4ceef
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 5ee681619865568e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 73859ebbe5faf090
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 07474156ec9947f2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 95e710f2ecdf2114
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a0d42d24d
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8ecab3918
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a83af09ccc
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8d28c8ace
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5aa85a9e21
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a2acf22d3
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5afdd07f4a
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a6ac274e5
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5ae8709f33
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a8caaf8d9
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a27c4a825
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a30ed5ae3
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5aedb96f49
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a3e9f1b2c
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5ab9e40001
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a8f2fab2e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a508432b2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a244d5f89
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a03e6d26d
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a13f7814f
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a790e6d04
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a1007083e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5afdaf9eb3
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a353d8f43
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a22464935
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 1e7c04d30016a059
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c5038989
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a83868a0b5
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8d58caf6e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a844b059a7
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c2e2bef9
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8d2046514
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a86aa07389
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c7b3ec08
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a86142b1ee
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a805ac5838
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8bf2ed774
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8295c9e16
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c307920d
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a81cac0b91
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8a721a774
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a83182a4ef
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8a4b04a07
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a861711260
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c86ea4ef
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8fba70e01
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8b17c1d4f
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 3bb7df5375b8c672
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c23465cad
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: b5de661fb0b1c58f
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c0787955b
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: f4122c45b8b6205b
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 6f0ba7eb4a0efa86
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: 0OFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: 2d0a49a1a1046eaf
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 64545cb37c929674
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 37121f3bfa7ebc95
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 5ee68161f3be3a28
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 73859ebbe046fede
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 07474156ec9947f2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 3bb7df537a5d8bc8
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c5ca720b2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: b5de661f3f25942a
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c7866e944
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-key
Object-Name: 0.mapARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: 2d0a49a1a1046eaf
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 64545cb37c929674
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 37121f3bfa7ebc95
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 5ee68161f3be3a28
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 73859ebbe046fede
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 07474156ec9947f2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 3bb7df537a5d8bc8
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c5ca720b2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: b5de661f3f25942a
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c7866e944
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: Registrationrosoft\MediaPlayer\9.0
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: UDBVersion
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration
Status: Hidden
Object-Type: Registry-value
Object-Name: UDBRev
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration
Status: Hidden
Object-Type: Registry-value
Object-Name: ProductID
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\FilterShimDllExclusionList
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\FilterShimDllInclusionList
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\FilterShimExclusionList
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\FilterShimInclusionList
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D7E9C0B4-0E4D-46B4-BC46-1D0222F92C6F}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D7E9C0B4-0E4D-46B4-BC46-1D0222F92C6F}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D7E9C0B4-0E4D-46B4-BC46-1D0222F92C6F}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D7E9C0B4-0E4D-46B4-BC46-1D0222F92C6F}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{E5A8C40E-654B-44D4-ACBB-DBE6D3B3333B}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{E5A8C40E-654B-44D4-ACBB-DBE6D3B3333B}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{E5A8C40E-654B-44D4-ACBB-DBE6D3B3333B}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{E5A8C40E-654B-44D4-ACBB-DBE6D3B3333B}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{FB02E8EF-ACFE-4CC0-96DF-8B5C7098272C}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{FB02E8EF-ACFE-4CC0-96DF-8B5C7098272C}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{FB02E8EF-ACFE-4CC0-96DF-8B5C7098272C}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{FB02E8EF-ACFE-4CC0-96DF-8B5C7098272C}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Setup\Installed Versions
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: wmp.dll
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Setup\Installed Versions
Status: Hidden
Object-Type: Registry-value
Object-Name: wmploc.dll
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Setup\Installed Versions
Status: Hidden
Object-Type: Registry-value
Object-Name: wmplayer.exe
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Setup\Installed Versions
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: FMPLAYER.DLLrosoft\MediaPlayer\ShimDllExclusionList
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\FMPLAYER.DLL
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\FMPLAYER.DLL
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: HWAUDIO.DLLcrosoft\MediaPlayer\ShimDllExclusionList\FMPLAYER.DLL
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\HWAUDIO.DLL
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\HWAUDIO.DLL
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: XACTMP.DLLicrosoft\MediaPlayer\ShimDllExclusionList\HWAUDIO.DLL
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\XACTMP.DLL
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\XACTMP.DLL
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllInclusionList
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: ENC2002.EXEcrosoft\MediaPlayer\ShimExclusionList
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\ENC2002.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\ENC2002.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: EXCEL.EXEMicrosoft\MediaPlayer\ShimExclusionList\ENC2002.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\EXCEL.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\EXCEL.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: MPLAYER2.EXErosoft\MediaPlayer\ShimExclusionList\EXCEL.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NHL2003.EXEcrosoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NHL2003DEMO.EXEoft\MediaPlayer\ShimExclusionList\NHL2003.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: POWERPNT.EXErosoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: WINWORD.EXEcrosoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\WINWORD.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\WINWORD.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: AOLTRAY.EXEcrosoft\MediaPlayer\ShimExclusionList\WINWORD.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: FIREFOX.EXEcrosoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\FIREFOX.EXE
Status: Hidden
Object-Type: Registry-key
Object-Name: MSN6.EXE\Microsoft\MediaPlayer\ShimInclusionList\FIREFOX.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\MSN6.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\MSN6.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NETSCAPE.EXErosoft\MediaPlayer\ShimInclusionList\MSN6.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCAPE.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCAPE.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NETSCP.EXEicrosoft\MediaPlayer\ShimInclusionList\NETSCAPE.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCP.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCP.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NETSCP6.EXEcrosoft\MediaPlayer\ShimInclusionList\NETSCP.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCP6.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCP6.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: OPERA.EXEMicrosoft\MediaPlayer\ShimInclusionList\NETSCP6.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\OPERA.EXE
Status: Hidden
Object-Type: Registry-key
Object-Name: WAOL.EXE\Microsoft\MediaPlayer\ShimInclusionList\OPERA.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\WAOL.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\WAOL.EXE
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NonSourceFiltersft\MediaPlayer\SmartPlaylist
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\NonSourceFilters
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\NonSourceFilters
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: {BC5E21B0-504C-46F6-82BF-FB975C911AD6}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\NonSourceFilters
Status: Hidden
Object-Type: Registry-key
Object-Name: SourceFiltersosoft\MediaPlayer\SmartPlaylist\NonSourceFilters
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\SourceFilters
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\SourceFilters
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: {4202947A-A563-4B05-A754-A1B4B5989849}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\SourceFilters
Status: Hidden
Object-Type: Registry-value
Object-Name: {B2D9BDDC-8E49-444B-9BA4-193ABF9C7870}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\SourceFilters
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: {0890F930-4F80-4646-BAB1-4B6E5571FB89}ns
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}
Status: Hidden
Object-Type: Registry-key
Object-Name: {171B4B25-2DD9-4b0b-912A-1AFAE79369B8}ns\{0890F930-4F80-4646-BAB1-4B6E5571FB89}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}
Status: Hidden
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}
Status: Hidden
Object-Type: Registry-key
Object-Name: {1F32514F-1561-4922-A604-8A1F478B5A42}ns\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}
Status: Hidden
Object-Type: Registry-key
Object-Name: {292AE934-4F49-40bb-9E7E-6F6398ED9C31}ns\{1F32514F-1561-4922-A604-8A1F478B5A42}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}
Status: Hidden
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}
Status: Hidden
Object-Type: Registry-key
Object-Name: {52903d79-f993-4de6-8317-20c9c176d823}ns\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}
Status: Hidden
Object-Type: Registry-key
Object-Name: {59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}ns\{52903d79-f993-4de6-8317-20c9c176d823}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}
Status: Hidden
Object-Type: Registry-key
Object-Name: {5DF031B7-6A37-42D9-8802-E27F4F224332}ns\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}
Status: Hidden
Object-Type: Registry-key
Object-Name: {5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}ns\{5DF031B7-6A37-42D9-8802-E27F4F224332}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}
Status: Hidden
Object-Type: Registry-key
Object-Name: {7F2B1D6B-1357-402C-A1C8-67E59583B41D}ns\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}
Status: Hidden
Object-Type: Registry-key
Object-Name: {93075F62-16B3-43EC-A53B-FFAD0E01D5E7}ns\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}
Status: Hidden
Object-Type: Registry-key
Object-Name: {9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}ns\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}
Status: Hidden
Object-Type: Registry-key
Object-Name: {976ABECA-93F7-4d81-9187-2A6137829675}ns\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}
Status: Hidden
Object-Type: Registry-key
Object-Name: {99DB05E3-F81E-4C8A-A252-F396306AB6FE}ns\{976ABECA-93F7-4d81-9187-2A6137829675}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}
Status: Hidden
Object-Type: Registry-key
Object-Name: {9F9562EB-15B6-46C6-A7CB-0A66FC65130E}ns\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}
Status: Hidden
Object-Type: Registry-key
Object-Name: {9FA014E3-076F-4865-A73C-117131B8E292}ns\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}
Status: Hidden
Object-Type: Registry-key
Object-Name: {D5E49195-ED19-40fb-9EE0-E6625A808B77}ns\{9FA014E3-076F-4865-A73C-117131B8E292}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}
Status: Hidden
Object-Type: Registry-key
Object-Name: {E641D09E-E500-4c09-8260-F1CD7B902E9C}ns\{D5E49195-ED19-40fb-9EE0-E6625A808B77}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}
Status: Hidden
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}
Status: Hidden
Object-Type: Registry-key
Object-Name: {F24A1BC2-2331-4B91-8A13-5A549DA56E9D}ns\{E641D09E-E500-4c09-8260-F1CD7B902E9C}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}
Status: Hidden
Object-Type: Registry-key
Object-Name: {FD981763-B6BB-4d51-9143-6D372A0ED56F}ns\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}
Status: Hidden
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Hidden
Object-Type: Registry-value
Object-Name: ComponentGUID
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Hidden
Object-Type: Registry-value
Object-Name: Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Hidden
Object-Type: Registry-value
Object-Name: Sub-Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionInfName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionCatalogName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Hidden
Object-Type: Registry-value
Object-Name: ComponentGUID
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Hidden
Object-Type: Registry-value
Object-Name: Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Hidden
Object-Type: Registry-value
Object-Name: Sub-Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionInfName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionCatalogName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Hidden
Object-Type: Registry-value
Object-Name: ComponentGUID
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Hidden
Object-Type: Registry-value
Object-Name: Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Hidden
Object-Type: Registry-value
Object-Name: Sub-Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionInfName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionCatalogName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Hidden
Object-Type: Registry-value
Object-Name: ComponentGUID
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Hidden
Object-Type: Registry-value
Object-Name: Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Hidden
Object-Type: Registry-value
Object-Name: Sub-Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionInfName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionCatalogName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: SanDiskIM
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList
Status: Hidden
Object-Type: Registry-value
Object-Name: SanDiskIMb
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList
Status: Hidden
Object-Type: Registry-value
Object-Name: Lexmark
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\WMDMCESP
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: ProgID
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\WMDMCESP
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Toshiba\Power Saver\Policies
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: MachinePolicies
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Toshiba\Power Saver\Policies
Status: Hidden
Object-Type: Registry-value
Object-Name: UserPolicies
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Toshiba\Power Saver\Policies
Status: Hidden
Object-Type: Registry-value
Object-Name: ProcessorPolicies
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Toshiba\Power Saver\Policies
Status: Hidden
Object-Type: Process
Object-Name: Rootkit_Detecti
Pid: 1084
Object-Path: C:\DOCUME~1\A-50a\LOKALA~1\Temp\Rar$EX00.430\Rootkit_Detective.exe
Status: Visible
Object-Type: Process
Object-Name: ServiceLayer.ex
Pid: 3472
Object-Path: C:\Program\PC Connectivity Solution\ServiceLayer.exe
Status: Visible
Object-Type: File/Folder
Object-Name: History.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\History.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: csrss.exe
Pid: 900
Object-Path: C:\WINDOWS\system32\csrss.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1520
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: FixCamera.exe
Pid: 2760
Object-Path: C:\WINDOWS\FixCamera.exe
Status: Visible
Object-Type: Process
Object-Name: winlogon.exe
Pid: 932
Object-Path: C:\WINDOWS\system32\winlogon.exe
Status: Visible
Object-Type: Process
Object-Name: explorer.exe
Pid: 716
Object-Path: C:\WINDOWS\Explorer.EXE
Status: Visible
Object-Type: Process
Object-Name: TOSCDSPD.exe
Pid: 2948
Object-Path: C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe
Status: Visible
Object-Type: Process
Object-Name: NclRSSrv.exe
Pid: 3972
Object-Path: C:\Program\PC Connectivity Solution\Transports\NclRSSrv.exe
Status: Visible
Object-Type: Process
Object-Name: System
Pid: 4
Object-Path:
Status: Visible
Object-Type: File/Folder
Object-Name: Cache.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Cache.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: MsPMSPSv.exe
Pid: 656
Object-Path: C:\WINDOWS\system32\MsPMSPSv.exe
Status: Visible
Object-Type: Process
Object-Name: TPSBattM.exe
Pid: 2516
Object-Path: C:\WINDOWS\system32\TPSBattM.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Personal.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Personal.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: Programs.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Programs.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: svchost.exe
Pid: 1184
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: ApntEx.exe
Pid: 3416
Object-Path: C:\Program\Apoint2K\Apntex.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Music.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Music.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: PrintHood.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\PrintHood.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: StartUp.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\StartUp.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: S24EvMon.exe
Pid: 1372
Object-Path: C:\WINDOWS\System32\S24EvMon.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 628
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Profiles.Folder.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: PSANHost.exe
Pid: 164
Object-Path: C:\Program\Panda Security\Panda Cloud Antivirus\PSANHost.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Desktop.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Desktop.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: VikPev00
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\VikPev00
Status: Hidden
Object-Type: Process
Object-Name: RegSrvc.exe
Pid: 320
Object-Path: C:\WINDOWS\System32\RegSrvc.exe
Status: Visible
Object-Type: File/Folder
Object-Name: AppData.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\AppData.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: LocalAppData.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\LocalAppData.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: svchost.exe
Pid: 1592
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: scardsvr.exe
Pid: 1840
Object-Path: C:\WINDOWS\System32\SCardSvr.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1252
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: vsnpstd.exe
Pid: 2864
Object-Path: C:\WINDOWS\vsnpstd.exe
Status: Visible
Object-Type: File/Folder
Object-Name: SetPath.bat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\SetPath.bat
Status: Hidden
Object-Type: Process
Object-Name: CFSvcs.exe
Pid: 1936
Object-Path: C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe
Status: Visible
Object-Type: Process
Object-Name: stacmon.exe
Pid: 1564
Object-Path: C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe
Status: Visible
Object-Type: Process
Object-Name: rundll32.exe
Pid: 4044
Object-Path: C:\WINDOWS\system32\rundll32.exe
Status: Visible
Object-Type: Process
Object-Name: 00THotkey.exe
Pid: 2432
Object-Path: C:\WINDOWS\system32\00THotkey.exe
Status: Visible
Object-Type: Process
Object-Name: wscntfy.exe
Pid: 820
Object-Path: C:\WINDOWS\system32\wscntfy.exe
Status: Visible
Object-Type: Process
Object-Name: smss.exe
Pid: 852
Object-Path: C:\WINDOWS\System32\smss.exe
Status: Visible
Object-Type: Process
Object-Name: services.exe
Pid: 976
Object-Path: C:\WINDOWS\system32\services.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Pictures.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Pictures.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: StartMenu.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\StartMenu.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: Foxmail.exe
Pid: 3612
Object-Path: C:\Program\Foxmail\Foxmail.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Cookies.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Cookies.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: wuauclt.exe
Pid: 1412
Object-Path: C:\WINDOWS\system32\wuauclt.exe
Status: Visible
Object-Type: Process
Object-Name: orbitnet.exe
Pid: 4016
Object-Path: C:\Program\Orbitdownloader\orbitnet.exe
Status: Visible
Object-Type: Process
Object-Name: alg.exe
Pid: 1568
Object-Path: C:\WINDOWS\System32\alg.exe
Status: Visible
Object-Type: File/Folder
Object-Name: BackEnv
Pid: n/a
Object-Path: C:\Qoobox\BackEnv
Status: Hidden
Object-Type: File/Folder
Object-Name: Favorites.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Favorites.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: Templates.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Templates.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: DCSHOST.exe
Pid: 1972
Object-Path: C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
Status: Visible
Object-Type: Process
Object-Name: SmoothView.exe
Pid: 1476
Object-Path: C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe
Status: Visible
Object-Type: Process
Object-Name: orbitdm.exe
Pid: 3460
Object-Path: C:\Program\Orbitdownloader\orbitdm.exe
Status: Visible
Object-Type: File/Folder
Object-Name: LocalSettings.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\LocalSettings.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: incdsrv.exe
Pid: 2004
Object-Path: C:\Program\Ahead\InCD\InCDsrv.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 3988
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: ctfmon.exe
Pid: 2996
Object-Path: C:\WINDOWS\system32\CTFMON.EXE
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1292
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: jqs.exe
Pid: 2036
Object-Path: C:\Program\Java\jre6\bin\jqs.exe
Status: Visible
Object-Type: Process
Object-Name: TouchED.exe
Pid: 4052
Object-Path: C:\Program\TOSHIBA\TouchED\TouchED.Exe
Status: Visible
Object-Type: Process
Object-Name: NclUSBSrv.exe
Pid: 3836
Object-Path: C:\Program\PC Connectivity Solution\Transports\NclUSBSrv.exe
Status: Visible
Object-Type: Process
Object-Name: igfxtray.exe
Pid: 3868
Object-Path: C:\WINDOWS\System32\igfxtray.exe
Status: Visible
Object-Type: Process
Object-Name: Apoint.exe
Pid: 2380
Object-Path: C:\Program\Apoint2K\Apoint.exe
Status: Visible
Object-Type: Process
Object-Name: spoolsv.exe
Pid: 1792
Object-Path: C:\WINDOWS\system32\spoolsv.exe
Status: Visible
Object-Type: File/Folder
Object-Name: NetHood.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\NetHood.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: Profiles.Folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Profiles.Folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: SendTo.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\SendTo.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: lsass.exe
Pid: 988
Object-Path: C:\WINDOWS\system32\lsass.exe
Status: Visible
Object-Type: Process
Object-Name: PSUNMain.exe
Pid: 2104
Object-Path: C:\Program\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Recent.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Recent.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: SysPath.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\SysPath.dat
Status: Hidden
Object-Type: Process
Object-Name: opera.exe
Pid: 3004
Object-Path: C:\Program\Opera\Opera.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1920
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: TPSMain.exe
Pid: 2044
Object-Path: C:\WINDOWS\system32\TPSMain.exe
Status: Visible
Object-Type: Process
Object-Name: NclMSBTSrv.exe
Pid: 804
Object-Path: C:\Program\PC Connectivity Solution\Transports\NclMSBTSrv.exe
Status: Visible
Scan complete. Found hidden Processes and Files: 25 .
Total files scanned: 66842
Object-Type: Registry-key
Object-Name: 000d180151f3ystem32\drivers\PSINProc.sys
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-value
Object-Name: 00128abb0565
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-value
Object-Name: 001370a5fc5c
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-key
Object-Name: 0D79C293C1ED61418462E24595C90D04HPORT\Parameters\Keys\000d180151f3
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden
Object-Type: Registry-key
Object-Name: 000d180151f3olSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-value
Object-Name: 00128abb0565
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-value
Object-Name: 001370a5fc5c
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-key
Object-Name: 0D79C293C1ED61418462E24595C90D04HPORT\Parameters\Keys\000d180151f3
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden
Object-Type: Registry-key
Object-Name: 0D79C293C1ED61418462E24595C90D04td\Cfg\0D79C293C1ED61418462E24595C90D04
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden
Object-Type: Registry-key
Object-Name: 000d180151f3olSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-value
Object-Name: 00128abb0565
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-value
Object-Name: 001370a5fc5c
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000d180151f3
Status: Hidden
Object-Type: Registry-key
Object-Name: 0D79C293C1ED61418462E24595C90D04HPORT\Parameters\Keys\000d180151f3
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden
Object-Type: Registry-value
Object-Name: {e9523f94-f971-422a-9ad5-578d5aea1969}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\ahead\NeroVision\Effects
Status: Registy value-data mismatch
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\ProxyStubClsid
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\ProxyStubClsid32
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\TypeLib
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\TypeLib
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\ProxyStubClsid
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\ProxyStubClsid32
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\TypeLib
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\TypeLib
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: 0OFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: 2d0a49a13cd865bc
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 64545cb3ccafc424
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 37121f3b17b4ceef
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 5ee681619865568e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 73859ebbe5faf090
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 07474156ec9947f2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 95e710f2ecdf2114
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a0d42d24d
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8ecab3918
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a83af09ccc
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8d28c8ace
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5aa85a9e21
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a2acf22d3
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5afdd07f4a
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a6ac274e5
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5ae8709f33
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a8caaf8d9
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a27c4a825
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a30ed5ae3
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5aedb96f49
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a3e9f1b2c
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5ab9e40001
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a8f2fab2e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a508432b2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a244d5f89
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a03e6d26d
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a13f7814f
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a790e6d04
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a1007083e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5afdaf9eb3
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a353d8f43
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a22464935
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 1e7c04d30016a059
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c5038989
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a83868a0b5
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8d58caf6e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a844b059a7
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c2e2bef9
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8d2046514
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a86aa07389
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c7b3ec08
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a86142b1ee
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a805ac5838
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8bf2ed774
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8295c9e16
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c307920d
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a81cac0b91
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8a721a774
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a83182a4ef
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8a4b04a07
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a861711260
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c86ea4ef
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8fba70e01
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8b17c1d4f
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 3bb7df5375b8c672
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c23465cad
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: b5de661fb0b1c58f
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c0787955b
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: f4122c45b8b6205b
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 6f0ba7eb4a0efa86
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-key
Object-Name: 0.mapARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: 2d0a49a13cd865bc
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 64545cb3ccafc424
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 37121f3b17b4ceef
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 5ee681619865568e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 73859ebbe5faf090
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 07474156ec9947f2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 95e710f2ecdf2114
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a0d42d24d
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8ecab3918
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a83af09ccc
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8d28c8ace
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5aa85a9e21
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a2acf22d3
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5afdd07f4a
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a6ac274e5
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5ae8709f33
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a8caaf8d9
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a27c4a825
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a30ed5ae3
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5aedb96f49
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a3e9f1b2c
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5ab9e40001
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a8f2fab2e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a508432b2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a244d5f89
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a03e6d26d
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a13f7814f
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a790e6d04
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a1007083e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5afdaf9eb3
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a353d8f43
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 984a4b5a22464935
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 1e7c04d30016a059
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c5038989
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a83868a0b5
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8d58caf6e
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a844b059a7
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c2e2bef9
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8d2046514
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a86aa07389
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c7b3ec08
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a86142b1ee
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a805ac5838
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8bf2ed774
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8295c9e16
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c307920d
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a81cac0b91
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8a721a774
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a83182a4ef
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8a4b04a07
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a861711260
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8c86ea4ef
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8fba70e01
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 250a50a8b17c1d4f
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 3bb7df5375b8c672
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c23465cad
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: b5de661fb0b1c58f
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c0787955b
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: f4122c45b8b6205b
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 6f0ba7eb4a0efa86
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\ieupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: 0OFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: 2d0a49a1a1046eaf
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 64545cb37c929674
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 37121f3bfa7ebc95
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 5ee68161f3be3a28
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 73859ebbe046fede
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 07474156ec9947f2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: 3bb7df537a5d8bc8
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c5ca720b2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: b5de661f3f25942a
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c7866e944
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Status: Hidden
Object-Type: Registry-key
Object-Name: 0.mapARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: 2d0a49a1a1046eaf
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 64545cb37c929674
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 37121f3bfa7ebc95
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 5ee68161f3be3a28
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 73859ebbe046fede
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 07474156ec9947f2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: 3bb7df537a5d8bc8
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c5ca720b2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: b5de661f3f25942a
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: eef4be2c7866e944
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\oeupdate\RegBackup\0.map
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: Registrationrosoft\MediaPlayer\9.0
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: UDBVersion
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration
Status: Hidden
Object-Type: Registry-value
Object-Name: UDBRev
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration
Status: Hidden
Object-Type: Registry-value
Object-Name: ProductID
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\9.0\Registration
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\FilterShimDllExclusionList
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\FilterShimDllInclusionList
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\FilterShimExclusionList
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\FilterShimInclusionList
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D7E9C0B4-0E4D-46B4-BC46-1D0222F92C6F}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D7E9C0B4-0E4D-46B4-BC46-1D0222F92C6F}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D7E9C0B4-0E4D-46B4-BC46-1D0222F92C6F}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{D7E9C0B4-0E4D-46B4-BC46-1D0222F92C6F}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{E5A8C40E-654B-44D4-ACBB-DBE6D3B3333B}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{E5A8C40E-654B-44D4-ACBB-DBE6D3B3333B}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{E5A8C40E-654B-44D4-ACBB-DBE6D3B3333B}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{E5A8C40E-654B-44D4-ACBB-DBE6D3B3333B}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{FB02E8EF-ACFE-4CC0-96DF-8B5C7098272C}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Priority
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{FB02E8EF-ACFE-4CC0-96DF-8B5C7098272C}
Status: Hidden
Object-Type: Registry-value
Object-Name: AutoInsert
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{FB02E8EF-ACFE-4CC0-96DF-8B5C7098272C}
Status: Hidden
Object-Type: Registry-value
Object-Name: Name
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\NodeCLSIDs\{FB02E8EF-ACFE-4CC0-96DF-8B5C7098272C}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Setup\Installed Versions
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: wmp.dll
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Setup\Installed Versions
Status: Hidden
Object-Type: Registry-value
Object-Name: wmploc.dll
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Setup\Installed Versions
Status: Hidden
Object-Type: Registry-value
Object-Name: wmplayer.exe
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Setup\Installed Versions
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: FMPLAYER.DLLrosoft\MediaPlayer\ShimDllExclusionList
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\FMPLAYER.DLL
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\FMPLAYER.DLL
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: HWAUDIO.DLLcrosoft\MediaPlayer\ShimDllExclusionList\FMPLAYER.DLL
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\HWAUDIO.DLL
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\HWAUDIO.DLL
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: XACTMP.DLLicrosoft\MediaPlayer\ShimDllExclusionList\HWAUDIO.DLL
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\XACTMP.DLL
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllExclusionList\XACTMP.DLL
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimDllInclusionList
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: ENC2002.EXEcrosoft\MediaPlayer\ShimExclusionList
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\ENC2002.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\ENC2002.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: EXCEL.EXEMicrosoft\MediaPlayer\ShimExclusionList\ENC2002.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\EXCEL.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\EXCEL.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: MPLAYER2.EXErosoft\MediaPlayer\ShimExclusionList\EXCEL.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NHL2003.EXEcrosoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NHL2003DEMO.EXEoft\MediaPlayer\ShimExclusionList\NHL2003.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: POWERPNT.EXErosoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: WINWORD.EXEcrosoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\WINWORD.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\WINWORD.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: AOLTRAY.EXEcrosoft\MediaPlayer\ShimExclusionList\WINWORD.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: FIREFOX.EXEcrosoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\FIREFOX.EXE
Status: Hidden
Object-Type: Registry-key
Object-Name: MSN6.EXE\Microsoft\MediaPlayer\ShimInclusionList\FIREFOX.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\MSN6.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\MSN6.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NETSCAPE.EXErosoft\MediaPlayer\ShimInclusionList\MSN6.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCAPE.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCAPE.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NETSCP.EXEicrosoft\MediaPlayer\ShimInclusionList\NETSCAPE.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCP.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCP.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NETSCP6.EXEcrosoft\MediaPlayer\ShimInclusionList\NETSCP.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCP6.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\NETSCP6.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: OPERA.EXEMicrosoft\MediaPlayer\ShimInclusionList\NETSCP6.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\OPERA.EXE
Status: Hidden
Object-Type: Registry-key
Object-Name: WAOL.EXE\Microsoft\MediaPlayer\ShimInclusionList\OPERA.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\WAOL.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\WAOL.EXE
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NonSourceFiltersft\MediaPlayer\SmartPlaylist
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\NonSourceFilters
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\NonSourceFilters
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: {BC5E21B0-504C-46F6-82BF-FB975C911AD6}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\NonSourceFilters
Status: Hidden
Object-Type: Registry-key
Object-Name: SourceFiltersosoft\MediaPlayer\SmartPlaylist\NonSourceFilters
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\SourceFilters
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\SourceFilters
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: {4202947A-A563-4B05-A754-A1B4B5989849}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\SourceFilters
Status: Hidden
Object-Type: Registry-value
Object-Name: {B2D9BDDC-8E49-444B-9BA4-193ABF9C7870}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\SmartPlaylist\SourceFilters
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: {0890F930-4F80-4646-BAB1-4B6E5571FB89}ns
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}
Status: Hidden
Object-Type: Registry-key
Object-Name: {171B4B25-2DD9-4b0b-912A-1AFAE79369B8}ns\{0890F930-4F80-4646-BAB1-4B6E5571FB89}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}
Status: Hidden
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}
Status: Hidden
Object-Type: Registry-key
Object-Name: {1F32514F-1561-4922-A604-8A1F478B5A42}ns\{171B4B25-2DD9-4b0b-912A-1AFAE79369B8}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}
Status: Hidden
Object-Type: Registry-key
Object-Name: {292AE934-4F49-40bb-9E7E-6F6398ED9C31}ns\{1F32514F-1561-4922-A604-8A1F478B5A42}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}
Status: Hidden
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}
Status: Hidden
Object-Type: Registry-key
Object-Name: {52903d79-f993-4de6-8317-20c9c176d823}ns\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}
Status: Hidden
Object-Type: Registry-key
Object-Name: {59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}ns\{52903d79-f993-4de6-8317-20c9c176d823}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}
Status: Hidden
Object-Type: Registry-key
Object-Name: {5DF031B7-6A37-42D9-8802-E27F4F224332}ns\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}
Status: Hidden
Object-Type: Registry-key
Object-Name: {5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}ns\{5DF031B7-6A37-42D9-8802-E27F4F224332}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}
Status: Hidden
Object-Type: Registry-key
Object-Name: {7F2B1D6B-1357-402C-A1C8-67E59583B41D}ns\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}
Status: Hidden
Object-Type: Registry-key
Object-Name: {93075F62-16B3-43EC-A53B-FFAD0E01D5E7}ns\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}
Status: Hidden
Object-Type: Registry-key
Object-Name: {9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}ns\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}
Status: Hidden
Object-Type: Registry-key
Object-Name: {976ABECA-93F7-4d81-9187-2A6137829675}ns\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}
Status: Hidden
Object-Type: Registry-key
Object-Name: {99DB05E3-F81E-4C8A-A252-F396306AB6FE}ns\{976ABECA-93F7-4d81-9187-2A6137829675}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}
Status: Hidden
Object-Type: Registry-key
Object-Name: {9F9562EB-15B6-46C6-A7CB-0A66FC65130E}ns\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}
Status: Hidden
Object-Type: Registry-key
Object-Name: {9FA014E3-076F-4865-A73C-117131B8E292}ns\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}
Status: Hidden
Object-Type: Registry-key
Object-Name: {D5E49195-ED19-40fb-9EE0-E6625A808B77}ns\{9FA014E3-076F-4865-A73C-117131B8E292}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}
Status: Hidden
Object-Type: Registry-key
Object-Name: {E641D09E-E500-4c09-8260-F1CD7B902E9C}ns\{D5E49195-ED19-40fb-9EE0-E6625A808B77}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}
Status: Hidden
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}
Status: Hidden
Object-Type: Registry-key
Object-Name: {F24A1BC2-2331-4B91-8A13-5A549DA56E9D}ns\{E641D09E-E500-4c09-8260-F1CD7B902E9C}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}
Status: Hidden
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}
Status: Hidden
Object-Type: Registry-key
Object-Name: {FD981763-B6BB-4d51-9143-6D372A0ED56F}ns\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}
Status: Hidden
Object-Type: Registry-value
Object-Name: Description
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}
Status: Hidden
Object-Type: Registry-value
Object-Name: Capabilities
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Hidden
Object-Type: Registry-value
Object-Name: ComponentGUID
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Hidden
Object-Type: Registry-value
Object-Name: Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Hidden
Object-Type: Registry-value
Object-Name: Sub-Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionInfName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionCatalogName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Hidden
Object-Type: Registry-value
Object-Name: ComponentGUID
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Hidden
Object-Type: Registry-value
Object-Name: Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Hidden
Object-Type: Registry-value
Object-Name: Sub-Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionInfName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionCatalogName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60BFF50D-FB2C-4498-A577-C9548C390BB9}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Hidden
Object-Type: Registry-value
Object-Name: ComponentGUID
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Hidden
Object-Type: Registry-value
Object-Name: Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Hidden
Object-Type: Registry-value
Object-Name: Sub-Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionInfName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionCatalogName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AA936DF4-2B08-4B1F-B071-72192E287704}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: FriendlyName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Hidden
Object-Type: Registry-value
Object-Name: ComponentGUID
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Hidden
Object-Type: Registry-value
Object-Name: Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Hidden
Object-Type: Registry-value
Object-Name: Sub-Version
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionInfName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Hidden
Object-Type: Registry-value
Object-Name: ExceptionCatalogName
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: SanDiskIM
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList
Status: Hidden
Object-Type: Registry-value
Object-Name: SanDiskIMb
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList
Status: Hidden
Object-Type: Registry-value
Object-Name: Lexmark
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\WMDMCESP
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: ProgID
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\WMDMCESP
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Toshiba\Power Saver\Policies
Status: Unable to access registry key
Object-Type: Registry-value
Object-Name: MachinePolicies
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Toshiba\Power Saver\Policies
Status: Hidden
Object-Type: Registry-value
Object-Name: UserPolicies
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Toshiba\Power Saver\Policies
Status: Hidden
Object-Type: Registry-value
Object-Name: ProcessorPolicies
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Toshiba\Power Saver\Policies
Status: Hidden
Object-Type: Process
Object-Name: Rootkit_Detecti
Pid: 1084
Object-Path: C:\DOCUME~1\A-50a\LOKALA~1\Temp\Rar$EX00.430\Rootkit_Detective.exe
Status: Visible
Object-Type: Process
Object-Name: ServiceLayer.ex
Pid: 3472
Object-Path: C:\Program\PC Connectivity Solution\ServiceLayer.exe
Status: Visible
Object-Type: File/Folder
Object-Name: History.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\History.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: csrss.exe
Pid: 900
Object-Path: C:\WINDOWS\system32\csrss.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1520
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: FixCamera.exe
Pid: 2760
Object-Path: C:\WINDOWS\FixCamera.exe
Status: Visible
Object-Type: Process
Object-Name: winlogon.exe
Pid: 932
Object-Path: C:\WINDOWS\system32\winlogon.exe
Status: Visible
Object-Type: Process
Object-Name: explorer.exe
Pid: 716
Object-Path: C:\WINDOWS\Explorer.EXE
Status: Visible
Object-Type: Process
Object-Name: TOSCDSPD.exe
Pid: 2948
Object-Path: C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe
Status: Visible
Object-Type: Process
Object-Name: NclRSSrv.exe
Pid: 3972
Object-Path: C:\Program\PC Connectivity Solution\Transports\NclRSSrv.exe
Status: Visible
Object-Type: Process
Object-Name: System
Pid: 4
Object-Path:
Status: Visible
Object-Type: File/Folder
Object-Name: Cache.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Cache.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: MsPMSPSv.exe
Pid: 656
Object-Path: C:\WINDOWS\system32\MsPMSPSv.exe
Status: Visible
Object-Type: Process
Object-Name: TPSBattM.exe
Pid: 2516
Object-Path: C:\WINDOWS\system32\TPSBattM.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Personal.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Personal.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: Programs.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Programs.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: svchost.exe
Pid: 1184
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: ApntEx.exe
Pid: 3416
Object-Path: C:\Program\Apoint2K\Apntex.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Music.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Music.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: PrintHood.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\PrintHood.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: StartUp.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\StartUp.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: S24EvMon.exe
Pid: 1372
Object-Path: C:\WINDOWS\System32\S24EvMon.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 628
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Profiles.Folder.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: PSANHost.exe
Pid: 164
Object-Path: C:\Program\Panda Security\Panda Cloud Antivirus\PSANHost.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Desktop.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Desktop.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: VikPev00
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\VikPev00
Status: Hidden
Object-Type: Process
Object-Name: RegSrvc.exe
Pid: 320
Object-Path: C:\WINDOWS\System32\RegSrvc.exe
Status: Visible
Object-Type: File/Folder
Object-Name: AppData.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\AppData.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: LocalAppData.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\LocalAppData.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: svchost.exe
Pid: 1592
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: scardsvr.exe
Pid: 1840
Object-Path: C:\WINDOWS\System32\SCardSvr.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1252
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: vsnpstd.exe
Pid: 2864
Object-Path: C:\WINDOWS\vsnpstd.exe
Status: Visible
Object-Type: File/Folder
Object-Name: SetPath.bat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\SetPath.bat
Status: Hidden
Object-Type: Process
Object-Name: CFSvcs.exe
Pid: 1936
Object-Path: C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe
Status: Visible
Object-Type: Process
Object-Name: stacmon.exe
Pid: 1564
Object-Path: C:\Program\SigmaTel\SigmaTel AC97 ljuddrivrutiner\stacmon.exe
Status: Visible
Object-Type: Process
Object-Name: rundll32.exe
Pid: 4044
Object-Path: C:\WINDOWS\system32\rundll32.exe
Status: Visible
Object-Type: Process
Object-Name: 00THotkey.exe
Pid: 2432
Object-Path: C:\WINDOWS\system32\00THotkey.exe
Status: Visible
Object-Type: Process
Object-Name: wscntfy.exe
Pid: 820
Object-Path: C:\WINDOWS\system32\wscntfy.exe
Status: Visible
Object-Type: Process
Object-Name: smss.exe
Pid: 852
Object-Path: C:\WINDOWS\System32\smss.exe
Status: Visible
Object-Type: Process
Object-Name: services.exe
Pid: 976
Object-Path: C:\WINDOWS\system32\services.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Pictures.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Pictures.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: StartMenu.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\StartMenu.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: Foxmail.exe
Pid: 3612
Object-Path: C:\Program\Foxmail\Foxmail.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Cookies.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Cookies.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: wuauclt.exe
Pid: 1412
Object-Path: C:\WINDOWS\system32\wuauclt.exe
Status: Visible
Object-Type: Process
Object-Name: orbitnet.exe
Pid: 4016
Object-Path: C:\Program\Orbitdownloader\orbitnet.exe
Status: Visible
Object-Type: Process
Object-Name: alg.exe
Pid: 1568
Object-Path: C:\WINDOWS\System32\alg.exe
Status: Visible
Object-Type: File/Folder
Object-Name: BackEnv
Pid: n/a
Object-Path: C:\Qoobox\BackEnv
Status: Hidden
Object-Type: File/Folder
Object-Name: Favorites.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Favorites.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: Templates.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Templates.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: DCSHOST.exe
Pid: 1972
Object-Path: C:\Documents and Settings\All Users\Application Data\DatacardService\DCSHost.exe
Status: Visible
Object-Type: Process
Object-Name: SmoothView.exe
Pid: 1476
Object-Path: C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe
Status: Visible
Object-Type: Process
Object-Name: orbitdm.exe
Pid: 3460
Object-Path: C:\Program\Orbitdownloader\orbitdm.exe
Status: Visible
Object-Type: File/Folder
Object-Name: LocalSettings.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\LocalSettings.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: incdsrv.exe
Pid: 2004
Object-Path: C:\Program\Ahead\InCD\InCDsrv.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 3988
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: ctfmon.exe
Pid: 2996
Object-Path: C:\WINDOWS\system32\CTFMON.EXE
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1292
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: jqs.exe
Pid: 2036
Object-Path: C:\Program\Java\jre6\bin\jqs.exe
Status: Visible
Object-Type: Process
Object-Name: TouchED.exe
Pid: 4052
Object-Path: C:\Program\TOSHIBA\TouchED\TouchED.Exe
Status: Visible
Object-Type: Process
Object-Name: NclUSBSrv.exe
Pid: 3836
Object-Path: C:\Program\PC Connectivity Solution\Transports\NclUSBSrv.exe
Status: Visible
Object-Type: Process
Object-Name: igfxtray.exe
Pid: 3868
Object-Path: C:\WINDOWS\System32\igfxtray.exe
Status: Visible
Object-Type: Process
Object-Name: Apoint.exe
Pid: 2380
Object-Path: C:\Program\Apoint2K\Apoint.exe
Status: Visible
Object-Type: Process
Object-Name: spoolsv.exe
Pid: 1792
Object-Path: C:\WINDOWS\system32\spoolsv.exe
Status: Visible
Object-Type: File/Folder
Object-Name: NetHood.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\NetHood.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: Profiles.Folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Profiles.Folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: SendTo.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\SendTo.folder.dat
Status: Hidden
Object-Type: Process
Object-Name: lsass.exe
Pid: 988
Object-Path: C:\WINDOWS\system32\lsass.exe
Status: Visible
Object-Type: Process
Object-Name: PSUNMain.exe
Pid: 2104
Object-Path: C:\Program\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
Status: Visible
Object-Type: File/Folder
Object-Name: Recent.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Recent.folder.dat
Status: Hidden
Object-Type: File/Folder
Object-Name: SysPath.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\SysPath.dat
Status: Hidden
Object-Type: Process
Object-Name: opera.exe
Pid: 3004
Object-Path: C:\Program\Opera\Opera.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1920
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: TPSMain.exe
Pid: 2044
Object-Path: C:\WINDOWS\system32\TPSMain.exe
Status: Visible
Object-Type: Process
Object-Name: NclMSBTSrv.exe
Pid: 804
Object-Path: C:\Program\PC Connectivity Solution\Transports\NclMSBTSrv.exe
Status: Visible
Scan complete. Found hidden Processes and Files: 25 .
Total files scanned: 66842
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
Pues sí, vemos todos estos procesos de ficheros ejecutables corriendo en modo oculto, propio de lols rootkits:
Object-Name: ENC2002.EXEcrosoft\MediaPlayer\ShimExclusionList
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\ENC2002.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\ENC2002.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: EXCEL.EXEMicrosoft\MediaPlayer\ShimExclusionList\ENC2002.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\EXCEL.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\EXCEL.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: MPLAYER2.EXErosoft\MediaPlayer\ShimExclusionList\EXCEL.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NHL2003.EXEcrosoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NHL2003DEMO.EXEoft\MediaPlayer\ShimExclusionList\NHL2003.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: POWERPNT.EXErosoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: WINWORD.EXEcrosoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\WINWORD.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\WINWORD.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: AOLTRAY.EXEcrosoft\MediaPlayer\ShimExclusionList\WINWORD.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: FIREFOX.EXEcrosoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\FIREFOX.EXE
Status: Hidden
Object-Type: Registry-key
Object-Name: MSN6.EXE\Microsoft\MediaPlayer\ShimInclusionList\FIREFOX.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\MSN6.EXE
Status: Hidden
Si alguno de ellos no lo has instalado voluntariamente, envianoslo y tras analizarlo informaremos del resultado
Para ello recordar[/b] :
https://foros.zonavirus.com/viewtopic.php?f=5&t=14253
saludos
ms, 3-3-2012
Object-Name: ENC2002.EXEcrosoft\MediaPlayer\ShimExclusionList
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\ENC2002.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\ENC2002.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: EXCEL.EXEMicrosoft\MediaPlayer\ShimExclusionList\ENC2002.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\EXCEL.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\EXCEL.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: MPLAYER2.EXErosoft\MediaPlayer\ShimExclusionList\EXCEL.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NHL2003.EXEcrosoft\MediaPlayer\ShimExclusionList\MPLAYER2.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: NHL2003DEMO.EXEoft\MediaPlayer\ShimExclusionList\NHL2003.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: POWERPNT.EXErosoft\MediaPlayer\ShimExclusionList\NHL2003DEMO.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: WINWORD.EXEcrosoft\MediaPlayer\ShimExclusionList\POWERPNT.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\WINWORD.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimExclusionList\WINWORD.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: AOLTRAY.EXEcrosoft\MediaPlayer\ShimExclusionList\WINWORD.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE
Status: Hidden
Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE
Status: Unable to access registry key
Object-Type: Registry-key
Object-Name: FIREFOX.EXEcrosoft\MediaPlayer\ShimInclusionList\AOLTRAY.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\FIREFOX.EXE
Status: Hidden
Object-Type: Registry-key
Object-Name: MSN6.EXE\Microsoft\MediaPlayer\ShimInclusionList\FIREFOX.EXE
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\MSN6.EXE
Status: Hidden
Si alguno de ellos no lo has instalado voluntariamente, envianoslo y tras analizarlo informaremos del resultado
Para ello recordar
saludos
ms, 3-3-2012
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Actualización problemática de IExplorer/Windows
Gracias por la respuesta. Desgraciadamente no puedo encontrar esos ficheros, ¿dónde puedo encontrar esos "registry keys" y "registry values"? En el informe no veo la ruta indicada para encontrarlos en el ordenador. Aparte de esto observo que Word está algo defectuoso y me cambia la lengua al inglés. Lo curioso es que yo no tengo el inglés en la barra de idiomas. El programa de correo Foxmail, que aparece en una de esas entradas sospechosas de Rootkits, me pide últimamente la contraseña, lo cual es también sospechoso. En fin, qué no se qué hacer para comprobar si alguno de esos 25 ficheros es un rootkit
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
Los ficheros en cuestion son los que figuran antes de .EXE, por ejemplo, del primer bloque, el ENC2002.EXE
Pero si son RootKits, puede que no los veas facilmente.
En cualquier caso buscalos con un Inicio -> Buscar en modo avanzado, buscando archivos ocultos y de sistema.
saludos
ms, 7-3-2012
Pero si son RootKits, puede que no los veas facilmente.
En cualquier caso buscalos con un Inicio -> Buscar en modo avanzado, buscando archivos ocultos y de sistema.
saludos
ms, 7-3-2012
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
- msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Re: Actualización problemática de IExplorer/Windows
Pero parece que el infosat.txt que nos ha posteado es el de hace mas de 1 año !!!
[i][b](29-1-2011 12:23:41 (GMT))
EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)[/b] [/i]
Por favor ! ... El Elistara se actualiza a diario, y siempre se ha de usar la ultima version disponible, además de enviarnos el informe resultante actualizado.
Descargue el ELISTARA actual y tras probarlo, posteenos el informe resultante:
saludos
ms, 7-3-2012
[i]
EliStartPage v22.49 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Enero del 2011)
Por favor ! ... El Elistara se actualiza a diario, y siempre se ha de usar la ultima version disponible, además de enviarnos el informe resultante actualizado.
Descargue el ELISTARA actual y tras probarlo, posteenos el informe resultante:
[quote="para DESCARGAR el ELISTARA, msc"]http://www.zonavirus.com/descargas/descargar-elistara.asp
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el
resultado
del proceso[/quote]
saludos
ms, 7-3-2012
msc hotline sat Virus Research Engineer
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Re: Actualización problemática de IExplorer/Windows
Bueno, por fin he podido descargar la nueva versión de Elistara y aquí tenéis los resultados, que parecen positivos:
(7-4-2012 06:49:59 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: A-50a
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 06:50:11 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Administratör
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 06:50:21 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 07:07:36 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 5595
Nº Total de Ficheros: 73465
Nº de Ficheros Analizados: 27646
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
(7-4-2012 07:44:40 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: A-50a
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 07:44:53 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Administratör
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 07:45:05 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 08:02:51 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 7236
Nº Total de Ficheros: 82011
Nº de Ficheros Analizados: 28856
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Como ayer el ordenador me hizo cosas raras he descargado también a continuación el Sproces 6.1 y este es el resultado:
(7-4-2012 06:49:59 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: A-50a
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 06:50:11 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Administratör
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 06:50:21 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 07:07:36 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 5595
Nº Total de Ficheros: 73465
Nº de Ficheros Analizados: 27646
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
(7-4-2012 07:44:40 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: A-50a
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 07:44:53 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Administratör
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 07:45:05 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 08:02:51 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 7236
Nº Total de Ficheros: 82011
Nº de Ficheros Analizados: 28856
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Gracias por adelantado.
(7-4-2012 06:49:59 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: A-50a
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 06:50:11 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Administratör
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 06:50:21 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 07:07:36 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 5595
Nº Total de Ficheros: 73465
Nº de Ficheros Analizados: 27646
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
(7-4-2012 07:44:40 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: A-50a
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 07:44:53 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Administratör
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 07:45:05 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 08:02:51 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 7236
Nº Total de Ficheros: 82011
Nº de Ficheros Analizados: 28856
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Como ayer el ordenador me hizo cosas raras he descargado también a continuación el Sproces 6.1 y este es el resultado:
(7-4-2012 06:49:59 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: A-50a
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 06:50:11 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Administratör
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 06:50:21 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 07:07:36 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 5595
Nº Total de Ficheros: 73465
Nº de Ficheros Analizados: 27646
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
(7-4-2012 07:44:40 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: A-50a
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-1006
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 07:44:53 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Administratör
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-500
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 07:45:05 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Acción Directa):
Restaurado fichero de Configuración del IE, (IERESET.INF)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(7-4-2012 08:02:51 (GMT))
EliStartPage v25.24 (c)2012 S.G.H. / Satinfo S.L. (Actualizado el 4 de Abril del 2012)
--------------------------------------------------
Usuario: Gäst
ID de Usuario: S-1-5-21-3133523642-25887482-1457699603-501
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 7236
Nº Total de Ficheros: 82011
Nº de Ficheros Analizados: 28856
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Gracias por adelantado.