Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Windows debug center

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
jaGmann
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 148
Registrován: 28 úno 2007 12:28
Bydliště: za bukem

Windows debug center

#1 Příspěvek od jaGmann »

Zdravim odborniky.
Kolegine mi prinesla jeji notas, kde se ji z niceho nic zacaly dit nekalosti. Pri brouzdani netem se bez duvodne otvitaji stranky s porno tematikou a kazdou chvili ji na plose vyskakuje okno s moznosti "vyreseni problemu" s varovanim ze je vystavena riziku, ze je soubor nebo torent zavirovan, ze tam ma rootkit a podobne.
Po startu se spousti pro me neznamy a hlavne velmi podezrele vypadajici program Windows debug center s moznosti scanovat PC atd.
Pri pokusu o spusteni RSIT vyskoci okno AutoIt Error - Unable to open script file.
Pri pokusu o spusteni HJT vypise chybovou hlasku aplikaci (0xc0000005) se nepodarilo spravne spustit.
A to jak v normalnim, tak nouzovem rezimu :(

Pomuzete mi prosim?
Usmívej se, bude hůř! :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Windows debug center

#2 Příspěvek od vyosek »

Zdravim a pekny den preji :)

:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
  • Ukoncete vsechny programy
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pockejte na dokonceni PreScanu
  • Zvolte moznost Prohledat (scan)
  • Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
jaGmann
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 148
Registrován: 28 úno 2007 12:28
Bydliště: za bukem

Re: Windows debug center

#3 Příspěvek od jaGmann »

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v: Normální režim
Uživatel: Petra Hejlková [Práva správce]
Mód: Kontrola -- Datum: 03/28/2012 09:13:50

¤¤¤ Škodlivé procesy: 2 ¤¤¤
[SUSP PATH] Protector-fvkr.exe -- C:\Users\Petra Hejlková\AppData\Roaming\Protector-fvkr.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- C:\Windows\SysWOW64\svchost.exe -> KILLED [TermProc]

¤¤¤ Záznamy Registrů: 771 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : Jtvk (rundll32 "C:\Users\Petra Hejlková\AppData\Roaming\C_1143B.dll",cnem) -> FOUND
[SUSP PATH] HKCU\[...]\Run : HP (C:\Users\Petra Hejlková\AppData\Roaming\18F825.exe) -> FOUND
[SUSP PATH] HKCU\[...]\Run : Inspector (C:\Users\Petra Hejlková\AppData\Roaming\Protector-fvkr.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-421640176-2901575674-168843555-1000[...]\Run : Jtvk (rundll32 "C:\Users\Petra Hejlková\AppData\Roaming\C_1143B.dll",cnem) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-421640176-2901575674-168843555-1000[...]\Run : HP (C:\Users\Petra Hejlková\AppData\Roaming\18F825.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-421640176-2901575674-168843555-1000[...]\Run : Inspector (C:\Users\Petra Hejlková\AppData\Roaming\Protector-fvkr.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : a.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aAvgApi.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AAWTray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : About.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ackwin32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Ad-Aware.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : adaware.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : advxdwin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AdwarePrj.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : agent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : agentsvr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : agentw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : alertsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : alevir.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : alogserv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AlphaAV (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AlphaAV.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AluSchedulerSvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : amon9x.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : anti-trojan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Anti-Virus Professional.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntispywarXP2009.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : antivirus.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPlus (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPlus.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPro_2010.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusXP (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusXP.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : antivirusxppro2009.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntiVirus_Pro.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ants.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : apimonitor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aplica32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : apvxdwin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : arr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashAvast.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashBug.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashChest.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashCnsnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashDisp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashLogV.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashMaiSv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashPopWz.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashQuick.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashServ.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashSimp2.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashSimpl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashSkPcc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashSkPck.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashUpd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashWebSv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aswChLic.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aswRegSvr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aswRunDll.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aswUpdSv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : atcon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : atguard.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : atro55en.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : atupdater.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : atwatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : au.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aupdate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : auto-protect.nav80try.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : autodown.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : autotrace.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : autoupdate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : av360.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avadmin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avastSvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avastUI.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AVCare.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avcenter.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avciman.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avconfig.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avconsol.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ave32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AVENGINE.EXE (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgcc32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgchk.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgcmgr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgcsrvx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgctrl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgdumpx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgemc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgiproxy.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgnsx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgrsx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgscanx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgserv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgserv9.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgsrmax.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgtray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avguard.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgupd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgwdsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avkpop.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avkserv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avkservice.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avkwctl9.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avltmain.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avmailc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avmcdlg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avnotify.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avp32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avpcc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avpdos32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avpm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avptc32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avpupd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avsched32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avshadow.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avsynmgr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avupgsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AVWEBGRD.EXE (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avwin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avwin95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avwinnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avwsc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avwupd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avwupd32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avwupsrv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avxmonitor9x.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avxmonitornt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avxquar.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : b.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : backweb.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bargains.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bdfvcl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bdfvwiz.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : BDInProcPatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bdmcon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : BDMsnScan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : BDSurvey.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bd_professional.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : beagle.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : belt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bidef.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bidserver.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bipcp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bipcpevalsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bisp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : blackd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : blackice.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : blink.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : blss.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bootconf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bootwarn.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : borg2.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bpc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : brasil.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : brastk.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : brw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bs120.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bspatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bundle.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bvt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : c.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cavscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ccapp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ccevtmgr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ccpxysvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ccSvcHst.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cdp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfgwiz.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfiadmin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfiaudit.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfinet.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfinet32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfpconfg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfplogvw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfpupdat.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : claw95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : claw95cf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : clean.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cleaner.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cleaner3.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cleanIELow.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cleanpc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : click.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cmd32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cmdagent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cmesys.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cmgrdian.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cmon016.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : connectionmonitor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : control (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cpd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cpf9x206.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cpfnt206.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : crashrep.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : csc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cssconfg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cssupdat.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cssurf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ctrl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cwnb181.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cwntdwmo.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : d.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : datemanager.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dcomx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : defalert.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : defscangui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : defwatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : deloeminfs.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : deputy.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : divx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dllcache.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dllreg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : doors.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dop.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dpf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dpfsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dpps2.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : driverctrl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : drwatson.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : drweb32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : drwebupw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dssagent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dvp95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dvp95_0.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ecengine.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : efpeadm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : emsw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : esafe.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : escanhnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : escanv95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : espwatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ethereal.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : etrustcipe.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : evpn.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : exantivirus-cnet.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : exe.avxw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : expert.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : explore.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : f-agnt95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : f-prot.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : f-prot95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : f-stopw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fact.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fameh32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fast.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fch32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fih32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : findviru.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : firewall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fixcfg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fixfp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fnrb32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fp-win.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fp-win_trial.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fprot.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : frmwrk32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : frw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsaa.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsav32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsav530stbyb.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsav530wtbyb.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsav95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsgk32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsm32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsma32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsmb32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : gator.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : gav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : gbmenu.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : gbn976rl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : gbpoll.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : generics.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : gmt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : guard.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : guarddog.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : guardgui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hacktracersetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hbinst.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hbsrv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : History.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : homeav2010.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hotactio.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hotpatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : htlog.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : htpatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hwpe.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hxdl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hxiul.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : iamapp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : iamserv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : iamstats.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ibmasn.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ibmavsp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : icload95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : icloadnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : icmon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : icsupp95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : icsuppnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Identity.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : idle.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : iedll.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : iedriver.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : IEShow.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : iface.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ifw2000.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : inetlnfo.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : infus.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : infwin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : init.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : init32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : install[1].exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : install[2].exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : install[3].exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : install[4].exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : install[5].exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : intdel.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : intren.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : iomon98.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : istsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : jammer.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : jdbgmrg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : jedi.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : JsRcGen.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kavlite40eng.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kavpers40eng.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kavpf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kazza.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : keenvalue.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kerio-pf-213-en-win.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kerio-wrl-421-en-win.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kerio-wrp-421-en-win.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : killprocesssetup161.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ldnetmon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ldpro.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ldpromenu.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ldscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : licmgr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : lnetinfo.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : loader.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : localnet.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : lockdown.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : lockdown2000.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : lookout.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : lordpe.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : lsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : luall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : luau.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : lucomserver.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : luinit.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : luspt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : MalwareRemoval.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mapisvc32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcagent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcmnhdlr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcmpeng.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcmscsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcnasvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcproxy.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : McSACore.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcshell.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcshield.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcsysmon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mctool.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcupdate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcvsrte.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcvsshld.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : md.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mfin32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mfw2en.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mfweng3.02d30.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mgavrtcl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mgavrte.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mghtml.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mgui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : minilog.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mmod.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : monitor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : moolive.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mostat.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mpfagent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mpfservice.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : MPFSrv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mpftray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mrflux.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mrt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msa.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msapp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : MSASCui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msbb.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msblast.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mscache.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msccn32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mscman.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msconfig (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msdm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msdos.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msiexec16.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mslaugh.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msmgt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msmsgri32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msseces.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mssmmc32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mssys.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msvxd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mu0311ad.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mwatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : n32scanw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : navap.navapsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : navapsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : navapw32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : navdx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : navlu32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : navnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : navstub.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : navw32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : navwnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nc2000.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ncinst4.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ndd32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : neomonitor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : neowatchlog.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netarmor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netd32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netinfo.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netmon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netscanpro.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netspyhunter-1.2.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netutils.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nisserv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nisum.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nmain.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nod32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : normist.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : norton_internet_secu_3.0_407.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : notstart.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : npf40_tw_98_nt_me_2k.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : npfmessenger.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nprotect.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : npscheck.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : npssvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nsched32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nssys32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nstask32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nsupdate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ntrtscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ntvdm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ntxconfig.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nupgrade.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nvarch16.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nvc95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nvsvc32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nwinst4.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nwservice.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nwtool16.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : OAcat.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : OAhlp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : OAReg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : oasrv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : oaui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : oaview.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ODSW.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ollydbg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : onsrvr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : optimize.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ostronet.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : otfix.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : outpost.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : outpostinstall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : outpostproinstall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ozn695m5.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : padmin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : panixk.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : patch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pavcl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PavFnSvr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pavproxy.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pavprsrv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pavsched.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pavsrv51.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pavw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pccwin98.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pcfwallicon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pcip10117_0.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pcscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pctsAuxs.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pctsGui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pctsSvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pctsTray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PC_Antispyware2010.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pdfndr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pdsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PerAvir.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : periscope.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : persfw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : personalguard (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : personalguard.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : perswf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pf2.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pfwadmin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pgmonitr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pingscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : platin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pop3trap.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : poproxy.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : popscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : portdetective.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : portmonitor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : powerscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ppinupdt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pptbc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ppvstop.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : prizesurfer.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : prmt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : prmvr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : procdump.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : processmonitor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : procexplorerv1.0.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : programauditor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : proport.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : protector.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : protectx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PSANCU.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PSANHost.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PSANToManager.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PsCtrls.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PsImSvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PskSvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pspf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PSUNMain.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : purge.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : qconsole.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : qh.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : qserver.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Quick Heal.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : QuickHealCleaner.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rapapp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rav7.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rav7win.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rav8win32eng.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rb32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rcsync.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : realmon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : reged.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : regedit.exe (C:\Users\Petra Hejlková\AppData\Roaming\Protector-fvkr.exe reg) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : regedt32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rescue.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rescue32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rrguard.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rscdwld.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rshell.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rtvscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rtvscn95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rulaunch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rwg (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rwg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : SafetyKeeper.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : safeweb.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sahagent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Save.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : SaveArmor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : SaveDefense.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : SaveKeep.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : savenow.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sbserv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : scam32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : scan32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : scan95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : scanpm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : scrscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Secure Veteran.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : secureveteran.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Security Center.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : SecurityFighter.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : securitysoldier.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : serv95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : setloadorder.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : setupvameeval.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : setup_flowprotector_us.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sgssfw32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sh.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : shellspyinstall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : shield.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : shn.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : showbehind.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : signcheck.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : smart.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : smartprotector.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : smc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : smrtdefp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sms.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : smss32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : snetcfg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : soap.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sofi.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : SoftSafeness.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sperm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : spf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sphinx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : spoler.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : spoolcv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : spoolsv32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : spywarexpguard.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : spyxx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : srexe.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : srng.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ss3edit.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ssgrate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ssg_4104.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : st2.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : start.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : stcloader.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : supftrl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : support.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : supporter5.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : svc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : svchostc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : svchosts.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : svshost.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sweep95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sweepnet.sweepsrv.sys.swnetsup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : symlcsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : symproxysvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : symtray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : system.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : system32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sysupd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tapinstall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : taskmgr.exe (C:\Users\Petra Hejlková\AppData\Roaming\Protector-fvkr.exe task) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : taumon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tbscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tca.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tcm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tds-3.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tds2-98.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tds2-nt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : teekids.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tfak.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tfak5.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tgbob.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : titanin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : titaninxp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : TPSrv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : trickler.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : trjscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : trjsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : trojantrap3.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : TrustWarrior.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tsadbot.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tsc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tvmd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tvtmd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : undoboot.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : updat.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : upgrad.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : utpost.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vbcmserv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vbcons.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vbust.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vbwin9x.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vbwinntw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vcsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vet32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vet95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vettray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vfsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vir-help.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : virusmdpersonalfirewall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : VisthAux.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : VisthLic.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : VisthUpd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vnlan300.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vnpc3000.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vpc32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vpc42.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vpfw30s.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vptray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vscan40.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vscenu6.02d30.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vsched.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vsecomr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vshwin32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vsisetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vsmain.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vsmon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vsstat.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vswin9xe.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vswinntse.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vswinperse.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : w32dsm89.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : W3asbas.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : w9x.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : watchdog.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : webdav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : WebProxy.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : webscanx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : webtrap.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wfindv32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : whoswatchingme.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wimmun32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : win-bugsfix.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : win32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : win32us.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winactive.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : windll32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : window.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : windows Police Pro.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : windows.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wininetd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wininitx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winlogin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winmain.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winppr32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winrecon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winservn.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winssk32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winstart.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winstart001.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wintsk32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winupdate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wkufind.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wnad.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wradmin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wrctrl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wsbgate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wscfxas.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wscfxav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wscfxfw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wsctool.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wupdater.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wupdt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wyvernworksfirewall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : xpdeluxe.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : xpf202en.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : xp_antispyware.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : zapro.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : zapsetup3001.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : zatutor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : zonalm2601.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : zonealarm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : _avp32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : _avpcc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : _avpm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ~1.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ~2.exe (svchost.exe) -> FOUND
[HJ] HKCU\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost
::1 localhost
149.5.18.172 www.google-analytics.com.
149.5.18.172 ad-emea.doubleclick.net.
149.5.18.172 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9320325AS +++++
--- User ---
[MBR] 759be00d1ca2859cd8d6cba11c761227
[BSP] 7297a2b6258ac5cd65d4d57ddbe5391a : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15491 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31727616 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31932416 | Size: 289652 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Sony Storage Media USB Device +++++
--- User ---
[MBR] 660bef5e3756325f25414a59a143c11c
[BSP] f1ba199fd79381c0b89fc4703e66c8ed : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT16-LBA (0x0e) [VISIBLE] Offset (sectors): 63 | Size: 979 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt
Usmívej se, bude hůř! :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Windows debug center

#4 Příspěvek od vyosek »

:arrow: Spustte znovu RogueKiller
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
  • Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
  • Pak kliknete na Oprava Proxy a Zprava - otevre se log, ten sem vlozte
:arrow: Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe
  • Ulozte nejlepe na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
  • Kliknete na Report
  • Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
jaGmann
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 148
Registrován: 28 úno 2007 12:28
Bydliště: za bukem

Re: Windows debug center

#5 Příspěvek od jaGmann »

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v: Normální režim
Uživatel: Petra Hejlková [Práva správce]
Mód: Odebrat -- Datum: 03/28/2012 09:21:04

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 768 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : Jtvk (rundll32 "C:\Users\Petra Hejlková\AppData\Roaming\C_1143B.dll",cnem) -> DELETED
[SUSP PATH] HKCU\[...]\Run : HP (C:\Users\Petra Hejlková\AppData\Roaming\18F825.exe) -> DELETED
[SUSP PATH] HKCU\[...]\Run : Inspector (C:\Users\Petra Hejlková\AppData\Roaming\Protector-fvkr.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : a.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aAvgApi.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AAWTray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : About.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ackwin32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Ad-Aware.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : adaware.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : advxdwin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AdwarePrj.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : agent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : agentsvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : agentw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : alertsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : alevir.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : alogserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AlphaAV (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AlphaAV.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AluSchedulerSvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : amon9x.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : anti-trojan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Anti-Virus Professional.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntispywarXP2009.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : antivirus.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPlus (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPlus.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPro_2010.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusXP (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusXP.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : antivirusxppro2009.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntiVirus_Pro.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ants.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : apimonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aplica32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : apvxdwin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : arr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashAvast.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashBug.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashChest.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashCnsnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashDisp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashLogV.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashMaiSv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashPopWz.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashQuick.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashServ.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashSimp2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashSimpl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashSkPcc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashSkPck.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashUpd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashWebSv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aswChLic.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aswRegSvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aswRunDll.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aswUpdSv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atcon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atro55en.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atupdater.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atwatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : au.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : auto-protect.nav80try.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : autodown.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : autotrace.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : autoupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : av360.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avadmin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avastSvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avastUI.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AVCare.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avcenter.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avciman.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avconfig.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avconsol.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ave32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AVENGINE.EXE (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgcc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgchk.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgcmgr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgcsrvx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgctrl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgdumpx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgemc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgiproxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgnsx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgrsx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgscanx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgserv9.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgsrmax.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgtray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgupd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgwdsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avkpop.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avkserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avkservice.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avkwctl9.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avltmain.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avmailc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avmcdlg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avnotify.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avp32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avpcc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avpdos32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avpm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avptc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avpupd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avsched32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avshadow.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avsynmgr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avupgsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AVWEBGRD.EXE (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwin95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwinnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwsc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwupd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwupd32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwupsrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avxmonitor9x.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avxmonitornt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avxquar.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : b.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : backweb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bargains.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdfvcl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdfvwiz.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : BDInProcPatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdmcon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : BDMsnScan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : BDSurvey.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bd_professional.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : beagle.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : belt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bidef.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bidserver.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bipcp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bipcpevalsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bisp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : blackd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : blackice.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : blink.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : blss.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bootconf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bootwarn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : borg2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bpc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : brasil.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : brastk.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : brw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bs120.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bspatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bundle.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bvt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : c.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cavscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ccapp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ccevtmgr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ccpxysvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ccSvcHst.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cdp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfgwiz.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfiadmin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfiaudit.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfinet.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfinet32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfpconfg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfplogvw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfpupdat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : claw95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : claw95cf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : clean.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cleaner.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cleaner3.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cleanIELow.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cleanpc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : click.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmd32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmdagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmesys.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmgrdian.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmon016.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : connectionmonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : control (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cpd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cpf9x206.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cpfnt206.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : crashrep.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : csc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cssconfg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cssupdat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cssurf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ctrl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cwnb181.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cwntdwmo.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : d.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : datemanager.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dcomx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : defalert.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : defscangui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : defwatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : deloeminfs.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : deputy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : divx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dllcache.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dllreg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : doors.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dop.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dpf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dpfsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dpps2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : driverctrl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : drwatson.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : drweb32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : drwebupw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dssagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dvp95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dvp95_0.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ecengine.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : efpeadm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : emsw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : esafe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : escanhnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : escanv95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : espwatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ethereal.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : etrustcipe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : evpn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : exantivirus-cnet.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : exe.avxw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : expert.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : explore.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : f-agnt95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : f-prot.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : f-prot95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : f-stopw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fact.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fameh32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fast.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fch32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fih32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : findviru.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : firewall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fixcfg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fixfp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fnrb32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fp-win.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fp-win_trial.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fprot.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : frmwrk32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : frw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsaa.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav530stbyb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav530wtbyb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsgk32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsm32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsma32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsmb32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gator.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gbmenu.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gbn976rl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gbpoll.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : generics.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gmt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : guard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : guarddog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : guardgui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hacktracersetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hbinst.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hbsrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : History.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : homeav2010.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hotactio.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hotpatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : htlog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : htpatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hwpe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hxdl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hxiul.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iamapp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iamserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iamstats.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ibmasn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ibmavsp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : icload95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : icloadnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : icmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : icsupp95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : icsuppnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Identity.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : idle.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iedll.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iedriver.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : IEShow.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iface.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ifw2000.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : inetlnfo.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : infus.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : infwin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : init.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : init32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[1].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[2].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[3].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[4].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[5].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : intdel.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : intren.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iomon98.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : istsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : jammer.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : jdbgmrg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : jedi.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : JsRcGen.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kavlite40eng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kavpers40eng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kavpf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kazza.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : keenvalue.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kerio-pf-213-en-win.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kerio-wrl-421-en-win.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kerio-wrp-421-en-win.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : killprocesssetup161.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ldnetmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ldpro.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ldpromenu.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ldscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : licmgr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lnetinfo.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : loader.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : localnet.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lockdown.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lockdown2000.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lookout.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lordpe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : luall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : luau.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lucomserver.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : luinit.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : luspt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : MalwareRemoval.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mapisvc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcmnhdlr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcmpeng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcmscsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcnasvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcproxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : McSACore.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcshell.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcshield.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcsysmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mctool.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcvsrte.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcvsshld.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : md.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mfin32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mfw2en.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mfweng3.02d30.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mgavrtcl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mgavrte.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mghtml.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mgui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : minilog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mmod.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : monitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : moolive.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mostat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mpfagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mpfservice.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : MPFSrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mpftray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mrflux.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mrt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msa.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msapp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : MSASCui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msbb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msblast.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mscache.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msccn32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mscman.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msconfig (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msdm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msdos.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msiexec16.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mslaugh.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msmgt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msmsgri32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msseces.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mssmmc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mssys.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msvxd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mu0311ad.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mwatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : n32scanw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navap.navapsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navapsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navapw32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navdx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navlu32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navstub.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navw32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navwnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nc2000.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ncinst4.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ndd32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : neomonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : neowatchlog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netarmor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netd32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netinfo.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netscanpro.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netspyhunter-1.2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netutils.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nisserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nisum.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nmain.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nod32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : normist.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : norton_internet_secu_3.0_407.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : notstart.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : npf40_tw_98_nt_me_2k.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : npfmessenger.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nprotect.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : npscheck.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : npssvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nsched32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nssys32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nstask32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nsupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ntrtscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ntvdm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ntxconfig.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nupgrade.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nvarch16.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nvc95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nvsvc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nwinst4.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nwservice.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nwtool16.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : OAcat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : OAhlp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : OAReg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : oasrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : oaui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : oaview.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ODSW.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ollydbg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : onsrvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : optimize.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ostronet.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : otfix.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : outpost.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : outpostinstall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : outpostproinstall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ozn695m5.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : padmin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : panixk.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : patch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavcl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PavFnSvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavproxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavprsrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavsched.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavsrv51.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pccwin98.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pcfwallicon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pcip10117_0.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pcscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pctsAuxs.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pctsGui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pctsSvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pctsTray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PC_Antispyware2010.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pdfndr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pdsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PerAvir.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : periscope.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : persfw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : personalguard (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : personalguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : perswf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pf2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pfwadmin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pgmonitr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pingscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : platin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pop3trap.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : poproxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : popscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : portdetective.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : portmonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : powerscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ppinupdt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pptbc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ppvstop.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : prizesurfer.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : prmt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : prmvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : procdump.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : processmonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : procexplorerv1.0.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : programauditor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : proport.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : protector.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : protectx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PSANCU.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PSANHost.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PSANToManager.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PsCtrls.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PsImSvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PskSvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pspf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PSUNMain.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : purge.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : qconsole.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : qh.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : qserver.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Quick Heal.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : QuickHealCleaner.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rapapp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rav7.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rav7win.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rav8win32eng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rb32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rcsync.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : realmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : reged.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : regedit.exe (C:\Users\Petra Hejlková\AppData\Roaming\Protector-fvkr.exe reg) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : regedt32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rescue.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rescue32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rrguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rscdwld.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rshell.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rtvscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rtvscn95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rulaunch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rwg (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rwg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SafetyKeeper.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : safeweb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sahagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Save.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SaveArmor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SaveDefense.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SaveKeep.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : savenow.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sbserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : scam32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : scan32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : scan95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : scanpm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : scrscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Secure Veteran.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : secureveteran.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Security Center.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SecurityFighter.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : securitysoldier.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : serv95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : setloadorder.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : setupvameeval.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : setup_flowprotector_us.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sgssfw32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sh.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : shellspyinstall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : shield.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : shn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : showbehind.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : signcheck.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smart.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smartprotector.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smrtdefp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sms.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smss32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : snetcfg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : soap.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sofi.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SoftSafeness.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sperm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sphinx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spoler.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spoolcv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spoolsv32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spywarexpguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spyxx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : srexe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : srng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ss3edit.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ssgrate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ssg_4104.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : st2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : start.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : stcloader.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : supftrl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : support.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : supporter5.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : svc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : svchostc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : svchosts.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : svshost.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sweep95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sweepnet.sweepsrv.sys.swnetsup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : symlcsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : symproxysvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : symtray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : system.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : system32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sysupd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tapinstall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : taskmgr.exe (C:\Users\Petra Hejlková\AppData\Roaming\Protector-fvkr.exe task) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : taumon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tbscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tca.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tcm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tds-3.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tds2-98.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tds2-nt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : teekids.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tfak.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tfak5.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tgbob.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : titanin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : titaninxp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : TPSrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : trickler.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : trjscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : trjsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : trojantrap3.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : TrustWarrior.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tsadbot.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tsc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tvmd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tvtmd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : undoboot.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : updat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : upgrad.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : utpost.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vbcmserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vbcons.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vbust.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vbwin9x.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vbwinntw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vcsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vet32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vet95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vettray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vfsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vir-help.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : virusmdpersonalfirewall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : VisthAux.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : VisthLic.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : VisthUpd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vnlan300.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vnpc3000.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vpc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vpc42.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vpfw30s.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vptray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vscan40.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vscenu6.02d30.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vsched.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vsecomr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vshwin32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vsisetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vsmain.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vsmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vsstat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vswin9xe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vswinntse.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vswinperse.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : w32dsm89.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : W3asbas.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : w9x.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : watchdog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : webdav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : WebProxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : webscanx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : webtrap.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wfindv32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : whoswatchingme.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wimmun32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : win-bugsfix.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : win32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : win32us.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winactive.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : windll32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : window.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : windows Police Pro.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : windows.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wininetd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wininitx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winlogin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winmain.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winppr32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winrecon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winservn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winssk32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winstart.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winstart001.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wintsk32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wkufind.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wnad.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wradmin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wrctrl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wsbgate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wscfxas.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wscfxav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wscfxfw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wsctool.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wupdater.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wupdt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wyvernworksfirewall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : xpdeluxe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : xpf202en.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : xp_antispyware.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : zapro.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : zapsetup3001.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : zatutor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : zonalm2601.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : zonealarm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : _avp32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : _avpcc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : _avpm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ~1.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ~2.exe (svchost.exe) -> DELETED
[HJ] HKCU\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> REPLACED (1)
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> REPLACED (1)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost
::1 localhost
149.5.18.172 www.google-analytics.com.
149.5.18.172 ad-emea.doubleclick.net.
149.5.18.172 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9320325AS +++++
--- User ---
[MBR] 759be00d1ca2859cd8d6cba11c761227
[BSP] 7297a2b6258ac5cd65d4d57ddbe5391a : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15491 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31727616 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31932416 | Size: 289652 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Sony Storage Media USB Device +++++
--- User ---
[MBR] 660bef5e3756325f25414a59a143c11c
[BSP] f1ba199fd79381c0b89fc4703e66c8ed : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT16-LBA (0x0e) [VISIBLE] Offset (sectors): 63 | Size: 979 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt









RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v: Normální režim
Uživatel: Petra Hejlková [Práva správce]
Mód: Oprava HOSTS -- Datum: 03/28/2012 09:21:55

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost
::1 localhost
149.5.18.172 www.google-analytics.com.
149.5.18.172 ad-emea.doubleclick.net.
149.5.18.172 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt






RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v: Normální režim
Uživatel: Petra Hejlková [Práva správce]
Mód: Oprava Proxy -- Datum: 03/28/2012 09:22:34

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Záznamy Registrů: 0 ¤¤¤

Dokončeno : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt
Usmívej se, bude hůř! :)
Nahoru
jaGmann
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 148
Registrován: 28 úno 2007 12:28
Bydliště: za bukem

Re: Windows debug center

#6 Příspěvek od jaGmann »

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 7  (64 bit)
PROCESSOR      : Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
BOOT           : Normal Boot
DATE           : 2012/03/28 (ISO 8601) at 09:23:19
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __ST932032 5AS (0006)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk1\DR3 __Sony Storage Media (0100)
BUS_TYPE       : (0x07)  USB
USE_PIO        : NO
MAX_TRANSFER   : 64 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0	298.1 Go  [Fixed] ==> 7 MBR Code

MBR_MD5   : 759BE00D1CA2859CD8D6CBA11C761227
MBR_SHA1  : DA59194B2187806000FF056E4BB974740CB461B8

Device\Harddisk0\Partition1	15.13 Go  	0x27 RE Hidden partition 
Device\Harddisk0\Partition2	100.0 Mo  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition3	282.9 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

Device\Harddisk1\DR3	979.3 Mo  [Removable] ==> Unknown MBR Code

MBR_MD5   : 660BEF5E3756325F25414A59A143C11C
MBR_SHA1  : 4731AEB30FD20D13E805E7BBB7619F76566495DC

Device\Harddisk1\Partition1	979.2 Mo  	0x0E FAT16 [LBA]  __ BOOTABLE __
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x035DE000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00BAD000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00CBB000
SIZE    : 272.0 Ko

DRIVER  : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00D13000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00EB0000
SIZE    : 768.0 Ko

DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE    : 656.0 Ko

DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00F70000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x00F7F000
SIZE    : 348.0 Ko

DRIVER  : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00FD6000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00FDF000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00D71000
SIZE    : 204.0 Ko

DRIVER  : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00FE9000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00DA4000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\compbatt.sys => Invisible on the disk
ADDRESS : 0x00FF6000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\BATTC.SYS => Invisible on the disk
ADDRESS : 0x00EA4000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00DB9000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x00C00000
SIZE    : 368.0 Ko

DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x00C5C000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\drivers\iaStor.sys => Invisible on the disk
ADDRESS : 0x01056000
SIZE    : 2.04 Mo

DRIVER  : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x01260000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x0126B000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x012B7000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\drivers\mfehidk.sys => Invisible on the disk
ADDRESS : 0x012CB000
SIZE    : 508.0 Ko

DRIVER  : C:\Windows\System32\Drivers\PxHlpa64.sys => Invisible on the disk
ADDRESS : 0x0134A000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01436000
SIZE    : 1.63 Mo

DRIVER  : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x01356000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x015D8000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x01636000
SIZE    : 460.0 Ko

DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x016A9000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x016BA000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x016C4000
SIZE    : 968.0 Ko

DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x018F5000
SIZE    : 384.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01955000
SIZE    : 172.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01A01000
SIZE    : 1.99 Mo

DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x01980000
SIZE    : 296.0 Ko

DRIVER  : C:\Windows\system32\drivers\mfewfpk.sys => Invisible on the disk
ADDRESS : 0x01800000
SIZE    : 268.0 Ko

DRIVER  : C:\Windows\system32\drivers\TDI.SYS => Invisible on the disk
ADDRESS : 0x01843000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x01850000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x0189C000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x018A4000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x018DE000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x019CA000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x017B6000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\system32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x019D3000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01600000
SIZE    : 192.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x03EBC000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x03EE6000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x03EEF000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x03EF6000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x03F04000
SIZE    : 148.0 Ko

DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x03F29000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x03F39000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x03F42000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x03F4B000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x03F54000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x03F5F000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x03F70000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x03F8E000
SIZE    : 276.0 Ko

DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x03C00000
SIZE    : 548.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x03C89000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x03FD3000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x01400000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mfenlfk.sys => Invisible on the disk
ADDRESS : 0x01416000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x017F0000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x013B4000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\drivers\termdd.sys => Invisible on the disk
ADDRESS : 0x013CF000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x01000000
SIZE    : 324.0 Ko

DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x03C92000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x01427000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x013E3000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x00C76000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\drivers\blbdrive.sys => Invisible on the disk
ADDRESS : 0x00C94000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x00DCE000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\atikmdag.sys => Invisible on the disk
ADDRESS : 0x040A2000
SIZE    : 6.14 Mo

DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x046C7000
SIZE    : 976.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x04000000
SIZE    : 280.0 Ko

DRIVER  : C:\Windows\system32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x04046000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\drivers\HECIx64.sys => Invisible on the disk
ADDRESS : 0x0406A000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0x0407B000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x02EDD000
SIZE    : 344.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\NETw5s64.sys => Invisible on the disk
ADDRESS : 0x04A9A000
SIZE    : 7.38 Mo

DRIVER  : C:\Windows\system32\DRIVERS\vwifibus.sys => Invisible on the disk
ADDRESS : 0x04A00000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\sdbus.sys => Invisible on the disk
ADDRESS : 0x04A0D000
SIZE    : 128.0 Ko

DRIVER  : C:\Windows\system32\drivers\rimssne64.sys => Invisible on the disk
ADDRESS : 0x04A2D000
SIZE    : 128.0 Ko

DRIVER  : C:\Windows\system32\drivers\risdsne64.sys => Invisible on the disk
ADDRESS : 0x04A4D000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\yk62x64.sys => Invisible on the disk
ADDRESS : 0x02F33000
SIZE    : 404.0 Ko

DRIVER  : C:\Windows\system32\drivers\i8042prt.sys => Invisible on the disk
ADDRESS : 0x04A66000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\drivers\kbdclass.sys => Invisible on the disk
ADDRESS : 0x04A84000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\Apfiltr.sys => Invisible on the disk
ADDRESS : 0x02F98000
SIZE    : 316.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
ADDRESS : 0x02FE7000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\SFEP.sys => Invisible on the disk
ADDRESS : 0x04A93000
SIZE    : 12.0 Ko

DRIVER  : C:\Windows\system32\drivers\intelppm.sys => Invisible on the disk
ADDRESS : 0x02E00000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\drivers\CmBatt.sys => Invisible on the disk
ADDRESS : 0x02E16000
SIZE    : 20.0 Ko

DRIVER  : C:\Windows\system32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x02E1B000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x02E2B000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x02E41000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x02E65000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x02E71000
SIZE    : 188.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x02EA0000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x02EBB000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x047BB000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\serscan.sys => Invisible on the disk
ADDRESS : 0x02FF6000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x047D5000
SIZE    : 24.0 Ko

DRIVER  : C:\Windows\system32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0x05242000
SIZE    : 268.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys => Invisible on the disk
ADDRESS : 0x05285000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x0528F000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\umbus.sys => Invisible on the disk
ADDRESS : 0x05291000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x052A3000
SIZE    : 360.0 Ko

DRIVER  : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x052FD000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\RtHDMIVX.sys => Invisible on the disk
ADDRESS : 0x05312000
SIZE    : 220.0 Ko

DRIVER  : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x05349000
SIZE    : 244.0 Ko

DRIVER  : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x05386000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0x06E60000
SIZE    : 2.24 Mo

DRIVER  : C:\Windows\system32\drivers\mfeavfk.sys => Invisible on the disk
ADDRESS : 0x0709E000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\system32\drivers\mfefirek.sys => Invisible on the disk
ADDRESS : 0x070CB000
SIZE    : 424.0 Ko

DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x07135000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x07143000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x07160000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_iaStor.sys => Invisible on the disk
ADDRESS : 0x03C9E000
SIZE    : 2.04 Mo

DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x07162000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0x07175000
SIZE    : 184.0 Ko

DRIVER  : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x00090000
SIZE    : 3.08 Mo

DRIVER  : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x071A3000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x071AF000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x00560000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00710000
SIZE    : 156.0 Ko

DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x071BD000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\Sftvollh.sys => Invisible on the disk
ADDRESS : 0x071E0000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x06E00000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x06E21000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x053A8000
SIZE    : 332.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x06E36000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x05200000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x03AB1000
SIZE    : 800.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x03B79000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x03B97000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x03BAF000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x03A00000
SIZE    : 312.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x03A4E000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x08467000
SIZE    : 664.0 Ko

DRIVER  : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x0850D000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\Sftfslh.sys => Invisible on the disk
ADDRESS : 0x08518000
SIZE    : 732.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\Sftplaylh.sys => Invisible on the disk
ADDRESS : 0x08400000
SIZE    : 308.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x085CF000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x0844D000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x08CAE000
SIZE    : 412.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\Sftredirlh.sys => Invisible on the disk
ADDRESS : 0x08D15000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x08D20000
SIZE    : 596.0 Ko

DRIVER  : C:\Windows\system32\drivers\cfwids.sys => Invisible on the disk
ADDRESS : 0x08DB5000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x08DC3000
SIZE    : 216.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBSTOR.SYS => Invisible on the disk
ADDRESS : 0x08C4C000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\WUDFRd.sys => Invisible on the disk
ADDRESS : 0x08C67000
SIZE    : 196.0 Ko

DRIVER  : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x47D40000
SIZE    : 128.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.м.|.À.ؾ.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A 04 2F 18 0D 00 00 00 20   em...c{../..... 
0x000001C0   21 00 27 FE FF FF 00 08 00 00 00 18 E4 01 80 FE   !.'þ........ä..þ
0x000001D0   FF FF 07 FE FF FF 00 20 E4 01 00 20 03 00 00 FE   ...þ... ä.. ...þ
0x000001E0   FF FF 07 FE FF FF 00 40 E7 01 B0 A2 5B 23 00 00   ...þ...@ç.°¢[#..
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk1\DR3  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.м.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04   ¿..PW¹å.ó¤Ë½¾.±.
0x00000020   38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5   8n.|.u..Å.âôÍ..õ
0x00000030   83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B   .Æ.It.8,tö.µ.´..
0x00000040   F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88   ð¬<.tü»..´.Í.ëò.
0x00000050   4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B   N.èF.s*þF..~..t.
0x00000060   80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83   .~..t..¶.uÒ.F...
0x00000070   46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB   F...V..è!.s..¶.ë
0x00000080   BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0   ¼.>þ}Uªt..~..tÈ.
0x00000090   B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56   ·.ë©.ü.W.õË¿...V
0x000000A0   00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC   .´.Í.r#.Á$?..Þ.ü
0x000000B0   43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56   C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0   0A 77 23 72 05 39 46 08 73 1C EB 1A 90 BB 00 7C   .w#r.9F.s.ë..».|
0x000000D0   8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A   .N..V.Í.sQOtN2ä.
0x000000E0   56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD   V.Í.ëä.V.`»ªU´AÍ
0x000000F0   13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60   .r6.ûUªu0öÁ.t+a`
0x00000100   6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A   j.j..v..v.j.h.|j
0x00000110   01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B   .j.´B.ôÍ.aas.Ot.
0x00000120   32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 49 6E 76 61   2ä.V.Í.ëÖaùÃInva
0x00000130   6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61   lid partition ta
0x00000140   62 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E   ble.Error loadin
0x00000150   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x00000160   65 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61   em.Missing opera
0x00000170   74 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00   ting system.....
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 홮⡼雅콟؂谸뾧२ꉍ㇨㋿忕咴橻昮䐰櫥ᆓ梤弎얥Ȉ뻅ﹰ侍ﲓ೻㻿㓏梓癛�૸苿䧅ﹸ귙꣋쵒ᄫ삁ᶾ뉑뚠�嵶�៖椭땎荮캻᯲냑解⫇ﳢꖟ컆タ㈰ٶ˼傡㲗眸䝩ޡ細謹䁶ይ읋뭀ᷡ㛪騛㮕䃇튳὎ダ�⏹꺶㣥崥ᯏ峺䦯�ࠥ쀱佈非蟄쇖裖켰Ởˢꦪξ䂹㫰�怰莒ᣃ嫄䧩纶짽⩺੢㺜ො좬�鼽䊂闭範줨糽㷼ڵᘯ黦읗ᵓᤞ嫮罼얓䜤嚮袎䐠撈䉶俸嘥ᗿ௿뷿⏛ꞑ�䕶詎ꯅ參ᅍ鎗�玊圱檆ӧ蚶㢦昃齭魋奩ᑱ逰维◠᳨ສ痲놎꿕跄Ꞣ燯揑铋�熻ᣵ�3樲굿敏靗⼎ᦿ䊴螄螘엮쭴愽팬ⳉꆕ옗诪窱䔢垺豇⎓瀫ꃖ뽼⣢蓖௞꧴啱읹坨ⓒᮋ琥℃収쿅ﻨ䌫ࡍ帀罎�죤륛燿뷥侄뵀圶篏Ἁꋀ̋睫붳鏫�籊猩䋁ꋗꠤ엫ﳹⲵꟜ䎯넶໛ƃ⨮◯埤य蹰﷜᝹䨭斗Ⰴᱫ燢즯뜟嶰蝟櫓Ꮴ㏒禞�㶘✅ᄉ⊃䑦䪖碚펗片횒駅㋢軂쭤ၕ폘ॻᆍ蓧㵩蕽ჩ犉뱶⎻Ꝉ↖㮮螧畓䙧썽萼뇇皃붏漻�➥쯲騥䊜譇ꦈ薴鋩웚⭂꟯兝䋂厭鰜̀ˮ舫⹭뢰ݤ㟖祔䗿�烠뇧ῇ孄૚莴䱱傆恗퉨퓊巺맬풤螎鑉멿寧䣗嫒頮篼㟌᫓儋㠈댼쇊圲혴蜲趡枃ﶡ牾➐뙔㛯闂謍ᯬ쎞ግ䤟焈ꯩ㉉ي탫렜뭵槄▯鼙ⅳ왢쒰਱㥪謾憞᛬镫
Usmívej se, bude hůř! :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Windows debug center

#7 Příspěvek od vyosek »

:arrow: Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
jaGmann
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 148
Registrován: 28 úno 2007 12:28
Bydliště: za bukem

Re: Windows debug center

#8 Příspěvek od jaGmann »

ComboFix 12-03-28.01 - Petra Hejlková 28.03.2012 11:22:56.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3950.2699 [GMT 2:00]
Spuštěný z: c:\users\Petra Hejlkovß\Desktop\ComboFix.exe
AV: McAfee VirusScan *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Personal Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee VirusScan *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Petra Hejlková\AppData\Roaming\C_1143B.dll
c:\users\Petra Hejlková\AppData\Roaming\Protector-fvkr.exe
c:\windows\Temp\_ex-08.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-28 do 2012-03-28 )))))))))))))))))))))))))))))))
.
.
2012-03-28 09:28 . 2012-03-28 09:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-15 02:01 . 2011-11-19 18:30 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-15 02:01 . 2011-11-19 14:25 3957616 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-15 02:01 . 2011-11-19 14:25 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-04 09:58 . 2012-02-16 05:32 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 09:03 . 2012-02-16 05:32 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-01-03 06:24 . 2012-02-16 05:32 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-01-03 05:44 . 2012-02-16 05:32 478208 ----a-w- c:\windows\SysWow64\timedate.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-01 39408]
"HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2011-03-30 2547048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-09 98304]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
.
c:\users\Petra Hejlková\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series (Síť).lnk - c:\windows\system32\RunDll32.exe [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 136176]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 304496]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2010-05-25 252416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-05-31 1250160]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 13:44]
.
2012-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 13:44]
.
2012-03-28 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.idnes.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=2000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=inteldata\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,656¦lŘ ÖčR€ěb?#Â_ĂćéžáÔý'†KĚôĂ`ô·7eˆţřÖ–>ňAq†ű=źëôônŤEMZ ˝wÓ„;ľ•‰éş´ R"@™ů˛–f0ućĺZ/YěäĘfi4fSű9 Ťą2¬x{^%L]cŰ«‡ÚÜ<¸¸I•üˆO‰Ýç„‘ź @ÄK\ńÂ]\ÉěŤţ}1Ť}dÚDŤŞnë#ŘŽu6EȦĐ%ŇřQîáóŤ#3”6ŃţgMc— ôiŤ¦zńźŮw!SŁ”đ4WuᏍÖ]#2KŁ*‡Nľ›Ąć‡Í5Ŕ¶űĘN|^[Ô ĽÇtŘŘ)LÉs;Śé”6hއ˙E]Č;?&DfšžPÓŠV=ąÍiŠ5ĽŻ
hÂ!źZ- k7_3’¤ýłę–t9fąáë®Xă—s!ĺ'%â„{ßÁťŘyˇ¶©UĆDµÔă
Usmívej se, bude hůř! :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Windows debug center

#9 Příspěvek od vyosek »

:arrow: Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe
  • Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

  • Kód: Vybrat vše

    :services
gupdatem
gupdate

:reg
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"HP Software Update"=-

:files
C:\Users\Petra Hejlková\AppData\Roaming\*.exe
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
  • Kliknete na cervene tlacitko MoveIt!
  • Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
jaGmann
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 148
Registrován: 28 úno 2007 12:28
Bydliště: za bukem

Re: Windows debug center

#10 Příspěvek od jaGmann »

nepodarilo se mi OTM spustit :(
V normalnim rezimu se nic po povoleni admin. spusteni nic nestane
a v nouzovem vyhodi hlasku aplikaci 0xc000007b se nepodarilo spravne spustit.
:cry:
Usmívej se, bude hůř! :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Windows debug center

#11 Příspěvek od vyosek »

:arrow: Pokud nemate, tak presunte Combofix na plochu
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"HP Software Update"=-

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Collect::
C:\Users\Petra Hejlková\AppData\Roaming\18F825.exe
C:\Users\Petra Hejlková\AppData\Roaming\C_1143B.dll

Driver::
gupdate
gupdatem

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

ClearJavaCache::

Reboot::
  • Ulozte vytvoreny TXT jako CFScript.txt
  • Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
    Obrázek
  • Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
:arrow: Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
jaGmann
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 148
Registrován: 28 úno 2007 12:28
Bydliště: za bukem

Re: Windows debug center

#12 Příspěvek od jaGmann »

ComboFix 12-03-28.01 - Petra Hejlková 28.03.2012 15:34:33.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3950.2512 [GMT 2:00]
Spuštěný z: c:\users\Petra Hejlkovß\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petra Hejlkovß\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-28 do 2012-03-28 )))))))))))))))))))))))))))))))
.
.
2012-03-28 13:43 . 2012-03-28 13:43 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{69E14DC6-1F33-4C3C-B210-8D1E0EF3AB57}\offreg.dll
2012-03-28 13:42 . 2012-03-28 13:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-28 12:38 . 2012-03-28 12:38 -------- d-----w- c:\programdata\ATI
2012-03-28 12:32 . 2012-03-28 12:32 -------- d-----w- C:\SPLASH.SYS
2012-03-28 12:01 . 2012-03-28 13:05 -------- d-----w- C:\Update
2012-03-28 11:54 . 2012-03-28 11:54 -------- d-----w- c:\users\Petra Hejlková\AppData\Roaming\Auslogics
2012-03-28 10:09 . 2012-03-28 10:09 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-03-28 10:09 . 2012-03-28 10:09 -------- d-----w- c:\program files (x86)\Java
2012-03-28 09:40 . 2012-03-20 01:51 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{69E14DC6-1F33-4C3C-B210-8D1E0EF3AB57}\mpengine.dll
2012-03-15 02:01 . 2011-11-19 18:30 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-15 02:01 . 2011-11-19 14:25 3957616 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-15 02:01 . 2011-11-19 14:25 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-28 10:09 . 2010-08-01 14:01 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-01-04 09:58 . 2012-02-16 05:32 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 09:03 . 2012-02-16 05:32 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-01-03 06:24 . 2012-02-16 05:32 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-01-03 05:44 . 2012-02-16 05:32 478208 ----a-w- c:\windows\SysWow64\timedate.cpl
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-28_09.29.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-02-19 21:03 . 2011-02-19 21:03 81744 c:\windows\SysWOW64\mfcm100u.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 81744 c:\windows\SysWOW64\mfcm100.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 60752 c:\windows\SysWOW64\mfc100rus.dll
- 2010-03-18 08:15 . 2010-03-18 08:15 60752 c:\windows\SysWOW64\mfc100rus.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 43344 c:\windows\SysWOW64\mfc100kor.dll
- 2010-03-18 08:15 . 2010-03-18 08:15 43344 c:\windows\SysWOW64\mfc100kor.dll
- 2010-03-18 08:15 . 2010-03-18 08:15 43856 c:\windows\SysWOW64\mfc100jpn.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 43856 c:\windows\SysWOW64\mfc100jpn.dll
- 2010-03-18 08:15 . 2010-03-18 08:15 62288 c:\windows\SysWOW64\mfc100ita.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 62288 c:\windows\SysWOW64\mfc100ita.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 36176 c:\windows\SysWOW64\mfc100cht.dll
- 2010-03-18 08:15 . 2010-03-18 08:15 36176 c:\windows\SysWOW64\mfc100cht.dll
- 2010-03-18 08:15 . 2010-03-18 08:15 36176 c:\windows\SysWOW64\mfc100chs.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 36176 c:\windows\SysWOW64\mfc100chs.dll
- 2010-03-18 08:15 . 2010-03-18 08:15 64336 c:\windows\SysWOW64\mfc100fra.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 64336 c:\windows\SysWOW64\mfc100fra.dll
- 2010-03-18 08:15 . 2010-03-18 08:15 63824 c:\windows\SysWOW64\mfc100esn.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 63824 c:\windows\SysWOW64\mfc100esn.dll
- 2010-03-18 08:15 . 2010-03-18 08:15 55120 c:\windows\SysWOW64\mfc100enu.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 55120 c:\windows\SysWOW64\mfc100enu.dll
- 2010-03-18 08:15 . 2010-03-18 08:15 64336 c:\windows\SysWOW64\mfc100deu.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 64336 c:\windows\SysWOW64\mfc100deu.dll
+ 2012-03-28 13:01 . 2012-03-28 13:01 13396 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-03-28 09:12 . 2012-03-28 09:12 13396 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2009-07-14 04:54 . 2012-03-28 13:03 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-28 09:13 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-28 13:03 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-28 09:13 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-28 09:13 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-28 13:03 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-10-08 06:55 . 2010-10-08 06:55 28160 c:\windows\SysWOW64\atiuxpag.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 20480 c:\windows\SysWOW64\atiu9pag.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 52224 c:\windows\SysWOW64\atimpc32.dll
+ 2010-07-21 00:13 . 2010-10-08 06:55 52224 c:\windows\SysWOW64\atimpc32.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 12800 c:\windows\SysWOW64\atiglpxx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 14848 c:\windows\SysWOW64\atigktxx.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 53248 c:\windows\SysWOW64\aticalrt.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 53248 c:\windows\SysWOW64\aticalrt.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 53248 c:\windows\SysWOW64\aticalcl.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 53248 c:\windows\SysWOW64\aticalcl.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 43520 c:\windows\SysWOW64\ati2edxx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 43520 c:\windows\SysWOW64\ati2edxx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 52224 c:\windows\SysWOW64\amdpcom32.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 52224 c:\windows\SysWOW64\amdpcom32.dll
+ 2010-07-20 23:22 . 2012-03-28 13:05 53530 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-28 13:05 33766 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-02-19 20:51 . 2011-02-19 20:51 93008 c:\windows\system32\mfcm100u.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 93008 c:\windows\system32\mfcm100.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 60752 c:\windows\system32\mfc100rus.dll
- 2010-03-18 08:36 . 2010-03-18 08:36 60752 c:\windows\system32\mfc100rus.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 43344 c:\windows\system32\mfc100kor.dll
- 2010-03-18 08:36 . 2010-03-18 08:36 43344 c:\windows\system32\mfc100kor.dll
- 2010-03-18 08:36 . 2010-03-18 08:36 43856 c:\windows\system32\mfc100jpn.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 43856 c:\windows\system32\mfc100jpn.dll
- 2010-03-18 08:36 . 2010-03-18 08:36 62288 c:\windows\system32\mfc100ita.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 62288 c:\windows\system32\mfc100ita.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 36176 c:\windows\system32\mfc100cht.dll
- 2010-03-18 08:36 . 2010-03-18 08:36 36176 c:\windows\system32\mfc100cht.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 36176 c:\windows\system32\mfc100chs.dll
- 2010-03-18 08:36 . 2010-03-18 08:36 36176 c:\windows\system32\mfc100chs.dll
- 2010-03-18 08:36 . 2010-03-18 08:36 64336 c:\windows\system32\mfc100fra.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 64336 c:\windows\system32\mfc100fra.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 63824 c:\windows\system32\mfc100esn.dll
- 2010-03-18 08:36 . 2010-03-18 08:36 63824 c:\windows\system32\mfc100esn.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 55120 c:\windows\system32\mfc100enu.dll
- 2010-03-18 08:36 . 2010-03-18 08:36 55120 c:\windows\system32\mfc100enu.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 64336 c:\windows\system32\mfc100deu.dll
- 2010-03-18 08:36 . 2010-03-18 08:36 64336 c:\windows\system32\mfc100deu.dll
- 2009-07-14 05:30 . 2012-03-28 09:12 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2012-03-28 12:36 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2010-10-08 06:55 . 2010-10-08 06:55 55296 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\coinst.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 28732 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\ativvsny.dat
+ 2010-10-08 06:55 . 2010-10-08 06:55 26936 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\ativvsnl.dat
+ 2010-10-08 06:55 . 2010-10-08 06:55 28160 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiuxpag.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 36864 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiuxp64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 20480 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiu9pag.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 28160 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiu9p64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 51200 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\ATIODCLI.exe
+ 2010-10-08 06:55 . 2010-10-08 06:55 12288 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atimuixx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 53248 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atimpc64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 52224 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atimpc32.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 12800 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiglpxx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 14848 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atigktxx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 16384 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atig6txx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 14848 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atig6pxx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 59392 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiedu64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 43008 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\aticalrt64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 53248 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\aticalrt.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 39936 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\aticalcl64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 53248 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\aticalcl.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 53248 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\ati2erec.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 43520 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\ati2edxx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 53248 c:\windows\system32\drivers\ati2erec.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 53248 c:\windows\system32\drivers\ati2erec.dll
+ 2010-08-01 13:21 . 2012-03-28 13:06 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-08-01 13:21 . 2012-03-28 09:16 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-08-01 13:21 . 2012-03-28 13:06 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-28 13:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-28 09:16 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-10-08 06:55 . 2010-10-08 06:55 55296 c:\windows\system32\coinst.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 36864 c:\windows\system32\atiuxp64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 28160 c:\windows\system32\atiu9p64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 12288 c:\windows\system32\atimuixx.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 12288 c:\windows\system32\atimuixx.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 53248 c:\windows\system32\atimpc64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 53248 c:\windows\system32\atimpc64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 12800 c:\windows\system32\atiglpxx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 16384 c:\windows\system32\atig6txx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 14848 c:\windows\system32\atig6pxx.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 59392 c:\windows\system32\atiedu64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 59392 c:\windows\system32\atiedu64.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 43008 c:\windows\system32\aticalrt64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 43008 c:\windows\system32\aticalrt64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 39936 c:\windows\system32\aticalcl64.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 39936 c:\windows\system32\aticalcl64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 53248 c:\windows\system32\amdpcom64.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 53248 c:\windows\system32\amdpcom64.dll
+ 2009-07-14 04:46 . 2012-03-28 13:06 78512 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2011-08-22 18:07 . 2012-03-28 09:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-22 18:07 . 2012-03-28 13:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-22 18:07 . 2012-03-28 13:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-08-22 18:07 . 2012-03-28 09:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-03-28 12:35 . 2012-03-28 12:35 10134 c:\windows\Installer\{F7E8DD1D-9BFD-38BB-86A5-BEF313B00C51}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{F67C14C0-D73E-C55B-E132-B1904A1A709C}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{F5CC9A13-6C57-4948-75A8-3A2C92A3183B}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{F30FE437-0E45-D409-F629-5D86960A6591}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 44758 c:\windows\Installer\{F1B95046-E9DA-CFEC-42A8-C8224646AA32}\NewShortcut11_EAB9635D261D49BE88DDE71A7C809B2D.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{F1B95046-E9DA-CFEC-42A8-C8224646AA32}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{ECF0D151-BCA0-8E6D-62DB-5D44DB4A3836}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{EBDDC3CC-343A-C0DD-79BA-8A12D0A2CA10}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{DF693121-40C0-3020-D655-612E51616423}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{D6DEC295-88A0-5CFA-0B29-C8FDF091FFD3}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{D49989B0-7BC2-F7F1-8017-3257F617347A}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{C83B7CBB-C736-BF46-9832-7A9D07E9D94C}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{C5529BC1-C2BF-44E8-B62A-01913D70081C}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{C459D829-0FF0-C210-B2BF-83DB63FC1D61}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{C2E171F6-9B58-4CE1-7B8B-B69FA04EBAB8}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{BFF37C6E-D735-4487-390C-271E030AA62C}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{A8D53A4E-77A1-E23E-A396-6D9C86A2F273}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{9C73041C-AB71-995D-EEC7-B4E940F93F36}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{8EB34C0B-AF54-F265-844C-3E6FA9AE2FCD}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{88001121-87E2-2104-F9F5-ECC15DFCA1E0}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{7A63F0C4-6B2B-694C-ED72-D0670612BC29}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{76DECE17-BCF5-9640-2854-3CA049834A40}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{7002773F-2A53-E9F2-E161-DB3DDA0F05BE}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{6A3F204B-323C-7E32-F890-A7308768728D}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{61F569A3-1647-B6F4-08C8-40A011831827}\ARPPRODUCTICON.exe
+ 2012-03-28 12:35 . 2012-03-28 12:35 77542 c:\windows\Installer\{5BC83141-83DD-07BE-C940-04B385540F04}\NewShortcut5_3B1A0823966A48909E77539C330FBF6E.exe
+ 2012-03-28 12:35 . 2012-03-28 12:35 77542 c:\windows\Installer\{5BC83141-83DD-07BE-C940-04B385540F04}\NewShortcut4_3B1A0823966A48909E77539C330FBF6E.exe
+ 2012-03-28 12:35 . 2012-03-28 12:35 77542 c:\windows\Installer\{5BC83141-83DD-07BE-C940-04B385540F04}\NewShortcut3_3B1A0823966A48909E77539C330FBF6E.exe
+ 2012-03-28 12:35 . 2012-03-28 12:35 77542 c:\windows\Installer\{5BC83141-83DD-07BE-C940-04B385540F04}\NewShortcut2_3B1A0823966A48909E77539C330FBF6E.exe
+ 2012-03-28 12:35 . 2012-03-28 12:35 77542 c:\windows\Installer\{5BC83141-83DD-07BE-C940-04B385540F04}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{5736590B-36C7-4881-5EBE-F9B390F00774}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{4E6DF745-C99E-909F-BCF0-B7C24A51E56E}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{44D25B45-5C0E-2187-6739-E2FA0E8AFE1D}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{427E8AD0-A4B1-D225-836E-CCB6068B490A}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{35111E7A-03B9-25EC-F434-A1CD976907FC}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{265F0D95-A883-7162-0458-B78085B6B693}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{259FD439-13B0-0136-D0A0-FA89BB05831D}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{159E5135-4BEA-52B7-8CDC-823F1ED6D8A5}\ARPPRODUCTICON.exe
+ 2012-03-28 12:32 . 2012-03-28 12:32 59232 c:\windows\Installer\{13EC74A6-4707-4D26-B9B9-E173403F3B08}\ARPPRODUCTICON.exe
+ 2012-03-28 12:37 . 2012-03-28 12:37 10134 c:\windows\Installer\{07B7598E-1FB8-1A95-7A30-F534A55726B4}\ARPPRODUCTICON.exe
+ 2012-03-28 13:01 . 2012-03-28 13:01 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\MusicDataAccessIF\2ef3af886b1b3716ed29b904125fd9b3\MusicDataAccessIF.ni.dll
+ 2012-03-28 12:37 . 2012-03-28 12:37 19968 c:\windows\assembly\GAC_MSIL\PCKGHLP.Foundation.Implementation\2.0.3915.37236__90ba9c70f846762e\PCKGHLP.Foundation.Implementation.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 15360 c:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3915.37086__90ba9c70f846762e\NEWAEM.Foundation.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 65536 c:\windows\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e\MOM.EXE
+ 2012-03-28 12:37 . 2012-03-28 12:37 65536 c:\windows\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e\MOM.EXE
+ 2012-03-28 12:37 . 2012-03-28 12:37 86016 c:\windows\assembly\GAC_MSIL\LOG\2.0.3915.37218__90ba9c70f846762e\LOG.EXE
+ 2012-03-28 12:37 . 2012-03-28 12:37 32768 c:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3915.37084__90ba9c70f846762e\LOG.Foundation.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 36864 c:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3915.37087__90ba9c70f846762e\LOG.Foundation.Private.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 65536 c:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3915.37217__90ba9c70f846762e\LOG.Foundation.Implementation.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 20480 c:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3915.37088__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 16384 c:\windows\assembly\GAC_MSIL\DEM.OS\2.0.3337.29364__90ba9c70f846762e\DEM.OS.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 16384 c:\windows\assembly\GAC_MSIL\DEM.OS\2.0.3337.29364__90ba9c70f846762e\DEM.OS.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 20480 c:\windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3337.29328__90ba9c70f846762e\DEM.OS.I0602.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 20480 c:\windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3337.29328__90ba9c70f846762e\DEM.OS.I0602.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 16384 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 16384 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 20480 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 20480 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 16384 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 16384 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 45056 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 45056 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 16384 c:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 16384 c:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 65536 c:\windows\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e\CLI.EXE
+ 2012-03-28 12:37 . 2012-03-28 12:37 65536 c:\windows\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e\CLI.EXE
+ 2012-03-28 12:37 . 2012-03-28 12:37 20480 c:\windows\assembly\GAC_MSIL\CLI.Implementation\2.0.3915.37089__90ba9c70f846762e\CLI.Implementation.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 98304 c:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3915.37085__90ba9c70f846762e\CLI.Foundation.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 28672 c:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3915.37220__90ba9c70f846762e\CLI.Foundation.XManifest.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 40960 c:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3915.37089__90ba9c70f846762e\CLI.Foundation.Private.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3915.37087__90ba9c70f846762e\CLI.Component.Wizard.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 11776 c:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3915.37116__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 57344 c:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3915.37095__90ba9c70f846762e\CLI.Component.SkinFactory.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 61440 c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3915.37093__90ba9c70f846762e\CLI.Component.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 49152 c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3915.37090__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 81920 c:\windows\assembly\GAC_MSIL\CLI.Component.PowerXpressHybrid\2.0.3915.37254__90ba9c70f846762e\CLI.Component.PowerXpressHybrid.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Load\2.0.3915.37217__90ba9c70f846762e\CLI.Component.Load.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Icomponent\2.0.3915.37125__90ba9c70f846762e\CLI.Component.Icomponent.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Help\2.0.3915.37217__90ba9c70f846762e\CLI.Component.Help.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 61440 c:\windows\assembly\GAC_MSIL\CLI.Component.Erecord\2.0.3915.37138__90ba9c70f846762e\CLI.Component.Erecord.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 24576 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3915.37087__90ba9c70f846762e\CLI.Component.Dashboard.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 10240 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3915.37101__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 65536 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.ProfileManager.Resources\2.0.3915.37145__90ba9c70f846762e\CLI.Component.Dashboard.ProfileManager.Resources.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 65536 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.HotKeyManager.Resources\2.0.3915.37145__90ba9c70f846762e\CLI.Component.Dashboard.HotKeyManager.Resources.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 40960 c:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3915.37101__90ba9c70f846762e\CLI.Component.Client.Shared.Private.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 24576 c:\windows\assembly\GAC_MSIL\CLI.Component.AutoRemoval\2.0.3915.37200__90ba9c70f846762e\CLI.Component.Autoremoval.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 40960 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3915.37118__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 16384 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3915.37117__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 73728 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3915.37108__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 16384 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3915.37107__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Shared\2.0.3915.37249__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Runtime\2.0.3915.37250__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 90112 c:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Dashboard\2.0.3915.37249__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 13312 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3915.37268__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 65536 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3915.37229__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3915.37124__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3915.37124__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 61440 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3915.37125__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Shared\2.0.3915.37168__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime\2.0.3915.37168__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3915.37227__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 13824 c:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Runtime\2.0.3915.37271__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Shared\2.0.3915.37137__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Runtime\2.0.3915.37138__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 94208 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3915.37179__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 57344 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3915.37178__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 65536 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3915.37178__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 12800 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.3915.37193__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Runtime\2.0.3915.37241__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3915.37193__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3915.37226__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Shared\2.0.3915.37193__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 49152 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Runtime\2.0.3915.37229__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Shared\2.0.3915.37169__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 49152 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Runtime\2.0.3915.37170__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 61440 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3915.37242__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 77824 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3915.37242__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3915.37139__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 69632 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3915.37139__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Shared\2.0.3915.37211__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Runtime\2.0.3915.37247__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 12800 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Shared\2.0.3915.37194__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Runtime\2.0.3915.37220__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Shared\2.0.3915.37161__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Runtime\2.0.3915.37161__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 65536 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3915.37146__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3915.37095__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3915.37109__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 69632 c:\windows\assembly\GAC_MSIL\CLI.Aspect.FramelockGenlock.Graphics.Shared\2.0.3915.37258__90ba9c70f846762e\CLI.Aspect.FramelockGenlock.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 77824 c:\windows\assembly\GAC_MSIL\CLI.Aspect.FramelockGenlock.Graphics.Runtime\2.0.3915.37259__90ba9c70f846762e\CLI.Aspect.FramelockGenlock.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3915.37166__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 40960 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3915.37167__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 94208 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3915.37167__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3915.37109__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 40960 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3915.37131__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 65536 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3915.37200__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 77824 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3915.37201__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 49152 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3915.37108__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 53248 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3915.37158__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3915.37108__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3915.37169__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 53248 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3915.37122__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 65536 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3915.37158__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 40960 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3915.37170__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 69632 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3915.37171__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 53248 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3915.37158__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3915.37159__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 98304 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard\2.0.3915.37146__90ba9c70f846762e\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private\2.0.3915.37146__90ba9c70f846762e\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3915.37122__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 57344 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossFireX.Graphics.Dashboard\2.0.3915.37261__90ba9c70f846762e\CLI.Aspect.CrossFireX.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 15360 c:\windows\assembly\GAC_MSIL\CLI.Aspect.ALICrossfire.Graphics.Shared\2.0.3915.37210__90ba9c70f846762e\CLI.Aspect.ALICrossfire.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.ALICrossfire.Graphics.Runtime\2.0.3915.37257__90ba9c70f846762e\CLI.Aspect.ALICrossfire.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 57344 c:\windows\assembly\GAC_MSIL\CLI.Aspect.ALICrossfire.Graphics.Dashboard\2.0.3915.37258__90ba9c70f846762e\CLI.Aspect.ALICrossfire.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 12288 c:\windows\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Runtime\2.0.3915.37235__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 61440 c:\windows\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Dashboard\2.0.3915.37235__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Dashboard.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 65536 c:\windows\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e\CCC.EXE
+ 2012-03-28 12:37 . 2012-03-28 12:37 65536 c:\windows\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e\CCC.EXE
+ 2012-03-28 12:37 . 2012-03-28 12:37 19456 c:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3915.37219__90ba9c70f846762e\CCC.Implementation.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 14848 c:\windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 14848 c:\windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 45056 c:\windows\assembly\GAC_MSIL\AxInterop.SHDocVw\1.1.0.0__90ba9c70f846762e\AxInterop.SHDocVw.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 45056 c:\windows\assembly\GAC_MSIL\AxInterop.SHDocVw\1.1.0.0__90ba9c70f846762e\AxInterop.SHDocVw.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 32768 c:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 32768 c:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 61440 c:\windows\assembly\GAC_MSIL\APM.Server\2.0.3915.37092__90ba9c70f846762e\APM.Server.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 20480 c:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3915.37086__90ba9c70f846762e\APM.Foundation.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 61440 c:\windows\assembly\GAC_MSIL\AEM.UI\2.0.3915.37219__90ba9c70f846762e\AEM.UI.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 45056 c:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3915.37092__90ba9c70f846762e\AEM.Server.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 45056 c:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3915.37236__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 24576 c:\windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 24576 c:\windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 13312 c:\windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 13312 c:\windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 49152 c:\windows\assembly\GAC\Interop.NewIWshRuntimeLibrary\1.0.0.0__90ba9c70f846762e\Interop.NewIWshRuntimeLibrary.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 49152 c:\windows\assembly\GAC\Interop.NewIWshRuntimeLibrary\1.0.0.0__90ba9c70f846762e\Interop.NewIWshRuntimeLibrary.DLL
+ 2010-10-08 06:55 . 2010-10-08 06:55 2023 c:\windows\SysWOW64\atipblag.dat
+ 2011-07-10 18:36 . 2012-03-28 13:05 6624 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-421640176-2901575674-168843555-1000_UserData.bin
+ 2010-10-08 06:55 . 2010-10-08 06:55 2023 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atipblag.dat
+ 2010-10-08 06:55 . 2010-10-08 06:55 2023 c:\windows\system32\atipblag.dat
- 2012-03-28 09:13 . 2012-03-28 09:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-28 13:02 . 2012-03-28 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-28 13:02 . 2012-03-28 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-03-28 09:13 . 2012-03-28 09:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-28 12:37 . 2012-03-28 12:37 7168 c:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3915.37093__90ba9c70f846762e\ResourceManagement.Foundation.Private.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 6656 c:\windows\assembly\GAC_MSIL\PCKGHLP.Foundation.Private\2.0.3915.37101__90ba9c70f846762e\PCKGHLP.Foundation.Private.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 5632 c:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3915.37088__90ba9c70f846762e\MOM.Foundation.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 6656 c:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3915.37095__90ba9c70f846762e\DEM.Graphics.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 5632 c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3915.37089__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 7168 c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3915.37091__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 7680 c:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3915.37087__90ba9c70f846762e\CLI.Component.Client.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 8704 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3915.37124__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 9728 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3915.37228__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 7680 c:\windows\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Shared\2.0.3915.37193__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 7168 c:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 7168 c:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 7680 c:\windows\assembly\GAC_MSIL\AEM.UI.Shared\2.0.3915.37219__90ba9c70f846762e\AEM.UI.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 6144 c:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3915.37091__90ba9c70f846762e\AEM.Server.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 6656 c:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3915.37090__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 5632 c:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.GD.Shared\2.0.3915.37234__90ba9c70f846762e\AEM.Plugin.Source.GD.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 5632 c:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.EEU.Shared\2.0.3915.37233__90ba9c70f846762e\AEM.Plugin.Source.EEU.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 5632 c:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3915.37235__90ba9c70f846762e\AEM.Plugin.REG.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 7168 c:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3915.37086__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 5632 c:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3915.37095__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 5632 c:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3915.37091__90ba9c70f846762e\AEM.Plugin.EEU.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 6656 c:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3915.37226__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 8192 c:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3915.37090__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL
+ 2011-02-18 22:40 . 2011-02-18 22:40 773968 c:\windows\SysWOW64\msvcr100.dll
- 2010-03-18 08:15 . 2010-03-18 08:15 421200 c:\windows\SysWOW64\msvcp100.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 421200 c:\windows\SysWOW64\msvcp100.dll
+ 2012-03-28 10:09 . 2012-03-28 10:09 157472 c:\windows\SysWOW64\javaws.exe
- 2011-08-26 09:29 . 2011-08-26 09:29 157472 c:\windows\SysWOW64\javaws.exe
+ 2012-03-28 10:09 . 2012-03-28 10:09 149280 c:\windows\SysWOW64\javaw.exe
+ 2012-03-28 10:09 . 2012-03-28 10:09 149280 c:\windows\SysWOW64\java.exe
+ 2011-07-14 18:02 . 2011-07-14 18:02 324728 c:\windows\SysWOW64\elevator.exe
- 2009-06-02 13:23 . 2009-06-02 13:23 324728 c:\windows\SysWOW64\elevator.exe
+ 2011-02-19 21:03 . 2011-02-19 21:03 138056 c:\windows\SysWOW64\atl100.dll
- 2010-03-18 08:15 . 2010-03-18 08:15 138056 c:\windows\SysWOW64\atl100.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 356352 c:\windows\SysWOW64\atipdlxx.dll
+ 2010-07-21 00:13 . 2010-10-08 06:55 356352 c:\windows\SysWOW64\atipdlxx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 489472 c:\windows\SysWOW64\aticfx32.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 237568 c:\windows\SysWOW64\atiadlxy.dll
+ 2011-08-22 19:42 . 2012-03-28 11:27 249344 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2011-02-18 22:52 . 2011-02-18 22:52 829264 c:\windows\system32\msvcr100.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 608080 c:\windows\system32\msvcp100.dll
+ 2009-07-14 05:30 . 2012-03-28 12:36 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-03-28 09:12 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-03-28 09:12 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2012-03-28 12:35 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2010-10-08 06:55 . 2010-10-08 06:55 120320 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atitmm64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 356352 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atipdlxx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 421376 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atipdl64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 332288 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\ATIODE.exe
+ 2010-10-08 06:55 . 2010-10-08 06:55 195584 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atikmpag.sys
+ 2010-10-08 06:55 . 2010-10-08 06:55 202234 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiicdxx.dat
+ 2010-10-08 06:55 . 2010-10-08 06:55 202752 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiesrxx.exe
+ 2010-10-08 06:55 . 2010-10-08 06:55 455168 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atieclxx.exe
+ 2010-10-08 06:55 . 2010-10-08 06:55 446464 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\ATIDEMGX.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 553472 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\aticfx64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 489472 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\aticfx32.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 118784 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atibtmon.exe
+ 2010-10-08 06:55 . 2010-10-08 06:55 143360 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiapfxx.exe
+ 2010-10-08 06:55 . 2010-10-08 06:55 237568 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiadlxy.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 334336 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiadlxx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 195584 c:\windows\system32\drivers\atikmpag.sys
- 2010-03-18 08:36 . 2010-03-18 08:36 158536 c:\windows\system32\atl100.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 158536 c:\windows\system32\atl100.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 120320 c:\windows\system32\atitmm64.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 120320 c:\windows\system32\atitmm64.dll
- 2010-07-21 00:13 . 2010-06-24 20:06 421376 c:\windows\system32\atipdl64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 421376 c:\windows\system32\atipdl64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 202234 c:\windows\system32\atiicdxx.dat
- 2010-07-21 00:13 . 2010-06-24 20:06 202752 c:\windows\system32\atiesrxx.exe
+ 2010-10-08 06:55 . 2010-10-08 06:55 202752 c:\windows\system32\atiesrxx.exe
+ 2010-10-08 06:55 . 2010-10-08 06:55 455168 c:\windows\system32\atieclxx.exe
+ 2010-10-08 06:55 . 2010-10-08 06:55 446464 c:\windows\system32\ATIDEMGX.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 553472 c:\windows\system32\aticfx64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 143360 c:\windows\system32\atiapfxx.exe
+ 2010-10-08 06:55 . 2010-10-08 06:55 334336 c:\windows\system32\atiadlxx.dll
- 2011-07-07 19:37 . 2012-03-09 18:09 305120 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-07-07 19:37 . 2012-03-28 12:38 305120 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-07-14 05:01 . 2012-03-28 13:01 267928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-03-28 09:12 267928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-10-08 06:54 . 2010-10-08 06:54 279552 c:\windows\Installer\89b288.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 940032 c:\windows\Installer\89b276.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 753152 c:\windows\Installer\89b216.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 994816 c:\windows\Installer\89b1eb.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 409600 c:\windows\Installer\89b1e5.msi
+ 2010-10-08 06:53 . 2010-10-08 06:53 440320 c:\windows\Installer\89b1d3.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 449024 c:\windows\Installer\89afad.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 231936 c:\windows\Installer\89af42.msi
+ 2012-03-28 12:33 . 2012-03-28 12:33 940032 c:\windows\Installer\89af3c.msi
+ 2012-03-28 10:09 . 2012-03-28 10:09 207360 c:\windows\Installer\1f6d4.msi
+ 2012-03-28 12:34 . 2012-03-28 12:34 367686 c:\windows\Installer\{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}\ARPPRODUCTICON.exe
+ 2012-03-28 13:00 . 2012-03-28 13:00 367686 c:\windows\Installer\{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}\ARPPRODUCTICON.exe
+ 2012-03-28 13:01 . 2012-03-28 13:01 653312 c:\windows\assembly\NativeImages_v2.0.50727_32\PreviewControls\5806a28934a4e7e8a4e17ff000f06505\PreviewControls.ni.dll
+ 2012-03-28 13:01 . 2012-03-28 13:01 278016 c:\windows\assembly\NativeImages_v2.0.50727_32\PbServiceCore\c1a3f8b55a6dba902c0ded6d7be74f8c\PbServiceCore.ni.dll
+ 2012-03-28 13:01 . 2012-03-28 13:01 692736 c:\windows\assembly\NativeImages_v2.0.50727_32\PbResource\07e706dc412b97823517eeb038714af6\PbResource.ni.dll
+ 2012-03-28 13:01 . 2012-03-28 13:01 815104 c:\windows\assembly\NativeImages_v2.0.50727_32\PbAreas\61af30df7cbdcbc87f4aa30e1b8512e2\PbAreas.ni.dll
+ 2012-03-28 13:01 . 2012-03-28 13:01 105472 c:\windows\assembly\NativeImages_v2.0.50727_32\MusicDataSource\9da2e0e4597698fc02bc539bb1cb5357\MusicDataSource.ni.dll
+ 2012-03-28 13:01 . 2012-03-28 13:01 684544 c:\windows\assembly\NativeImages_v2.0.50727_32\MusicDataAccess\e625fde957b1b8bd682b2132eb9a9404\MusicDataAccess.ni.dll
+ 2012-03-28 13:01 . 2012-03-28 13:01 671744 c:\windows\assembly\NativeImages_v2.0.50727_32\FileSelect\1db033be4e699619e582032b748ac3c3\FileSelect.ni.dll
+ 2012-03-28 13:01 . 2012-03-28 13:01 104448 c:\windows\assembly\NativeImages_v2.0.50727_32\EngineFacadeIF\0d15105921cc79ac96bf8a4824a36317\EngineFacadeIF.ni.dll
+ 2012-03-28 13:01 . 2012-03-28 13:01 699904 c:\windows\assembly\NativeImages_v2.0.50727_32\DataSource\7ee56f3411b346a7038f68419fff2839\DataSource.ni.dll
+ 2012-03-28 12:37 . 2012-03-28 12:37 741376 c:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3915.37261__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 106496 c:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3915.37220__90ba9c70f846762e\MOM.Implementation.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 131072 c:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__90ba9c70f846762e\Interop.SHDocVw.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 131072 c:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__90ba9c70f846762e\Interop.SHDocVw.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 405504 c:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3915.37117__90ba9c70f846762e\CLI.Component.Wizard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 577536 c:\windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3915.37212__90ba9c70f846762e\CLI.Component.Systemtray.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 348160 c:\windows\assembly\GAC_MSIL\CLI.Component.SingleTaskWizard\2.0.3915.37272__90ba9c70f846762e\CLI.Component.SingleTaskWizard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 278528 c:\windows\assembly\GAC_MSIL\CLI.Component.Launchpad\2.0.3915.37242__90ba9c70f846762e\CLI.Component.Launchpad.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 147456 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.ProfileManager\2.0.3915.37145__90ba9c70f846762e\CLI.Component.Dashboard.ProfileManager.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 155648 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.HotKeyManager\2.0.3915.37144__90ba9c70f846762e\CLI.Component.Dashboard.HotKeyManager.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 151552 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3915.37088__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 380928 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3915.37096__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 139264 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Dashboard\2.0.3915.37168__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 151552 c:\windows\assembly\GAC_MSIL\CLI.Aspect.TutorialInfoCentre.Graphics.Dashboard\2.0.3915.37270__90ba9c70f846762e\CLI.Aspect.TutorialInfoCentre.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 491520 c:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3915.37228__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 184320 c:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Dashboard\2.0.3915.37271__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 241664 c:\windows\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Dashboard\2.0.3915.37138__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 356352 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3915.37179__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 102400 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Dashboard\2.0.3915.37241__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 118784 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3915.37227__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 118784 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Dashboard\2.0.3915.37230__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 139264 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Dashboard\2.0.3915.37170__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 655360 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3915.37243__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 118784 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Dashboard\2.0.3915.37249__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 167936 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Dashboard\2.0.3915.37221__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 163840 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Dashboard\2.0.3915.37162__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 409600 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3915.37192__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 102400 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3915.37160__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 856064 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3915.37160__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 204800 c:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3915.37125__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 196608 c:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3915.37126__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 335872 c:\windows\assembly\GAC_MSIL\CLI.Aspect.FramelockGenlock.Graphics.Dashboard\2.0.3915.37259__90ba9c70f846762e\CLI.Aspect.FramelockGenlock.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 409600 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3915.37111__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 573440 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3915.37126__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 364544 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3915.37206__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 749568 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3915.37202__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 507904 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared\2.0.3915.37147__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 307200 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3915.37132__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 323584 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3915.37169__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 376832 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3915.37152__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 692224 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3915.37187__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 630784 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3915.37173__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 397312 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3915.37159__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 270336 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 270336 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 262144 c:\windows\assembly\GAC_MSIL\CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard\1.2.2600.29179__90ba9c70f846762e\CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 360448 c:\windows\assembly\GAC\Interop.MSForms\2.0.0.0__90ba9c70f846762e\Interop.MSForms.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 360448 c:\windows\assembly\GAC\Interop.MSForms\2.0.0.0__90ba9c70f846762e\Interop.MSForms.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 225280 c:\windows\assembly\GAC\Interop.MSComctlLib\2.0.0.0__90ba9c70f846762e\Interop.MSComctlLib.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 225280 c:\windows\assembly\GAC\Interop.MSComctlLib\2.0.0.0__90ba9c70f846762e\Interop.MSComctlLib.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 143360 c:\windows\assembly\GAC\ICSharpCode.SharpZipLib\0.84.0.0__1b03e6acf1164f73\ICSharpCode.SharpZipLib.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 143360 c:\windows\assembly\GAC\ICSharpCode.SharpZipLib\0.84.0.0__1b03e6acf1164f73\ICSharpCode.SharpZipLib.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 212992 c:\windows\assembly\GAC\AxInterop.MSForms\2.0.0.0__90ba9c70f846762e\AxInterop.MSForms.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 212992 c:\windows\assembly\GAC\AxInterop.MSForms\2.0.0.0__90ba9c70f846762e\AxInterop.MSForms.DLL
- 2010-08-01 13:43 . 2010-08-01 13:43 135168 c:\windows\assembly\GAC\AxInterop.MSComctlLib\2.0.0.0__90ba9c70f846762e\AxInterop.MSComctlLib.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 135168 c:\windows\assembly\GAC\AxInterop.MSComctlLib\2.0.0.0__90ba9c70f846762e\AxInterop.MSComctlLib.DLL
Usmívej se, bude hůř! :)
Nahoru
jaGmann
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 148
Registrován: 28 úno 2007 12:28
Bydliště: za bukem

Re: Windows debug center

#13 Příspěvek od jaGmann »

+ 2011-02-19 21:03 . 2011-02-19 21:03 4422992 c:\windows\SysWOW64\mfc100u.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 4397384 c:\windows\SysWOW64\mfc100.dll
+ 2010-07-21 00:13 . 2010-10-08 06:55 2983936 c:\windows\SysWOW64\atiumdva.dll
+ 2010-07-21 00:13 . 2010-10-08 06:55 3707904 c:\windows\SysWOW64\atiumdag.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 3164160 c:\windows\SysWOW64\atidxx32.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 4018176 c:\windows\SysWOW64\aticaldd.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 5601616 c:\windows\system32\mfc100u.dll
+ 2011-02-19 20:51 . 2011-02-19 20:51 5574472 c:\windows\system32\mfc100.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 2983936 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiumdva.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 3707904 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiumdag.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 2701312 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiumd6a.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 4806144 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atiumd64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 6661120 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atikmdag.sys
+ 2010-10-08 06:55 . 2010-10-08 06:55 3834880 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atidxx64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 3164160 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atidxx32.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 5186048 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\aticaldd64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 4018176 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\aticaldd.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 6661120 c:\windows\system32\drivers\atikmdag.sys
+ 2010-07-21 00:13 . 2010-10-08 06:55 2701312 c:\windows\system32\atiumd6a.dll
+ 2010-07-21 00:13 . 2010-10-08 06:55 4806144 c:\windows\system32\atiumd64.dll
+ 2010-07-21 00:13 . 2010-10-08 06:55 3834880 c:\windows\system32\atidxx64.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 5186048 c:\windows\system32\aticaldd64.dll
- 2009-07-14 04:45 . 2012-03-15 02:21 3801083 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-03-28 13:06 3801083 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-10-08 06:53 . 2010-10-08 06:53 2439168 c:\windows\Installer\89b28f.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1949184 c:\windows\Installer\89b282.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1242624 c:\windows\Installer\89b27c.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1253376 c:\windows\Installer\89b270.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1274880 c:\windows\Installer\89b26a.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1244672 c:\windows\Installer\89b264.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1286656 c:\windows\Installer\89b25e.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1253888 c:\windows\Installer\89b258.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1256448 c:\windows\Installer\89b252.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1241088 c:\windows\Installer\89b24c.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1254912 c:\windows\Installer\89b246.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1260032 c:\windows\Installer\89b240.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1275904 c:\windows\Installer\89b23a.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1247744 c:\windows\Installer\89b234.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1268736 c:\windows\Installer\89b22e.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1256960 c:\windows\Installer\89b228.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1252864 c:\windows\Installer\89b222.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1249792 c:\windows\Installer\89b21c.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1302016 c:\windows\Installer\89b210.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1230848 c:\windows\Installer\89b20a.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1248256 c:\windows\Installer\89b204.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1263104 c:\windows\Installer\89b1fe.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 5749760 c:\windows\Installer\89b1f7.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 1889792 c:\windows\Installer\89b1f1.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 7522816 c:\windows\Installer\89b1df.msi
+ 2010-10-08 06:53 . 2010-10-08 06:53 2935296 c:\windows\Installer\89b1d9.msi
+ 2010-10-08 06:54 . 2010-10-08 06:54 6737920 c:\windows\Installer\89afb4.msi
+ 2011-11-07 04:29 . 2011-11-07 04:29 7842304 c:\windows\Installer\6db226.msi
+ 2012-01-04 07:05 . 2012-01-04 07:05 3979776 c:\windows\Installer\1f449.msi
+ 2012-03-28 13:01 . 2012-03-28 13:01 2061312 c:\windows\assembly\NativeImages_v2.0.50727_32\VMStory\ec47c8d3270d6ccb6487e27b57b32bd6\VMStory.ni.exe
+ 2012-03-28 13:01 . 2012-03-28 13:01 1509376 c:\windows\assembly\NativeImages_v2.0.50727_32\PbCore\8bd454fe9b09f1acdd3c0d105d2be687\PbCore.ni.dll
+ 2012-03-28 13:01 . 2012-03-28 13:01 1461248 c:\windows\assembly\NativeImages_v2.0.50727_32\PbControls\d473922cb0357cc7fd20ff7eb79db179\PbControls.ni.dll
+ 2012-03-28 13:01 . 2012-03-28 13:01 2994688 c:\windows\assembly\NativeImages_v2.0.50727_32\EngineFacade\a3bd95eec50fd5472c64f0f78350b0b1\EngineFacade.ni.dll
+ 2012-03-28 12:37 . 2012-03-28 12:37 1048576 c:\windows\assembly\GAC_MSIL\CLI.Component.Eeu\2.0.3915.37195__90ba9c70f846762e\CLI.Component.Eeu.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 1220608 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3915.37103__90ba9c70f846762e\CLI.Component.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 1007616 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3915.37140__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 1708032 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3915.37268__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 1294336 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3915.37262__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.DLL
+ 2012-03-28 12:37 . 2012-03-28 12:37 1736704 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3915.37123__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.DLL
+ 2010-10-08 06:55 . 2010-10-08 06:55 14321664 c:\windows\SysWOW64\atioglxx.dll
- 2009-07-14 02:34 . 2012-03-28 09:24 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2012-03-28 13:17 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2010-10-08 06:55 . 2010-10-08 06:55 14321664 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atioglxx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 18930176 c:\windows\system32\DriverStore\FileRepository\c7105610.inf_amd64_neutral_72ea03849724cb32\B105512\atio6axx.dll
+ 2010-10-08 06:55 . 2010-10-08 06:55 18930176 c:\windows\system32\atio6axx.dll
+ 2011-06-15 11:17 . 2011-06-15 11:17 89507328 c:\windows\Installer\a53cc.msi
+ 2012-03-28 12:53 . 2012-03-28 12:53 48441344 c:\windows\Installer\a53c7.msi
+ 2011-11-15 08:47 . 2011-11-15 08:47 28859904 c:\windows\Installer\2c7ba.msi
+ 2012-03-28 10:08 . 2012-03-28 10:08 12938752 c:\windows\Installer\1f6c4.msi
+ 2012-03-28 12:32 . 2012-03-28 12:32 262769368 c:\windows\Installer\89ae8e.msi
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-01 39408]
"HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2011-03-30 2547048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400]
.
c:\users\Petra Hejlková\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series (Síť).lnk - c:\windows\system32\RunDll32.exe [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 136176]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 13:44]
.
2012-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 13:44]
.
2012-03-28 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.idnes.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.2.1
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-03-28 15:57:22
ComboFix-quarantined-files.txt 2012-03-28 13:57
ComboFix2.txt 2012-03-28 09:31
.
Před spuštěním: Volných bajtů: 253 457 174 528
Po spuštění: Volných bajtů: 253 191 532 544
.
- - End Of File - - 846D1A684DC5E18FCCDE‘ŤĽ%ü‡Ść•yÜWU
Usmívej se, bude hůř! :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Windows debug center

#14 Příspěvek od vyosek »

Presunte CF primo na disk c:\ a primo na disku c:\ udelejte znovu CFScript.txt se stejnym obsahem a aplikujte jej...ComboFixu vadila diakritika v nazvu uctu a neudelal co mel...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
jaGmann
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 148
Registrován: 28 úno 2007 12:28
Bydliště: za bukem

Re: Windows debug center

#15 Příspěvek od jaGmann »

ComboFix 12-03-28.01 - Petra Hejlková 28.03.2012 21:46:29.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3950.2351 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-28 do 2012-03-28 )))))))))))))))))))))))))))))))
.
.
2012-03-28 19:54 . 2012-03-28 19:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-28 12:38 . 2012-03-28 12:38 -------- d-----w- c:\programdata\ATI
2012-03-28 12:32 . 2012-03-28 12:32 -------- d-----w- C:\SPLASH.SYS
2012-03-28 12:01 . 2012-03-28 13:05 -------- d-----w- C:\Update
2012-03-28 11:54 . 2012-03-28 11:54 -------- d-----w- c:\users\Petra Hejlková\AppData\Roaming\Auslogics
2012-03-28 10:09 . 2012-03-28 10:09 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-03-28 10:09 . 2012-03-28 10:09 -------- d-----w- c:\program files (x86)\Java
2012-03-28 09:40 . 2012-03-20 01:51 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{69E14DC6-1F33-4C3C-B210-8D1E0EF3AB57}\mpengine.dll
2012-03-15 02:01 . 2011-11-19 18:30 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-15 02:01 . 2011-11-19 14:25 3957616 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-15 02:01 . 2011-11-19 14:25 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-28 10:09 . 2010-08-01 14:01 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-01-04 09:58 . 2012-02-16 05:32 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 09:03 . 2012-02-16 05:32 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-01-03 06:24 . 2012-02-16 05:32 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-01-03 05:44 . 2012-02-16 05:32 478208 ----a-w- c:\windows\SysWow64\timedate.cpl
.
.
((((((((((((((((((((((((((((( SnapShot_2012-03-28_13.43.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-03-28 19:55 . 2012-03-28 19:55 13396 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-03-28 13:01 . 2012-03-28 13:01 13396 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2009-07-14 04:54 . 2012-03-28 13:03 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-28 19:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-28 13:03 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-28 19:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-28 19:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-28 13:03 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-22 18:07 . 2012-03-28 19:47 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-08-22 18:07 . 2012-03-28 13:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-22 18:07 . 2012-03-28 19:47 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-08-22 18:07 . 2012-03-28 13:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-03-28 13:02 . 2012-03-28 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-28 19:56 . 2012-03-28 19:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-28 13:02 . 2012-03-28 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-28 19:56 . 2012-03-28 19:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-22 19:42 . 2012-03-28 19:44 250704 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 05:01 . 2012-03-28 13:01 267928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-03-28 19:55 267928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 02:34 . 2012-03-28 19:54 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2012-03-28 13:17 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2011-03-30 2547048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400]
.
c:\users\Petra Hejlková\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series (Síť).lnk - c:\windows\system32\RunDll32.exe [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 136176]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-28 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.idnes.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.2.1
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Celkový čas: 2012-03-28 22:09:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-28 20:09
ComboFix2.txt 2012-03-28 13:57
ComboFix3.txt 2012-03-28 09:31
.
Před spuštěním: Volných bajtů: 253 437 091 840
Po spuštění: Volných bajtů: 253 136 289 792
.
- - End Of File - - 961E085B2B7C49F696CC5A150F2C5389
Usmívej se, bude hůř! :)
Nahoru
Zamčeno

Zpět na „Sekce pouze pro Vzorné návštěvníky“