VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Security Master AV

https://forum.viry.cz:443/viewtopic.php?t=102347

Stránka 1 z 4

Security Master AV

Napsal: 01 črc 2010 08:15
od livot
Ahoj, mohl by mi, prosim, nekdo pomoci zbavit se tohoto smejda z PC ? Jsem bezny uzivatel a tento program nejde nijak klasicky odinstalovat... :( MOC dekuji a preji krasny den.

Re: Security Master AV

Napsal: 01 črc 2010 09:01
od Caroprd111
Zdravím :)

Dejte log z RSIT http://www.viry.cz/forum/viewtopic.php?f=13&t=82743

Re: Security Master AV

Napsal: 01 črc 2010 10:04
od livot
Logfile of random's system information tool 1.07 (written by random/random)
Run by Libor at 2010-07-01 10:53:00
Microsoft Windows XP Home Edition Service Pack 2
System drive D: has 11 GB (30%) free of 35 GB
Total RAM: 95 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:53:48, on 1.7.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Documents and Settings\All Users\Data aplikací\f06aa2c\SMf06a_2144.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Documents and Settings\Libor\Local Settings\Temporary Internet Files\Content.IE5\NHUBOPQR\RSIT[1].exe
D:\Program Files\trend micro\Libor.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 94.75.207.108 www.google.com
O1 - Hosts: 94.75.207.108 google.com
O1 - Hosts: 94.75.207.108 google.com.au
O1 - Hosts: 94.75.207.108 www.google.com.au
O1 - Hosts: 94.75.207.108 google.be
O1 - Hosts: 94.75.207.108 www.google.be
O1 - Hosts: 94.75.207.108 google.com.br
O1 - Hosts: 94.75.207.108 www.google.com.br
O1 - Hosts: 94.75.207.108 google.ca
O1 - Hosts: 94.75.207.108 www.google.ca
O1 - Hosts: 94.75.207.108 google.ch
O1 - Hosts: 94.75.207.108 www.google.ch
O1 - Hosts: 94.75.207.108 google.de
O1 - Hosts: 94.75.207.108 www.google.de
O1 - Hosts: 94.75.207.108 google.dk
O1 - Hosts: 94.75.207.108 www.google.dk
O1 - Hosts: 94.75.207.108 google.fr
O1 - Hosts: 94.75.207.108 www.google.fr
O1 - Hosts: 94.75.207.108 google.ie
O1 - Hosts: 94.75.207.108 www.google.ie
O1 - Hosts: 94.75.207.108 google.it
O1 - Hosts: 94.75.207.108 www.google.it
O1 - Hosts: 94.75.207.108 google.co.jp
O1 - Hosts: 94.75.207.108 www.google.co.jp
O1 - Hosts: 94.75.207.108 google.nl
O1 - Hosts: 94.75.207.108 www.google.nl
O1 - Hosts: 94.75.207.108 google.no
O1 - Hosts: 94.75.207.108 www.google.no
O1 - Hosts: 94.75.207.108 google.co.nz
O1 - Hosts: 94.75.207.108 www.google.co.nz
O1 - Hosts: 94.75.207.108 google.pl
O1 - Hosts: 94.75.207.108 www.google.pl
O1 - Hosts: 94.75.207.108 google.se
O1 - Hosts: 94.75.207.108 www.google.se
O1 - Hosts: 94.75.207.108 google.co.uk
O1 - Hosts: 94.75.207.108 www.google.co.uk
O1 - Hosts: 94.75.207.108 google.co.za
O1 - Hosts: 94.75.207.108 www.google.co.za
O1 - Hosts: 94.75.207.108 www.google-analytics.com
O1 - Hosts: 94.75.207.108 www.bing.com
O1 - Hosts: 94.75.207.108 search.yahoo.com
O1 - Hosts: 94.75.207.108 www.search.yahoo.com
O1 - Hosts: 94.75.207.108 uk.search.yahoo.com
O1 - Hosts: 94.75.207.108 ca.search.yahoo.com
O1 - Hosts: 94.75.207.108 de.search.yahoo.com
O1 - Hosts: 94.75.207.108 fr.search.yahoo.com
O1 - Hosts: 94.75.207.108 au.search.yahoo.com
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ccagent.exe] D:\Documents and Settings\Libor\Data aplikací\Control Components\ccagent.exe
O4 - HKCU\..\Run: [swg] "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Security Master AV] "D:\Documents and Settings\All Users\Data aplikací\f06aa2c\SMf06a_2144.exe" /s /d
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: WikiKomentáře Google... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 6571 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-24 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-06-24 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-24 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-24 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
"ccagent.exe"=D:\Documents and Settings\Libor\Data aplikací\Control Components\ccagent.exe []
"swg"=D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-06-24 39408]
"Security Master AV"=D:\Documents and Settings\All Users\Data aplikací\f06aa2c\SMf06a_2144.exe [2010-06-30 3502080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\WINDOWS\System32\usmt\migwiz.exe"="D:\WINDOWS\System32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"D:\Documents and Settings\All Users\Data aplikací\f06aa2c\SMf06a_2144.exe"="D:\Documents and Settings\All Users\Data aplikací\f06aa2c\SMf06a_2144.exe:*:Enabled:Security Master AV"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-07-01 10:53:17 ----D---- D:\Program Files\trend micro
2010-07-01 10:53:00 ----D---- D:\rsit
2010-06-30 19:45:47 ----SHD---- D:\Documents and Settings\Libor\Data aplikací\Security Master AV
2010-06-30 19:45:43 ----SHD---- D:\Documents and Settings\All Users\Data aplikací\SMEAZRPSSRAV
2010-06-30 19:44:36 ----SHD---- D:\Documents and Settings\All Users\Data aplikací\f06aa2c
2010-06-24 12:56:39 ----D---- D:\Documents and Settings\Libor\Data aplikací\Google
2010-06-24 12:55:42 ----D---- D:\Documents and Settings\All Users\Data aplikací\Sun
2010-06-24 12:48:09 ----D---- D:\Documents and Settings\All Users\Data aplikací\Google
2010-06-24 12:48:06 ----D---- D:\Program Files\Google
2010-06-24 12:39:09 ----A---- D:\WINDOWS\system32\deployJava1.dll
2010-06-24 12:39:08 ----A---- D:\WINDOWS\system32\javaws.exe
2010-06-24 12:39:08 ----A---- D:\WINDOWS\system32\javaw.exe
2010-06-24 12:39:08 ----A---- D:\WINDOWS\system32\java.exe
2010-06-10 16:44:25 ----HD---- D:\WINDOWS\$NtUninstallKB980218$
2010-06-10 16:44:19 ----HD---- D:\WINDOWS\$NtUninstallKB980195$
2010-06-10 16:44:11 ----HD---- D:\WINDOWS\$NtUninstallKB979559$
2010-06-10 16:44:04 ----HD---- D:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-10 16:44:00 ----HD---- D:\WINDOWS\$NtUninstallKB979482$
2010-06-10 16:43:49 ----HD---- D:\WINDOWS\$NtUninstallKB975562$
2010-06-10 16:43:20 ----HD---- D:\WINDOWS\$NtUninstallKB982381$

======List of files/folders modified in the last 1 months======

2010-06-30 20:57:24 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-06-30 20:11:18 ----A---- D:\WINDOWS\WINCMD.INI
2010-06-10 16:44:28 ----A---- D:\WINDOWS\imsins.BAK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 39936]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; D:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 S3SavageNB;S3SavageNB; D:\WINDOWS\system32\DRIVERS\s3gnbm.sys [2004-08-03 166912]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-03-02 26624]
R3 usbhub;Rozbočovač umožnující USB2; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-03-02 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-03-02 20480]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2010-06-24 153376]
S2 gupdate;Služba Google Update (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-24 135664]
S3 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-24 182768]

-----------------EOF-----------------

Re: Security Master AV

Napsal: 01 črc 2010 10:08
od Caroprd111
Poprosím o jeden doplňkový sken, pak se pustíme do mazání.


Obrázek Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
  • Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Označte položku Pro všechny uživatele.
  • Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
  • Klikněte na tlačítko Prohledat
  • Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Re: Security Master AV

Napsal: 01 črc 2010 11:34
od livot
OTL Extras logfile created on: 1.7.2010 11:25:19 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = D:\Documents and Settings\Libor\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

95,00 Mb Total Physical Memory | 24,00 Mb Available Physical Memory | 25,00% Memory free
373,00 Mb Paging File | 122,00 Mb Available in Paging File | 33,00% Paging File free
Paging file location(s): D:\pagefile.sys 144 288 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 39,99 Gb Total Space | 36,87 Gb Free Space | 92,20% Space Free | Partition Type: FAT32
Drive D: | 34,52 Gb Total Space | 10,39 Gb Free Space | 30,12% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VTS
Current User Name: Libor
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\WINDOWS\System32\usmt\migwiz.exe" = D:\WINDOWS\System32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení -- (Microsoft Corporation)
"D:\Documents and Settings\All Users\Data aplikací\f06aa2c\SMf06a_2144.exe" = D:\Documents and Settings\All Users\Data aplikací\f06aa2c\SMf06a_2144.exe:*:Enabled:Security Master AV -- (Vfftksl)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Control Components" = Control Components
"Hide IP Platinum_is1" = Hide IP Platinum 3.42

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12.4.2010 3:34:40 | Computer Name = VTS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.4.2010 12:34:00 | Computer Name = VTS | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2853, adresa chyby 0x000d836f.

Error - 12.4.2010 12:36:10 | Computer Name = VTS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 29.4.2010 3:52:59 | Computer Name = VTS | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2853, adresa chyby 0x000d836f.

Error - 3.5.2010 13:35:47 | Computer Name = VTS | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2853, adresa chyby 0x0006af69.

Error - 6.5.2010 3:49:35 | Computer Name = VTS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ccmain.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 6.5.2010 3:54:30 | Computer Name = VTS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ccmain.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 6.5.2010 4:37:51 | Computer Name = VTS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AvastUI.exe, verze 5.0.462.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 6.5.2010 4:49:49 | Computer Name = VTS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AvastUI.exe, verze 5.0.462.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 6.5.2010 4:50:26 | Computer Name = VTS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AvastUI.exe, verze 5.0.462.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.


< End of report >

Re: Security Master AV

Napsal: 01 črc 2010 11:38
od livot
to druhe se sem nevejde, muzu vam to poslat nekam na email ?

Re: Security Master AV

Napsal: 01 črc 2010 12:29
od Caroprd111
Log rozdělte do více příspěvků.

Re: Security Master AV

Napsal: 01 črc 2010 12:33
od livot
OTL logfile created on: 1.7.2010 11:25:19 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = D:\Documents and Settings\Libor\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

95,00 Mb Total Physical Memory | 24,00 Mb Available Physical Memory | 25,00% Memory free
373,00 Mb Paging File | 122,00 Mb Available in Paging File | 33,00% Paging File free
Paging file location(s): D:\pagefile.sys 144 288 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 39,99 Gb Total Space | 36,87 Gb Free Space | 92,20% Space Free | Partition Type: FAT32
Drive D: | 34,52 Gb Total Space | 10,39 Gb Free Space | 30,12% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VTS
Current User Name: Libor
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.07.01 11:24:06 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Libor\Plocha\OTL.exe
PRC - [2010.06.30 19:45:00 | 003,502,080 | ---- | M] (Vfftksl) -- D:\Documents and Settings\All Users\Data aplikací\f06aa2c\SMf06a_2144.exe
PRC - [2010.06.24 12:52:04 | 000,039,408 | ---- | M] (Google Inc.) -- D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006.03.02 12:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2006.03.02 12:00:00 | 000,389,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cmd.exe
PRC - [2006.03.02 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ping.exe


========== Modules (SafeList) ==========

MOD - [2010.07.01 11:24:06 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Libor\Plocha\OTL.exe
MOD - [2006.03.02 12:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2006.03.02 12:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========


========== Driver Services (SafeList) ==========

DRV - [2004.08.03 22:29:52 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3SavageNB)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-343818398-57989841-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-343818398-57989841-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-343818398-57989841-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-343818398-57989841-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010.07.01 08:41:36 | 000,002,755 | RHS- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 94.75.207.108 www.google.com
O1 - Hosts: 94.75.207.108 google.com
O1 - Hosts: 94.75.207.108 google.com.au
O1 - Hosts: 94.75.207.108 www.google.com.au
O1 - Hosts: 94.75.207.108 google.be
O1 - Hosts: 94.75.207.108 www.google.be
O1 - Hosts: 94.75.207.108 google.com.br
O1 - Hosts: 94.75.207.108 www.google.com.br
O1 - Hosts: 94.75.207.108 google.ca
O1 - Hosts: 38 more lines...
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-343818398-57989841-725345543-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKU\S-1-5-21-343818398-57989841-725345543-1004..\Run: [ccagent.exe] D:\Documents and Settings\Libor\Data aplikací\Control Components\ccagent.exe File not found
O4 - HKU\S-1-5-21-343818398-57989841-725345543-1004..\Run: [Security Master AV] File not found
O4 - HKU\S-1-5-21-343818398-57989841-725345543-1004..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-343818398-57989841-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: WikiKomentáře Google... - D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.100
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-343818398-57989841-725345543-1004 Winlogon: Shell - (D:\Documents and Settings\Libor\Data aplikací\Control Components\ccmain.exe) - D:\Documents and Settings\Libor\Data aplikací\Control Components\ccmain.exe File not found
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O27 - HKLM IFEO\_avp32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\_avpcc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\_avpm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\~1.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\~2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\a.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aAvgApi.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AAWTray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\About.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ackwin32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\adaware.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Ad-Aware.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\advxdwin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AdwarePrj.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agentsvr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agentw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alertsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alevir.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alogserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AlphaAV: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AlphaAV.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AluSchedulerSvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\amon9x.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntispywarXP2009.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\anti-trojan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Anti-Virus Professional.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\antivirus.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntiVirus_Pro.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusPlus: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusPlus.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusPro_2010.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusXP: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusXP.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\antivirusxppro2009.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ants.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\apimonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aplica32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\apvxdwin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\arr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Arrakis3.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashAvast.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashBug.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashCnsnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashDisp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashChest.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashLogV.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashMaiSv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashPopWz.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashQuick.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashServ.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSimp2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSimpl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSkPcc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSkPck.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashUpd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashWebSv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswChLic.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswRegSvr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswRunDll.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswUpdSv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atcon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atguard.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atro55en.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atupdater.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atwatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\au.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autodown.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\auto-protect.nav80try.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autotrace.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autoupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\av360.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avadmin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVCare.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avcenter.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avciman.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconfig.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconsol.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ave32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVENGINE.EXE: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcc32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcsrvx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgctrl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgdumpx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgemc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgchk.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgiproxy.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgnsx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgrsx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgscanx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgserv9.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgsrmax.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgtray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgupd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgwdsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkpop.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkservice.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkwctl9.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avltmain.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avmailc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avmcdlg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avnotify.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avp32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpcc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpdos32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avptc32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpupd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avsched32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avsynmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avupgsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVWEBGRD.EXE: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwin95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwinnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwsc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupd32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupsrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxmonitor9x.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxmonitornt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxquar.exe: Debugger - svchost.exe (Microsoft Corporation)
"%1" %*

Re: Security Master AV

Napsal: 01 črc 2010 12:34
od livot
O27 - HKLM IFEO\b.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\backweb.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bargains.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bd_professional.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdagent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdfvcl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdfvwiz.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDInProcPatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdmcon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDMsnScan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdreinit.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdsubwiz.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDSurvey.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdtkexec.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdwizreg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\beagle.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\belt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bidef.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bidserver.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bipcp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bipcpevalsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bisp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blackd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blackice.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blink.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blss.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bootconf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bootwarn.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\borg2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brasil.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brastk.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bs120.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bspatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bundle.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bvt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\c.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cavscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccapp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccevtmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccpxysvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccSvcHst.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cdp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfgwiz.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfiadmin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfiaudit.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfinet.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfinet32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpconfg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfplogvw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpupdat.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Cl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\claw95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\claw95cf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\clean.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleaner.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleaner3.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleanIELow.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleanpc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\click.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmd32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmdagent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmesys.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmgrdian.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmon016.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\connectionmonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\control: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpf9x206.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpfnt206.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\crashrep.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\csc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssconfg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssupdat.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssurf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ctrl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cwnb181.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cwntdwmo.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\d.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\datemanager.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dcomx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defalert.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defscangui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defwatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\deloeminfs.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\deputy.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\divx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dllcache.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dllreg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\doors.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dop.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpfsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpps2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\driverctrl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwatson.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drweb32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwebupw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dssagent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dvp95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dvp95_0.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ecengine.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\efpeadm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\egui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ekrn.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\emsw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\esafe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\escanhnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\escanv95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\espwatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ethereal.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\etrustcipe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\evpn.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\exantivirus-cnet.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\exe.avxw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\expert.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\explore.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fact.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-agnt95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fameh32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fast.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fch32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fih32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\findviru.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\firewall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fixcfg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fixfp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fnrb32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fprot.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-prot.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-prot95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fp-win.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fp-win_trial.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\frmwrk32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\frw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsaa.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav530stbyb.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav530wtbyb.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsgk32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsm32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsma32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsmb32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-stopw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gator.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbmenu.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbn976rl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbpoll.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\generics.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gmt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guard.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guarddog.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guardgui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hacktracersetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hbinst.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hbsrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\History.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\homeav2010.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hotactio.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hotpatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\htlog.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\htpatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hwpe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hxdl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hxiul.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamapp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamstats.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ibmasn.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ibmavsp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icload95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icloadnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icmon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icsupp95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icsuppnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Identity.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\idle.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iedll.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iedriver.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\IEShow.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iface.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ifw2000.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\inetlnfo.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\infus.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\infwin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\init.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\init32.exe : Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[1].exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[2].exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[3].exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[4].exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[5].exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\intdel.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\intren.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iomon98.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\istsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jammer.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jdbgmrg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jedi.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\JsRcGen.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavlite40eng.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavpers40eng.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavpf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kazza.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\keenvalue.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-pf-213-en-win.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-wrl-421-en-win.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-wrp-421-en-win.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\killprocesssetup161.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\launcher.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldnetmon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldpro.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldpromenu.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\licmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\livesrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lnetinfo.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\loader.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\localnet.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lockdown.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lockdown2000.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lookout.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lordpe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luau.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lucomserver.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luinit.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luspt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MalwareRemoval.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mapisvc32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcagent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcmnhdlr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcmscsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcnasvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcproxy.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\McSACore.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcshell.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcshield.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcsysmon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mctool.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcvsrte.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcvsshld.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\md.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfin32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfw2en.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfweng3.02d30.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgavrtcl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgavrte.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mghtml.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\minilog.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mmod.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\monitor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\moolive.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mostat.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpfagent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpfservice.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MPFSrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpftray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mrflux.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mrt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msa.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msapp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MSASCui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msbb.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msblast.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mscache.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msccn32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mscman.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msconfig: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msdm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msdos.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msfwsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msiexec16.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mslaugh.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msmgt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MsMpEng.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msmsgri32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msseces.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mssmmc32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mssys.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msvxd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mu0311ad.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mwatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\n32scanw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navap.navapsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navapsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navapw32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navdx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navlu32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navstub.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navw32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navwnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nc2000.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ncinst4.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ndd32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\neomonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\neowatchlog.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netarmor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netd32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netinfo.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netmon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netscanpro.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netspyhunter-1.2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netutils.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nisserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nisum.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nmain.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nod32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\normist.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\norton_internet_secu_3.0_407.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\notstart.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npf40_tw_98_nt_me_2k.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npfmessenger.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nprotect.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npscheck.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npssvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nsched32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nssys32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nstask32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nsupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntrtscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntvdm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntxconfig.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nupgrade.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvarch16.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvc95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvsvc32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwinst4.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwservice.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwtool16.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAcat.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAhlp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAReg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oasrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oaui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oaview.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OcHealthMon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ODSW.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ollydbg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\onsrvr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\optimize.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ostronet.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\otfix.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpost.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpostinstall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpostproinstall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ozn695m5.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\padmin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\panixk.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\patch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavcl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PavFnSvr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavproxy.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavprsrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavsched.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavsrv51.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PC_Antispyware2010.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pccwin98.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcfwallicon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcip10117_0.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsAuxs.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsGui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsSvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsTray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pdfndr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pdsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PerAvir.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\periscope.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\persfw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\personalguard: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\personalguard.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\perswf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pf2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pfwadmin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pgmonitr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pingscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\platin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pop3trap.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\poproxy.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\popscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\portdetective.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\portmonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\powerscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ppinupdt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pptbc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ppvstop.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prizesurfer.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prmt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prmvr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\procdump.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\processmonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\procexplorerv1.0.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\programauditor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\proport.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\protector.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANCU.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANHost.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANToManager.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PsCtrls.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PsImSvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PskSvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pspf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSUNMain.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\purge.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qconsole.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qh.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qserver.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Quick Heal.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\QuickHealCleaner.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rapapp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav7.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav7win.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav8win32eng.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rb32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rcsync.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\realmon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\reged.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\regedt32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rescue.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rescue32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rrguard.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rscdwld.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rshell.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rtvscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rtvscn95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rulaunch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rwg: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rwg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SafetyKeeper.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\safeweb.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sahagent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Save.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SaveArmor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SaveDefense.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SaveKeep.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\savenow.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sbserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scam32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scanpm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scrscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\seccenter.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Secure Veteran.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\secureveteran.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Security Center.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SecurityFighter.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\securitysoldier.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\serv95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setloadorder.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setup_flowprotector_us.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setupvameeval.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sgssfw32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sh.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shellspyinstall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shield.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shn.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\showbehind.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\signcheck.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smart.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smartprotector.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smrtdefp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sms.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smss32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\snetcfg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\soap.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sofi.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SoftSafeness.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sperm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sphinx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoler.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoolcv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoolsv32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spywarexpguard.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spyxx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\srexe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\srng.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ss3edit.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ssg_4104.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ssgrate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\st2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\start.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\stcloader.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\supftrl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\support.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\supporter5.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svchostc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svchosts.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svshost.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweep95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symlcsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symproxysvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symtray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\system.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\system32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sysupd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tapinstall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\taskmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\taumon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tbscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tca.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tcm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds2-98.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds2-nt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds-3.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\teekids.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tfak.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tfak5.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tgbob.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\titanin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\titaninxp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\TPSrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trickler.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trjscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trjsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trojantrap3.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\TrustWarrior.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tsadbot.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tsc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tvmd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tvtmd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\uiscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\undoboot.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\updat.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\upgrad.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\upgrepl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\utpost.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbcmserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbcons.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbust.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbwin9x.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbwinntw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vcsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vet32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vet95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vettray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vfsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vir-help.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\virusmdpersonalfirewall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthAux.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthLic.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthUpd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vnlan300.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vnpc3000.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpc32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpc42.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpfw30s.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vptray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vscan40.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vscenu6.02d30.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsecomr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vshwin32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsched.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsisetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsmain.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsmon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsstat.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswin9xe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswinntse.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswinperse.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\w32dsm89.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\W3asbas.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\w9x.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\watchdog.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webdav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\WebProxy.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webscanx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webtrap.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wfindv32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\whoswatchingme.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wimmun32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win32us.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winactive.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win-bugsfix.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windll32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\window.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windows Police Pro.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windows.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wininetd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wininitx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winlogin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winmain.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winppr32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winrecon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winservn.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winss.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winssk32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winssnotify.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\WinSSUI.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winstart.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winstart001.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wintsk32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wkufind.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wnad.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wradmin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wrctrl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wsbgate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxas.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxfw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wsctool.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wupdater.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wupdt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wyvernworksfirewall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xp_antispyware.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xpdeluxe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xpf202en.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapro.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapsetup3001.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zatutor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonalm2601.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonealarm.exe: Debugger - svchost.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.12.07 11:49:10 | 000,000,416 | -HS- | M] () - C:\AUTOEXEC.DOS -- [ FAT32 ]
O32 - AutoRun File - [2010.02.23 09:08:12 | 000,000,490 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] --

Re: Security Master AV

Napsal: 01 črc 2010 12:35
od livot
NetSvcs: 6to4 - File not found
NetSvcs: Ias - D:\WINDOWS\system32\ias [2010.03.12 15:49:50 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - D:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - D:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - D:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - D:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - D:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - D:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - D:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - D:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.WMV3 - D:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)

========== Files/Folders - Created Within 30 Days ==========

[2010.07.01 11:24:01 | 000,574,464 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Libor\Plocha\OTL.exe
[2010.07.01 10:53:17 | 000,000,000 | ---D | C] -- D:\Program Files\trend micro
[2010.07.01 10:53:00 | 000,000,000 | ---D | C] -- D:\rsit
[2010.06.30 19:45:47 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Libor\Data aplikací\Security Master AV
[2010.06.30 19:45:43 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\Data aplikací\SMEAZRPSSRAV
[2010.06.30 19:44:36 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\Data aplikací\f06aa2c
[2010.06.24 13:00:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2010.06.24 12:56:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Libor\Data aplikací\Google
[2010.06.24 12:55:55 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2010.06.24 12:55:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\Sun
[2010.06.24 12:54:31 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Libor\Local Settings\Data aplikací\Google
[2010.06.24 12:48:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\Google
[2010.06.24 12:48:06 | 000,000,000 | ---D | C] -- D:\Program Files\Google
[2010.06.24 12:39:09 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- D:\WINDOWS\System32\deployJava1.dll
[2010.06.24 12:39:08 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- D:\WINDOWS\System32\javaws.exe
[2010.06.24 12:39:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\WINDOWS\System32\javaw.exe
[2010.06.24 12:39:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\WINDOWS\System32\java.exe
[4 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.07.01 11:24:06 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Libor\Plocha\OTL.exe
[2010.07.01 11:00:34 | 000,000,938 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.01 08:40:54 | 000,000,934 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.01 08:38:02 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010.07.01 08:37:58 | 100,192,256 | -HS- | M] () -- D:\hiberfil.sys
[2010.07.01 08:37:58 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010.06.30 20:57:08 | 001,835,008 | -H-- | M] () -- D:\Documents and Settings\Libor\NTUSER.DAT
[2010.06.30 20:57:08 | 000,000,178 | -HS- | M] () -- D:\Documents and Settings\Libor\ntuser.ini
[2010.06.30 20:56:48 | 003,220,848 | -H-- | M] () -- D:\Documents and Settings\Libor\Local Settings\Data aplikací\IconCache.db
[2010.06.30 20:11:18 | 000,001,142 | ---- | M] () -- D:\WINDOWS\WINCMD.INI
[2010.06.30 09:02:42 | 000,013,646 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010.06.29 11:10:34 | 000,000,265 | ---- | M] () -- D:\Documents and Settings\Libor\Plocha\VAZ 2121 NIVA ‹ Katalog produktů Náhradní díly Lada.url
[2010.06.25 14:58:30 | 000,000,405 | ---- | M] () -- D:\Documents and Settings\Libor\Plocha\Většina lidí po pětačtyřicítce nemá na sex energii, souloží v posteli a za tmy – Novinky.cz.url
[2010.06.24 12:37:38 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- D:\WINDOWS\System32\javaws.exe
[2010.06.24 12:37:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- D:\WINDOWS\System32\javaw.exe
[2010.06.24 12:37:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- D:\WINDOWS\System32\java.exe
[2010.06.24 12:37:38 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- D:\WINDOWS\System32\javacpl.cpl
[2010.06.24 12:37:36 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- D:\WINDOWS\System32\deployJava1.dll
[2010.06.16 13:58:46 | 000,002,505 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010.06.14 09:39:14 | 000,000,240 | ---- | M] () -- D:\Documents and Settings\Libor\Plocha\Plné zobrazení fotografie z bazaru plavidel (www.plavidla.cz).url
[2010.06.11 12:45:12 | 000,020,480 | ---- | M] () -- D:\Documents and Settings\Libor\Dokumenty\KUPNÍ SMLOUVA Lodní motor.doc
[2010.06.11 08:58:04 | 000,093,480 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.10 16:44:28 | 000,001,374 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2010.06.07 10:19:10 | 000,000,282 | ---- | M] () -- D:\Documents and Settings\Libor\Plocha\PRODÁM KRÁSNOU LOĎ (1069841589) - Aukro - Aukce OnLine.url
[4 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.29 11:10:27 | 000,000,265 | ---- | C] () -- D:\Documents and Settings\Libor\Plocha\VAZ 2121 NIVA ‹ Katalog produktů Náhradní díly Lada.url
[2010.06.25 14:58:26 | 000,000,405 | ---- | C] () -- D:\Documents and Settings\Libor\Plocha\Většina lidí po pětačtyřicítce nemá na sex energii, souloží v posteli a za tmy – Novinky.cz.url
[2010.06.24 12:55:29 | 000,000,938 | ---- | C] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.24 12:55:24 | 000,000,934 | ---- | C] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.14 09:39:11 | 000,000,240 | ---- | C] () -- D:\Documents and Settings\Libor\Plocha\Plné zobrazení fotografie z bazaru plavidel (www.plavidla.cz).url
[2010.06.11 12:45:04 | 000,020,480 | ---- | C] () -- D:\Documents and Settings\Libor\Dokumenty\KUPNÍ SMLOUVA Lodní motor.doc
[2010.06.07 10:19:08 | 000,000,282 | ---- | C] () -- D:\Documents and Settings\Libor\Plocha\PRODÁM KRÁSNOU LOĎ (1069841589) - Aukro - Aukce OnLine.url
[2010.03.12 18:07:58 | 000,001,142 | ---- | C] () -- D:\WINDOWS\WINCMD.INI
[2010.03.12 15:43:54 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys

========== LOP Check ==========

[2010.03.13 09:11:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.06.30 19:44:38 | 000,000,000 | -HSD | M] -- D:\Documents and Settings\All Users\Data aplikací\f06aa2c
[2010.06.30 19:45:44 | 000,000,000 | -HSD | M] -- D:\Documents and Settings\All Users\Data aplikací\SMEAZRPSSRAV
[2010.05.05 08:55:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Libor\Data aplikací\Control Components
[2010.06.30 19:45:48 | 000,000,000 | -HSD | M] -- D:\Documents and Settings\Libor\Data aplikací\Security Master AV

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = D:\WINDOWS\system32\ctfmon.exe -- [2006.03.02 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "D:\Program Files\Messenger\msmsgs.exe" /background -- [2004.08.17 15:58:18 | 001,667,584 | ---- | M] (Microsoft Corporation)
"ccagent.exe" = D:\Documents and Settings\Libor\Data aplikací\Control Components\ccagent.exe -- File not found
"swg" = "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2010.06.24 12:52:04 | 000,039,408 | ---- | M] (Google Inc.)
"Security Master AV" = "D:\Documents and Settings\All Users\Data aplikací\f06aa2c\SMf06a_2144.exe" /s /d -- [2010.06.30 19:45:00 | 003,502,080 | ---- | M] (Vfftksl)

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.07.25 14:19:34 | 006,383,200 | ---- | M] (InstallShield Software Corporation) -- D:\pci_us_smartrecovery.exe
[2007.12.21 08:46:32 | 017,760,400 | ---- | M] (DivX, Inc.) -- D:\DivXInstaller.exe
[2009.09.07 16:27:52 | 001,236,215 | ---- | M] () -- D:\DTI.EXE
[2009.08.10 17:21:42 | 017,558,968 | ---- | M] (JAP-Team) -- D:\japsetup.exe
[2009.09.07 16:39:32 | 000,790,016 | ---- | M] (Microsoft Corporation) -- D:\nusb33a_cs.exe
[2009.09.07 16:50:32 | 000,774,144 | ---- | M] (Microsoft Corporation) -- D:\nusb33e.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.03.12 15:56:06 | 000,000,000 | --SD | M] -- D:\Documents and Settings\Libor\Data aplikací\Microsoft
[2010.03.12 16:18:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Libor\Data aplikací\Identities
[2010.03.12 18:29:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Libor\Data aplikací\Sun
[2010.03.16 15:36:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Libor\Data aplikací\Macromedia
[2010.04.02 13:58:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Libor\Data aplikací\Help
[2010.04.10 13:38:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Libor\Data aplikací\Adobe
[2010.05.05 08:55:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Libor\Data aplikací\Control Components
[2010.06.24 12:56:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Libor\Data aplikací\Google
[2010.06.30 19:45:48 | 000,000,000 | -HSD | M] -- D:\Documents and Settings\Libor\Data aplikací\Security Master AV

< %APPDATA%\*.exe /s >
[2010.05.05 08:55:54 | 000,067,090 | ---- | M] () -- D:\Documents and Settings\Libor\Data aplikací\Control Components\uninstall.exe


< MD5 for: AGP440.SYS >
[2006.03.02 12:00:00 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 12:00:00 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2006.03.02 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2006.03.02 12:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- D:\WINDOWS\system32\autochk.exe
[2006.03.02 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- D:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 12:00:00 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2006.03.02 12:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- D:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.03.02 12:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- D:\WINDOWS\system32\cryptsvc.dll
[2006.03.02 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- D:\WINDOWS\system32\dllcache\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2006.03.02 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- D:\WINDOWS\system32\dllcache\eventlog.dll
[2006.03.02 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- D:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2006.03.02 12:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- D:\WINDOWS\explorer.exe
[2006.03.02 12:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- D:\WINDOWS\system32\dllcache\explorer.exe
[1999.05.05 22:22:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=81EF5B254642034E4139BC589B45D629 -- D:\zaloha_old_disk\zaloha\c\WIN.OLD\EXPLORER.EXE
[1999.05.05 22:22:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=81EF5B254642034E4139BC589B45D629 -- D:\zaloha_old_disk\zaloha\c\WINDOWS\EXPLORER.EXE

< MD5 for: HAL.DLL >
[2006.03.02 12:00:00 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2006.03.02 12:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- D:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.02 12:00:00 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys

< MD5 for: ISAPNP.SYS >
[2006.03.02 12:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- D:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 04:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.02 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- D:\WINDOWS\system32\dllcache\lsass.exe
[2006.03.02 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- D:\WINDOWS\system32\lsass.exe
[2008.04.14 05:22:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2006.03.02 12:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\system32\dllcache\ndis.sys
[2006.03.02 12:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- D:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- D:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2006.03.02 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- D:\WINDOWS\system32\dllcache\netlogon.dll
[2006.03.02 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- D:\WINDOWS\system32\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- D:\WINDOWS\system32\dllcache\scecli.dll
[2006.03.02 12:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- D:\WINDOWS\system32\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll

< MD5 for: SMSS.EXE >
[2006.03.02 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- D:\WINDOWS\system32\dllcache\smss.exe
[2006.03.02 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- D:\WINDOWS\system32\smss.exe
[2008.04.14 05:22:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- D:\WINDOWS\system32\dllcache\svchost.exe
[2006.03.02 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- D:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:14 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- D:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:45:14 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- D:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- D:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- D:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2006.03.02 12:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- D:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- D:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2006.03.02 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- D:\WINDOWS\system32\dllcache\userinit.exe
[2006.03.02 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- D:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- D:\WINDOWS\system32\dllcache\winlogon.exe
[2006.03.02 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- D:\WINDOWS\system32\winlogon.exe
[2008.04.14 05:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- D:\WINDOWS\system32\dllcache\ws2_32.dll
[2006.03.02 12:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- D:\WINDOWS\system32\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
[1999.05.05 22:22:00 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=B61FD94EA42E742C4E45CD93C92A5886 -- D:\zaloha_old_disk\zaloha\c\WIN.OLD\SYSTEM\WS2_32.DLL
[1999.05.05 22:22:00 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=B61FD94EA42E742C4E45CD93C92A5886 -- D:\zaloha_old_disk\zaloha\c\WINDOWS\SYSTEM\WS2_32.DLL

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.04.16 17:38:08 | 000,357,888 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\WINDOWS\system32\dxtmsft.dll
[2010.04.16 17:38:08 | 000,205,312 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\WINDOWS\system32\dxtrans.dll
[2010.04.16 17:38:08 | 000,251,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\WINDOWS\system32\iepeers.dll
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010.03.12 15:55:02 | 000,454,656 | ---- | M] () -- D:\WINDOWS\system32\config\system.sav
[2010.03.12 15:55:02 | 000,638,976 | ---- | M] () -- D:\WINDOWS\system32\config\software.sav
[2010.03.12 15:55:02 | 000,094,208 | ---- | M] () -- D:\WINDOWS\system32\config\default.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2010.04.16 17:38:08 | 000,357,888 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\WINDOWS\system32\dxtmsft.dll
[2010.04.16 17:38:08 | 000,205,312 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\WINDOWS\system32\dxtrans.dll
[2010.04.16 17:38:08 | 000,251,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\WINDOWS\system32\iepeers.dll
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.06.30 09:02:42 | 000,013,646 | ---- | M] () -- D:\WINDOWS\system32\wpa.dbl
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< End of report >

Re: Security Master AV

Napsal: 01 črc 2010 12:43
od Caroprd111
Obrázek Stáhněte a rozbalte soubor z přílohy např. na plochu.
scan.zip
(4.94 KiB) Staženo 128 x
Obrázek Spusťte OTL a dvakrát klikněte do spodního okna. Potvrďte hlášku kliknutím na "Ok" a vyberte cestu ke staženému a rozbalenému souboru scan.txt. Poté klikněte na Opravit, PC se restartuje, log vložte sem.

Re: Security Master AV

Napsal: 01 črc 2010 13:48
od livot
Logfile of random's system information tool 1.07 (written by random/random)
Run by Libor at 2010-07-01 14:46:22
Microsoft Windows XP Home Edition Service Pack 2
System drive D: has 14 GB (40%) free of 35 GB
Total RAM: 95 MB (4% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:47:01, on 1.7.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Documents and Settings\Libor\Local Settings\Temporary Internet Files\Content.IE5\UJX2EYS6\RSIT[1].exe
D:\Program Files\trend micro\Libor.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: WikiKomentáře Google... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 3569 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-24 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-06-24 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-24 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-24 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
"swg"=D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-06-24 39408]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\WINDOWS\System32\usmt\migwiz.exe"="D:\WINDOWS\System32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"D:\Documents and Settings\All Users\Data aplikací\f06aa2c\SMf06a_2144.exe"="D:\Documents and Settings\All Users\Data aplikací\f06aa2c\SMf06a_2144.exe:*:Enabled:Security Master AV"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-07-01 14:14:33 ----D---- D:\_OTL
2010-07-01 10:53:17 ----D---- D:\Program Files\trend micro
2010-07-01 10:53:00 ----D---- D:\rsit
2010-06-24 12:56:39 ----D---- D:\Documents and Settings\Libor\Data aplikací\Google
2010-06-24 12:55:42 ----D---- D:\Documents and Settings\All Users\Data aplikací\Sun
2010-06-24 12:48:09 ----D---- D:\Documents and Settings\All Users\Data aplikací\Google
2010-06-24 12:48:06 ----D---- D:\Program Files\Google
2010-06-24 12:39:09 ----A---- D:\WINDOWS\system32\deployJava1.dll
2010-06-24 12:39:08 ----A---- D:\WINDOWS\system32\javaws.exe
2010-06-24 12:39:08 ----A---- D:\WINDOWS\system32\javaw.exe
2010-06-24 12:39:08 ----A---- D:\WINDOWS\system32\java.exe
2010-06-10 16:44:25 ----HD---- D:\WINDOWS\$NtUninstallKB980218$
2010-06-10 16:44:19 ----HD---- D:\WINDOWS\$NtUninstallKB980195$
2010-06-10 16:44:11 ----HD---- D:\WINDOWS\$NtUninstallKB979559$
2010-06-10 16:44:04 ----HD---- D:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-10 16:44:00 ----HD---- D:\WINDOWS\$NtUninstallKB979482$
2010-06-10 16:43:49 ----HD---- D:\WINDOWS\$NtUninstallKB975562$
2010-06-10 16:43:20 ----HD---- D:\WINDOWS\$NtUninstallKB982381$

======List of files/folders modified in the last 1 months======

2010-07-01 14:41:08 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-06-30 20:11:18 ----A---- D:\WINDOWS\WINCMD.INI
2010-06-10 16:44:28 ----A---- D:\WINDOWS\imsins.BAK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 39936]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; D:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 S3SavageNB;S3SavageNB; D:\WINDOWS\system32\DRIVERS\s3gnbm.sys [2004-08-03 166912]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-03-02 26624]
R3 usbhub;Rozbočovač umožnující USB2; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-03-02 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-03-02 20480]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2010-06-24 153376]
S2 gupdate;Služba Google Update (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-24 135664]
S3 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-24 182768]

-----------------EOF-----------------

Re: Security Master AV

Napsal: 01 črc 2010 14:00
od Caroprd111
Potřebuji ten log z OTL, který se zobrazil po restartování PC. Je uložen v C:\_OTL\MovedFiles

Re: Security Master AV

Napsal: 01 črc 2010 14:27
od livot
Takovy soubor nemam...

Re: Security Master AV

Napsal: 01 črc 2010 14:31
od livot
Omlouvam se, byl na D...

All processes killed
========== OTL ==========
No active process named SMf06a_2144.exe was found!
Registry value HKEY_USERS\S-1-5-21-343818398-57989841-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run\\ccagent.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-343818398-57989841-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Security Master AV deleted successfully.
Starting removal of ActiveX control {33564D57-0000-0010-8000-00AA00389B71}
D:\WINDOWS\Downloaded Program Files\WMV9VCM.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33564D57-0000-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Registry value HKEY_USERS\S-1-5-21-343818398-57989841-725345543-1004\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:D:\Documents and Settings\Libor\Data aplikací\Control Components\ccmain.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe\ deleted successfully.
Invalid CLSID key: _avp32.exe
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe\ deleted successfully.
Invalid CLSID key: _avpcc.exe
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpm.exe\ deleted successfully.
Invalid CLSID key: _avpm.exe
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~1.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~2.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\a.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aAvgApi.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\About.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ackwin32.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adaware.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ad-Aware.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\advxdwin.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AdwarePrj.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agent.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentsvr.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentw.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alertsvc.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alevir.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alogserv.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AluSchedulerSvc.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\amon9x.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntispywarXP2009.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\anti-trojan.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Anti-Virus Professional.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirus.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntiVirus_Pro.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusPlus\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusPlus.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusPro_2010.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusXP\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusXP.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusxppro2009.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ants.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apimonitor.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aplica32.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apvxdwin.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\arr.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Arrakis3.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashAvast.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashBug.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashCnsnt.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashChest.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashLogV.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashMaiSv.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashPopWz.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashQuick.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashServ.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSimp2.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSimpl.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSkPcc.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSkPck.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashUpd.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashWebSv.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswChLic.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswRegSvr.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswRunDll.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswUpdSv.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atcon.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atguard.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atro55en.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atupdater.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atwatch.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\au.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aupdate.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autodown.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\auto-protect.nav80try.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autotrace.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoupdate.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\av360.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avadmin.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avciman.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ave32.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcc32.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcmgr.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcsrvx.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgctrl.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgdumpx.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgemc.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgchk.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgiproxy.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnsx.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrsx.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgscanx.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv9.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgsrmax.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgtray.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgupd.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgw.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgwdsvc.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkpop.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkserv.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkservice.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkwctl9.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avltmain.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avmailc.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avmcdlg.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avnotify.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avnt.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp32.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpcc.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpdos32.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpm.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avptc32.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpupd.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avsched32.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avsynmgr.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avupgsvc.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWEBGRD.EXE\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwin.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwin95.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwinnt.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwsc.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd32.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupsrv.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitor9x.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitornt.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxquar.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\b.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backweb.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bargains.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bd_professional.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdagent.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdfvcl.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdfvwiz.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BDInProcPatch.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdmcon.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BDMsnScan.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdreinit.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdsubwiz.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BDSurvey.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdtkexec.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdwizreg.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\beagle.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\belt.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bidef.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bidserver.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bipcp.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bipcpevalsetup.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bisp.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blackd.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blackice.exe\ deleted successfully.
Item D:\WINDOWS\System32\svchost.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blink.exe\ deleted successfully.
Všechny časy jsou v UTC+01:00
Stránka 1 z 4

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz