VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Problém Live PC Care

https://forum.viry.cz:443/viewtopic.php?t=97386

Stránka 1 z 2

Problém Live PC Care

Napsal: 08 úno 2010 15:03
od robopoter
Zdravím.
Nějak se mi do PC dostal tento program, tváří se jako antivir, či něco podobného. Odstavil mi antivir Avast, a nelze jej odstranit (v Přidat Odebrat programy jsem ho nenašel). Neustále hlásí, že našel viry a chce za odstranění peníze. Nevíte někdo, jak se ho zbavím? Používám Win XP SP3. Díky. Robo

Re: Problém Live PC Care

Napsal: 08 úno 2010 15:08
od Caroprd111
Zdravím :)

Za chvilku vám sem napíšu postup.

Re: Problém Live PC Care

Napsal: 08 úno 2010 15:10
od Caroprd111
:arrow: Dejte log z RSIT http://www.viry.cz/forum/viewtopic.php?f=30&t=82744

Re: Problém Live PC Care

Napsal: 08 úno 2010 16:29
od robopoter
Logfile of random's system information tool 1.06 (written by random/random)
Run by Robert Hanák at 2010-02-08 16:26:16
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 25 GB (50%) free of 50 GB
Total RAM: 998 MB (53% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{480C6BAD-DEC3-44A1-8624-7F6C2E5B184B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-02 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-02 520192]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-12-18 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-12-18 178712]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-12-18 150040]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-03-12 483422]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"SigmatelSysTrayApp"=C:\WINDOWS\sttray.exe [2009-03-12 483422]
"IntelAudioStudio"=C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe [2006-08-02 9134080]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-01-28 2757512]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-01-12 133368]
"OEXPRESS"=C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2010-02-02 26624]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"Live PC Care"=C:\Documents and Settings\All Users\Data aplikací\dccfcc4\LPdccf.exe [2010-02-06 2000896]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-12-12 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-08 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Documents and Settings\All Users\Data aplikací\dccfcc4\LPdccf.exe"="C:\Documents and Settings\All Users\Data aplikací\dccfcc4\LPdccf.exe:*:Enabled:Live PC Care"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-02-08 16:26:16 ----D---- C:\rsit
2010-02-08 16:26:16 ----D---- C:\Program Files\trend micro
2010-02-07 19:20:50 ----D---- C:\Program Files\Common Files\Skype
2010-02-07 18:43:24 ----A---- C:\WINDOWS\system32\asw9.tmp
2010-02-06 16:13:48 ----D---- C:\Program Files\ESET
2010-02-06 13:01:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-02-06 12:04:50 ----D---- C:\Documents and Settings\Robert Hanák\Data aplikací\TeamViewer
2010-02-06 12:04:42 ----D---- C:\Program Files\TeamViewer
2010-02-06 11:39:07 ----SHD---- C:\Documents and Settings\Robert Hanák\Data aplikací\Live PC Care
2010-02-06 11:39:07 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\LPHIOAGNJDCG
2010-02-06 11:38:23 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\dccfcc4
2010-02-04 20:04:13 ----D---- C:\WINDOWS\system32\appmgmt
2010-02-03 20:55:18 ----A---- C:\Documents and Settings\All Users\Data aplikací\ra3.ini
2010-02-03 20:35:48 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-02-03 20:35:34 ----D---- C:\ProgramData
2010-02-03 20:15:04 ----D---- C:\Program Files\Electronic Arts
2010-02-03 20:15:03 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-02-03 20:15:03 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-02-03 20:15:01 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-02-03 20:15:00 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-02-03 20:15:00 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-02-03 20:14:54 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-02-03 20:14:50 ----D---- C:\WINDOWS\Logs
2010-02-03 18:33:31 ----D---- C:\Program Files\Gameforge4D
2010-02-03 17:52:04 ----D---- C:\Program Files\ICQ6.5
2010-02-03 13:09:54 ----A---- C:\WINDOWS\NeroDigital.ini
2010-02-02 21:10:10 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-02 21:10:04 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-02 21:09:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-02 21:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-02-02 20:59:35 ----A---- C:\WINDOWS\system32\SFIMLARK.dll
2010-02-02 20:59:35 ----A---- C:\WINDOWS\system32\SFIDLOCK.dll
2010-02-02 20:59:35 ----A---- C:\WINDOWS\system32\IASMXDLL.dll
2010-02-02 20:59:35 ----A---- C:\WINDOWS\system32\IASDLL.dll
2010-02-02 20:59:35 ----A---- C:\WINDOWS\system32\IASBB.dll
2010-02-02 20:59:13 ----A---- C:\WINDOWS\system32\staco.dll
2010-02-02 20:58:59 ----D---- C:\Program Files\SigmaTel
2010-02-02 20:44:14 ----D---- C:\Documents and Settings\Robert Hanák\Data aplikací\Nero
2010-02-02 20:43:57 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2010-02-02 20:42:30 ----D---- C:\Program Files\Nero
2010-02-02 20:42:30 ----D---- C:\Program Files\Common Files\Nero
2010-02-02 20:42:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2010-02-02 20:41:51 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-02-02 20:41:49 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-02-02 20:36:31 ----D---- C:\Documents and Settings\Robert Hanák\Data aplikací\skypePM
2010-02-02 20:35:51 ----A---- C:\WINDOWS\system32\stlang.dll
2010-02-02 20:35:51 ----A---- C:\WINDOWS\system32\stacsv.exe
2010-02-02 20:35:51 ----A---- C:\WINDOWS\sttray.exe
2010-02-02 20:35:35 ----A---- C:\WINDOWS\system32\st322000.dll
2010-02-02 20:35:24 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-02 20:31:38 ----D---- C:\Documents and Settings\Robert Hanák\Data aplikací\Skype
2010-02-02 20:31:28 ----RD---- C:\Program Files\Skype
2010-02-02 20:31:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-02-02 20:17:25 ----A---- C:\WINDOWS\TRNCOM.INI
2010-02-02 20:15:53 ----D---- C:\TRANSLAT
2010-02-02 20:15:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\LangSoft
2010-02-02 20:15:45 ----D---- C:\Documents and Settings\Robert Hanák\Data aplikací\LangSoft
2010-02-02 20:11:35 ----A---- C:\WINDOWS\system32\CSVer.dll
2010-02-02 20:08:36 ----A---- C:\WINDOWS\system32\igfxCoIn_v5016.dll
2010-02-02 20:08:35 ----D---- C:\WINDOWS\system32\Lang
2010-02-02 20:08:31 ----D---- C:\Intel
2010-02-02 20:06:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-02-02 20:03:24 ----D---- C:\Program Files\SystemRequirementsLab
2010-02-02 19:59:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-02-02 19:59:49 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-02-02 19:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-02-02 19:59:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-02-02 19:59:29 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-02-02 19:59:24 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-02-02 19:59:16 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-02-02 19:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-02 19:59:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-02 19:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-02-02 19:58:45 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-02 19:58:37 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-02-02 19:57:28 ----D---- C:\WINDOWS\ie8updates
2010-02-02 19:55:39 ----HDC---- C:\WINDOWS\ie8
2010-02-02 19:52:38 ----D---- C:\Program Files\Microsoft Works
2010-02-02 19:52:24 ----D---- C:\Program Files\Microsoft Visual Studio
2010-02-02 19:52:24 ----D---- C:\Program Files\Common Files\DESIGNER
2010-02-02 19:51:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-02-02 19:50:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-02-02 19:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2010-02-02 19:50:30 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-02-02 19:49:58 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-02 19:49:35 ----D---- C:\WINDOWS\SHELLNEW
2010-02-02 19:48:46 ----D---- C:\Program Files\Microsoft Office
2010-02-02 19:48:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-02 19:48:25 ----RHD---- C:\MSOCache
2010-02-02 19:43:34 ----A---- C:\WINDOWS\system32\h323log.txt
2010-02-02 19:41:23 ----D---- C:\Program Files\IDT
2010-02-02 19:41:17 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-02-02 19:39:21 ----A---- C:\WINDOWS\system32\usbui.dll
2010-02-02 19:38:57 ----D---- C:\WINDOWS\system32\x64
2010-02-02 19:38:57 ----A---- C:\WINDOWS\system32\igxpun.exe
2010-02-02 19:38:50 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-02 19:38:50 ----A---- C:\WINDOWS\system32\difxapi.dll
2010-02-02 19:37:14 ----D---- C:\Program Files\PowerISO
2010-02-02 19:34:48 ----A---- C:\WINDOWS\imsins.BAK
2010-02-02 19:34:45 ----SHD---- C:\WINDOWS\Installer
2010-02-02 19:34:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-02 19:34:44 ----D---- C:\Program Files\Common Files\ODBC
2010-02-02 19:34:44 ----A---- C:\WINDOWS\ODBCINST.INI
2010-02-02 19:34:41 ----RD---- C:\Program Files
2010-02-02 19:34:41 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-02-02 19:34:41 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-02 19:34:41 ----D---- C:\Program Files\Common Files
2010-02-02 19:34:38 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-02-02 19:34:38 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-02-02 19:34:38 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-02-02 19:34:36 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-02-02 19:34:36 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-02-02 19:34:36 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-02-02 19:34:36 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-02-02 19:34:36 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-02-02 19:34:36 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-02-02 19:34:36 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-02-02 19:34:36 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-02-02 19:34:36 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-02-02 19:34:36 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-02-02 19:34:36 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-02-02 19:34:36 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-02-02 19:34:35 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-02-02 19:34:35 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-02-02 19:34:35 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-02-02 19:34:35 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-02-02 19:34:35 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-02-02 19:34:35 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-02-02 19:34:35 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-02-02 19:34:34 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-02-02 19:34:34 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-02-02 19:34:34 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-02-02 19:34:34 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-02-02 19:34:34 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-02-02 19:34:30 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2010-02-02 19:34:30 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2010-02-02 19:34:30 ----RA---- C:\WINDOWS\system32\kbdro.dll
2010-02-02 19:34:30 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2010-02-02 19:34:30 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2010-02-02 19:34:30 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2010-02-02 19:34:29 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2010-02-02 19:34:29 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2010-02-02 19:34:29 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2010-02-02 19:34:29 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2010-02-02 19:34:28 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-02-02 19:34:28 ----A---- C:\WINDOWS\system32\irclass.dll
2010-02-02 19:34:28 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-02-02 19:34:28 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-02-02 19:34:28 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-02-02 19:34:26 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-02-02 19:34:26 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-02-02 19:34:26 ----A---- C:\WINDOWS\system32\batt.dll
2010-02-02 19:34:25 ----A---- C:\WINDOWS\system32\storprop.dll
2010-02-02 19:34:25 ----A---- C:\WINDOWS\NOTEPAD.EXE
2010-02-02 19:34:17 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2010-02-02 19:34:12 ----RA---- C:\WINDOWS\SET8.tmp
2010-02-02 19:34:10 ----RA---- C:\WINDOWS\SET4.tmp
2010-02-02 19:34:09 ----RA---- C:\WINDOWS\SET3.tmp
2010-02-02 19:34:04 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-02 19:34:04 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-02 19:34:00 ----D---- C:\Program Files\ICQ6Toolbar
2010-02-02 19:33:58 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-02-02 19:33:58 ----D---- C:\Documents and Settings\Robert Hanák\Data aplikací\Mozilla
2010-02-02 19:33:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-02-02 19:33:46 ----A---- C:\WINDOWS\setuplog.txt
2010-02-02 19:33:28 ----D---- C:\Program Files\ICQ7.0
2010-02-02 19:30:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-02-02 19:30:08 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-02 19:30:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-02-02 19:29:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-02-02 19:29:46 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-02-02 19:29:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2010-02-02 19:29:35 ----SHD---- C:\RECYCLER
2010-02-02 19:29:35 ----A---- C:\WINDOWS\system32\MSVCR71.dll
2010-02-02 19:29:35 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2010-02-02 19:29:35 ----A---- C:\WINDOWS\system32\MFC71.dll
2010-02-02 19:29:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-02-02 19:29:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-02-02 19:29:32 ----D---- C:\Program Files\Alwil Software
2010-02-02 19:29:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-02 19:29:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-02-02 19:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-02 19:29:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-02-02 19:29:06 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-02-02 19:28:13 ----A---- C:\WINDOWS\system32\MRT.exe
2010-02-02 19:28:07 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-02-02 19:28:03 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-02-02 19:27:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-02-02 19:27:54 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-02-02 19:27:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-02 19:27:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-02 19:27:37 ----D---- C:\Documents and Settings\Robert Hanák\Data aplikací\Macromedia
2010-02-02 19:27:34 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-02-02 19:27:26 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-02-02 19:27:21 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-02-02 19:27:01 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-02-02 19:26:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-02-02 19:26:33 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-02 19:26:29 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-02-02 19:26:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-02-02 19:26:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-02-02 19:26:13 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-02-02 19:26:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-02 19:26:03 ----D---- C:\Documents and Settings\Robert Hanák\Data aplikací\ICQ
2010-02-02 19:26:02 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-02-02 19:25:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-02 19:25:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2010-02-02 19:25:45 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-02-02 19:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-02-02 19:25:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-02-02 19:25:17 ----D---- C:\WINDOWS\ie7updates
2010-02-02 19:25:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-02-02 19:25:06 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-02 19:25:02 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-02 19:24:57 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-02 19:24:52 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-02 19:24:46 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-02 19:24:14 ----A---- C:\WINDOWS\system32\stacapi.dll
2010-02-02 19:23:22 ----D---- C:\Documents and Settings\Robert Hanák\Data aplikací\Adobe
2010-02-02 19:21:36 ----RA---- C:\WINDOWS\system32\NicInstE.dll
2010-02-02 19:21:36 ----RA---- C:\WINDOWS\system32\e1000msg.dll
2010-02-02 19:21:36 ----A---- C:\WINDOWS\system32\NicCo2.dll
2010-02-02 19:20:25 ----A---- C:\WINDOWS\system32\igfxzoom.exe
2010-02-02 19:20:25 ----A---- C:\WINDOWS\system32\igfxtray.exe
2010-02-02 19:20:25 ----A---- C:\WINDOWS\system32\igfxsrvc.exe
2010-02-02 19:20:25 ----A---- C:\WINDOWS\system32\igfxpers.exe
2010-02-02 19:20:25 ----A---- C:\WINDOWS\system32\igfxext.exe
2010-02-02 19:20:25 ----A---- C:\WINDOWS\system32\igfxcfg.exe
2010-02-02 19:20:24 ----A---- C:\WINDOWS\system32\hkcmd.exe
2010-02-02 19:20:10 ----A---- C:\WINDOWS\system32\igxprd32.dll
2010-02-02 19:20:10 ----A---- C:\WINDOWS\system32\igxpgd32.dll
2010-02-02 19:20:10 ----A---- C:\WINDOWS\system32\igxpdx32.dll
2010-02-02 19:20:09 ----A---- C:\WINDOWS\system32\igxpdv32.dll
2010-02-02 19:20:09 ----A---- C:\WINDOWS\system32\igmedcompkrn.dll
2010-02-02 19:20:09 ----A---- C:\WINDOWS\system32\igfxCoIn_v4906.dll
2010-02-02 19:20:04 ----A---- C:\WINDOWS\system32\igklg450.dll
2010-02-02 19:20:04 ----A---- C:\WINDOWS\system32\igklg400.dll
2010-02-02 19:20:04 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
2010-02-02 19:20:04 ----A---- C:\WINDOWS\system32\igfxress.dll
2010-02-02 19:20:03 ----A---- C:\WINDOWS\system32\igfxpph.dll
2010-02-02 19:20:03 ----A---- C:\WINDOWS\system32\igfxexps.dll
2010-02-02 19:20:03 ----A---- C:\WINDOWS\system32\igfxdo.dll
2010-02-02 19:20:03 ----A---- C:\WINDOWS\system32\igfxdev.dll
2010-02-02 19:20:03 ----A---- C:\WINDOWS\system32\ig4icd32.dll
2010-02-02 19:20:03 ----A---- C:\WINDOWS\system32\ig4dev32.dll
2010-02-02 19:20:01 ----A---- C:\WINDOWS\system32\hccutils.dll
2010-02-02 19:19:40 ----D---- C:\Program Files\WinRAR
2010-02-02 19:17:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-02-02 19:17:04 ----D---- C:\Program Files\Common Files\Adobe
2010-02-02 19:17:04 ----D---- C:\Program Files\Adobe
2010-02-02 19:16:22 ----D---- C:\D
2010-02-02 19:16:11 ----D---- C:\Documents and Settings
2010-02-02 19:15:25 ----SH---- C:\boot.ini
2010-02-02 19:14:35 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-02-02 19:14:35 ----D---- C:\WINDOWS\system32\PreInstall
2010-02-02 19:14:35 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-02-02 19:14:33 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-02-02 19:14:33 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-02 19:13:11 ----SHD---- C:\System Volume Information
2010-02-02 19:11:05 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-02-02 19:11:05 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-02 19:11:05 ----RSD---- C:\WINDOWS\Fonts
2010-02-02 19:11:05 ----RD---- C:\WINDOWS\Web
2010-02-02 19:11:05 ----HD---- C:\WINDOWS\inf
2010-02-02 19:11:05 ----D---- C:\WINDOWS\WinSxS
2010-02-02 19:11:05 ----D---- C:\WINDOWS\WBEM
2010-02-02 19:11:05 ----D---- C:\WINDOWS\twain_32
2010-02-02 19:11:05 ----D---- C:\WINDOWS\Temp
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\wins
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\wbem
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\usmt
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\spool
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\ShellExt
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\Setup
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\ras
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\oobe
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\npp
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\mui
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\inetsrv
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\IME
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\icsxml
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\ias
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\export
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\drivers
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\dhcp
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\cs-cz
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\cs
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\config
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\3com_dmi
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\3076
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\2052
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\1054
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\1042
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\1041
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\1037
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\1033
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\1031
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\1029
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\1028
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32\1025
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system32
2010-02-02 19:11:05 ----D---- C:\WINDOWS\system
2010-02-02 19:11:05 ----D---- C:\WINDOWS\security
2010-02-02 19:11:05 ----D---- C:\WINDOWS\Resources
2010-02-02 19:11:05 ----D---- C:\WINDOWS\repair
2010-02-02 19:11:05 ----D---- C:\WINDOWS\Provisioning
2010-02-02 19:11:05 ----D---- C:\WINDOWS\pchealth
2010-02-02 19:11:05 ----D---- C:\WINDOWS\PeerNet
2010-02-02 19:11:05 ----D---- C:\WINDOWS\Offline Web Pages
2010-02-02 19:11:05 ----D---- C:\WINDOWS\Network Diagnostic
2010-02-02 19:11:05 ----D---- C:\WINDOWS\mui
2010-02-02 19:11:05 ----D---- C:\WINDOWS\msapps
2010-02-02 19:11:05 ----D---- C:\WINDOWS\msagent
2010-02-02 19:11:05 ----D---- C:\WINDOWS\Media
2010-02-02 19:11:05 ----D---- C:\WINDOWS\L2Schemas
2010-02-02 19:11:05 ----D---- C:\WINDOWS\java
2010-02-02 19:11:05 ----D---- C:\WINDOWS\ime
2010-02-02 19:11:05 ----D---- C:\WINDOWS\Help
2010-02-02 19:11:05 ----D---- C:\WINDOWS\ehome
2010-02-02 19:11:05 ----D---- C:\WINDOWS\Driver Cache
2010-02-02 19:11:05 ----D---- C:\WINDOWS\Debug
2010-02-02 19:11:05 ----D---- C:\WINDOWS\Cursors
2010-02-02 19:11:05 ----D---- C:\WINDOWS\Connection Wizard
2010-02-02 19:11:05 ----D---- C:\WINDOWS\Config
2010-02-02 19:11:05 ----D---- C:\WINDOWS\AppPatch
2010-02-02 19:11:05 ----D---- C:\WINDOWS\addins
2010-02-02 19:11:05 ----D---- C:\WINDOWS
2010-02-02 19:08:29 ----RA---- C:\WINDOWS\system32\Prounstl.exe
2010-02-02 19:08:29 ----RA---- C:\WINDOWS\system32\NicEtCoE.dll
2010-02-02 19:08:29 ----RA---- C:\WINDOWS\system32\NicCo.dll
2010-02-02 19:06:28 ----A---- C:\WINDOWS\system32\VB5DB.DLL
2010-02-02 19:06:21 ----D---- C:\Program Files\Intel Audio Studio
2010-02-02 19:06:06 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-02 19:05:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-02 19:02:47 ----D---- C:\Program Files\Intel
2010-02-02 19:01:16 ----D---- C:\Program Files\MSXML 4.0
2010-02-02 19:01:07 ----D---- C:\TempEI4
2010-02-02 18:58:18 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-02-02 18:55:28 ----D---- C:\Documents and Settings\Robert Hanák\Data aplikací\Identities
2010-02-02 18:55:23 ----HD---- C:\Program Files\Uninstall Information
2010-02-02 18:54:38 ----D---- C:\WINDOWS\DriverPacks
2010-02-02 18:54:28 ----ASH---- C:\Documents and Settings\Robert Hanák\Data aplikací\desktop.ini
2010-02-02 18:54:27 ----SD---- C:\Documents and Settings\Robert Hanák\Data aplikací\Microsoft
2010-02-02 18:52:26 ----D---- C:\WINDOWS\SoftwareDistribution
2010-02-02 18:51:59 ----SD---- C:\WINDOWS\system32\Microsoft
2010-02-02 18:51:59 ----D---- C:\WINDOWS\Prefetch
2010-02-02 18:51:59 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-02 18:49:04 ----D---- C:\WINDOWS\system32\xircom
2010-02-02 18:49:04 ----D---- C:\Program Files\xerox
2010-02-02 18:49:04 ----D---- C:\Program Files\microsoft frontpage
2010-02-02 18:48:46 ----A---- C:\WINDOWS\control.ini
2010-02-02 18:48:46 ----A---- C:\AUTOEXEC.BAT
2010-02-02 18:48:31 ----A---- C:\WINDOWS\OEWABLog.txt
2010-02-02 18:48:25 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-02-02 18:47:33 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-02-02 18:47:30 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-02-02 18:47:23 ----HD---- C:\Program Files\WindowsUpdate
2010-02-02 18:47:19 ----D---- C:\Program Files\Online Services
2010-02-02 18:47:05 ----D---- C:\WINDOWS\system32\DirectX
2010-02-02 18:46:59 ----A---- C:\WINDOWS\system32\atrace.dll
2010-02-02 18:46:57 ----A---- C:\WINDOWS\system32\desktop.ini
2010-02-02 18:46:57 ----A---- C:\WINDOWS\desktop.ini
2010-02-02 18:46:53 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-02-02 18:46:52 ----A---- C:\WINDOWS\system32\acctres.dll
2010-02-02 18:46:51 ----D---- C:\Program Files\Common Files\Services
2010-02-02 18:46:49 ----SD---- C:\WINDOWS\Tasks
2010-02-02 18:46:49 ----D---- C:\Program Files\Common Files\MSSoap
2010-02-02 18:46:49 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-02-02 18:46:46 ----D---- C:\WINDOWS\srchasst
2010-02-02 18:46:45 ----D---- C:\WINDOWS\system32\Macromed
2010-02-02 18:46:44 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-02-02 18:46:44 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-02-02 18:46:44 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-02-02 18:46:44 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-02-02 18:46:44 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-02-02 18:46:43 ----A---- C:\WINDOWS\system32\wups.dll
2010-02-02 18:46:43 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-02-02 18:46:43 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-02-02 18:46:43 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-02-02 18:46:43 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-02-02 18:46:43 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-02-02 18:46:43 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2010-02-02 18:46:43 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-02-02 18:46:43 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-02-02 18:46:40 ----D---- C:\Program Files\Movie Maker
2010-02-02 18:46:27 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-02-02 18:46:27 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-02-02 18:46:27 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-02-02 18:46:27 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-02-02 18:46:24 ----D---- C:\WINDOWS\system32\Restore
2010-02-02 18:46:24 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-02-02 18:46:24 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-02-02 18:46:24 ----A---- C:\WINDOWS\system32\srclient.dll
2010-02-02 18:46:24 ----A---- C:\WINDOWS\system32\fltMc.exe
2010-02-02 18:46:24 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-02-02 18:46:23 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-02-02 18:46:23 ----A---- C:\WINDOWS\system32\msconf.dll
2010-02-02 18:46:23 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-02-02 18:46:23 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-02-02 18:46:23 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-02-02 18:46:23 ----A---- C:\WINDOWS\system32\ils.dll
2010-02-02 18:46:21 ----D---- C:\Program Files\NetMeeting
2010-02-02 18:46:21 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-02-02 18:46:21 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-02-02 18:46:20 ----A---- C:\WINDOWS\system32\inetres.dll
2010-02-02 18:46:20 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-02-02 18:46:19 ----D---- C:\Program Files\Outlook Express
2010-02-02 18:46:19 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-02-02 18:46:19 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-02-02 18:46:18 ----A---- C:\WINDOWS\system32\mstask.dll
2010-02-02 18:46:18 ----A---- C:\WINDOWS\system32\isign32.dll
2010-02-02 18:46:18 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-02-02 18:46:18 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-02-02 18:46:18 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-02-02 18:46:14 ----D---- C:\Program Files\Common Files\System
2010-02-02 18:46:12 ----D---- C:\Program Files\Internet Explorer
2010-02-02 18:45:31 ----D---- C:\Program Files\ComPlus Applications
2010-02-02 18:45:29 ----A---- C:\WINDOWS\vbaddin.ini
2010-02-02 18:45:29 ----A---- C:\WINDOWS\vb.ini
2010-02-02 18:45:23 ----D---- C:\WINDOWS\Registration
2010-02-02 18:45:03 ----D---- C:\Program Files\Windows Media Connect 2
2010-02-02 18:45:02 ----D---- C:\Program Files\Windows Media Player
2010-02-02 18:45:00 ----D---- C:\Program Files\Messenger
2010-02-02 18:44:58 ----D---- C:\Program Files\MSN Gaming Zone
2010-02-02 18:44:58 ----A---- C:\WINDOWS\system32\write.exe
2010-02-02 18:44:51 ----A---- C:\WINDOWS\system32\winchat.exe
2010-02-02 18:44:51 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-02-02 18:44:51 ----A---- C:\WINDOWS\system32\hticons.dll
2010-02-02 18:44:51 ----A---- C:\WINDOWS\system32\avwav.dll
2010-02-02 18:44:51 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-02-02 18:44:51 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-02-02 18:44:46 ----A---- C:\WINDOWS\system32\charmap.exe
2010-02-02 18:44:46 ----A---- C:\WINDOWS\system32\getuname.dll
2010-02-02 18:44:46 ----A---- C:\WINDOWS\system32\calc.exe
2010-02-02 18:44:45 ----A---- C:\WINDOWS\system32\winmine.exe
2010-02-02 18:44:45 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-02-02 18:44:45 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-02-02 18:44:45 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-02-02 18:44:45 ----A---- C:\WINDOWS\system32\tskill.exe
2010-02-02 18:44:45 ----A---- C:\WINDOWS\system32\sol.exe
2010-02-02 18:44:45 ----A---- C:\WINDOWS\system32\reset.exe
2010-02-02 18:44:45 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-02-02 18:44:45 ----A---- C:\WINDOWS\system32\freecell.exe
2010-02-02 18:44:44 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-02-02 18:44:44 ----A---- C:\WINDOWS\system32\tscon.exe
2010-02-02 18:44:44 ----A---- C:\WINDOWS\system32\shadow.exe
2010-02-02 18:44:44 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-02-02 18:44:44 ----A---- C:\WINDOWS\system32\regini.exe
2010-02-02 18:44:44 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-02-02 18:44:44 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-02-02 18:44:44 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-02-02 18:44:44 ----A---- C:\WINDOWS\system32\msg.exe
2010-02-02 18:44:44 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-02-02 18:44:44 ----A---- C:\WINDOWS\system32\logoff.exe
2010-02-02 18:44:44 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-02-02 18:44:40 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-02-02 18:44:39 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-02-02 18:44:39 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-02-02 18:44:39 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-02-02 18:44:38 ----D---- C:\Program Files\Windows NT
2010-02-02 18:44:38 ----A---- C:\WINDOWS\system32\spider.exe
2010-02-02 18:44:38 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-02-02 18:44:38 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-02-02 18:44:38 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-02-02 18:44:37 ----A---- C:\WINDOWS\system32\tsgqec.dll
2010-02-02 18:44:37 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-02-02 18:44:37 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2010-02-02 18:44:37 ----A---- C:\WINDOWS\system32\aaclient.dll
2010-02-02 18:44:36 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-02-02 18:44:36 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-02-02 18:44:36 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-02-02 18:44:36 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-02-02 18:44:36 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-02-02 18:44:36 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-02-02 18:44:36 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-02-02 18:44:35 ----D---- C:\WINDOWS\system32\MsDtc
2010-02-02 18:44:35 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-02-02 18:44:35 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-02-02 18:44:35 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-02-02 18:44:35 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-02-02 18:44:35 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-02-02 18:44:35 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-02-02 18:44:35 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-02-02 18:44:35 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-02-02 18:44:35 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-02-02 18:44:35 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-02-02 18:44:35 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-02-02 18:44:34 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-02-02 18:44:34 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-02-02 18:44:34 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-02-02 18:44:34 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-02-02 18:44:34 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-02-02 18:44:34 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-02-02 18:44:34 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-02-02 18:44:33 ----D---- C:\WINDOWS\system32\Com
2010-02-02 18:44:33 ----A---- C:\WINDOWS\system32\stclient.dll
2010-02-02 18:44:33 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-02-02 18:44:33 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-02-02 18:44:33 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-02-02 18:44:33 ----A---- C:\WINDOWS\system32\colbact.dll
2010-02-02 18:44:33 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-02-02 18:44:33 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-02-02 18:44:33 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-02-02 18:44:33 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-02-02 18:44:32 ----A---- C:\WINDOWS\system32\comuid.dll
2010-02-02 18:44:32 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-02-02 18:44:32 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-02-02 18:44:28 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-02-02 18:44:27 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-02-02 18:44:27 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-02-02 18:44:27 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2010-02-02 19:34:40 ----A---- C:\WINDOWS\system.ini
2010-02-02 18:48:43 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-01-28 28240]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-01-28 163280]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-01-28 46672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-01-28 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-01-28 100432]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-07-19 230400]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-07-09 44416]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-12-12 6048768]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-07-19 13568]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-12-02 41728]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-07-27 1171464]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vmmouse;VMware Pointing Device; C:\WINDOWS\system32\DRIVERS\vmmouse.sys [2007-05-02 11696]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-01-28 23376]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-08-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-08-08 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
S2 STacSV;Audio Service; C:\WINDOWS\system32\STacSV.exe [2009-03-12 254036]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]

-----------------EOF-----------------

Re: Problém Live PC Care

Napsal: 08 úno 2010 16:53
od Caroprd111
:arrow: Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

:arrow: Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary

:arrow: Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrází stránka s licenčnímy podmínkami, pokračujte stisknutím tlačítka "Ano"

:arrow: Pokud ComboFix nepůjde spustit, tak zkuste ComboFix přejmenovat třeba na cokoliv.com, případně přejmenovaný ComboFix spusťte v nouzovém režimu.

:arrow: Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna :!:

:arrow: Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.

:arrow: Během skenování může být počítač restartován.

Re: Problém Live PC Care

Napsal: 08 úno 2010 17:09
od Tosik
Firewall jsem vypnul, ale nemůžu vypnout Avasta. V liště není jeho ikona (u hodin), zástupcem nejde spustit a nejde ani odinstalovat. Ten program, který mám spustit se ozval, že je Avast aktivní a že bez jeho vypnutí nedoporučuje pokračovat, neb hrozí poškození PC. Mám tedy tuto hlášku ignorovat, nebo je třeba postupovat jinak? Díky moc za rady. PC Care mi posílá neustále hlášky a chce dolary. :-) A hodně!!! :-)

Re: Problém Live PC Care

Napsal: 08 úno 2010 17:16
od Caroprd111
:arrow: Hlášku ComboFixu o zapnutém antiviru ignorujte.

:arrow: Hlavně nic neplaťte :!:

Re: Problém Live PC Care

Napsal: 08 úno 2010 18:27
od robopoter
ComboFix 10-02-07.08 - Robert Hanák 08.02.2010 18:15:50.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.998.495 [GMT 1:00]
Spuštěný z: c:\documents and settings\Robert Hanák\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100206-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ICQ6.5\ICQLRun.exe
c:\windows\system32\stacsv.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_STacSV
-------\Service_STacSV


((((((((((((((((((((((((( Soubory vytvořené od 2010-01-08 do 2010-02-08 )))))))))))))))))))))))))))))))
.

2010-02-08 15:26 . 2010-02-08 15:26 -------- d-----w- C:\rsit
2010-02-08 15:26 . 2010-02-08 15:26 -------- d-----w- c:\program files\trend micro
2010-02-07 18:20 . 2010-02-07 18:20 -------- d-----w- c:\program files\Common Files\Skype
2010-02-07 17:16 . 2008-04-13 23:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-02-07 17:16 . 2008-04-13 23:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-02-06 15:13 . 2010-02-07 09:42 -------- d-----w- c:\program files\ESET
2010-02-06 11:04 . 2010-02-06 11:04 -------- d-----w- c:\program files\TeamViewer
2010-02-04 19:26 . 2010-02-04 19:26 3828 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-02-03 19:35 . 2010-02-03 19:35 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-03 19:35 . 2010-02-03 19:35 -------- d-----w- C:\ProgramData
2010-02-03 19:15 . 2010-02-04 19:26 -------- d-----w- c:\program files\Electronic Arts
2010-02-03 19:15 . 2008-05-30 13:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2010-02-03 19:15 . 2008-05-30 13:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2010-02-03 19:15 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2010-02-03 19:15 . 2007-07-19 17:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2010-02-03 19:15 . 2007-07-19 17:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2010-02-03 19:14 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-02-03 19:14 . 2010-02-03 19:14 -------- d-----w- c:\windows\Logs
2010-02-03 18:29 . 2010-02-04 16:08 -------- d-----w- c:\documents and settings\Radmila Hanáková
2010-02-03 17:33 . 2010-02-03 17:33 -------- d-----w- c:\program files\Gameforge4D
2010-02-03 16:52 . 2010-02-08 17:18 -------- d-----w- c:\program files\ICQ6.5
2010-02-03 16:35 . 2010-02-03 16:36 -------- d-----w- c:\documents and settings\Jiří Hanák
2010-02-03 16:33 . 2010-02-05 14:03 -------- d-----w- c:\documents and settings\Martin Hanák
2010-02-03 12:22 . 2008-04-13 23:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2010-02-03 09:55 . 2008-04-13 23:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2010-02-03 09:55 . 2008-04-13 23:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-02-02 19:59 . 2006-02-17 09:26 266240 ----a-w- c:\windows\system32\IASMXDLL.dll
2010-02-02 19:59 . 2005-11-18 13:57 40960 ----a-w- c:\windows\system32\SFIMLARK.dll
2010-02-02 19:59 . 2005-10-07 11:49 274432 ----a-w- c:\windows\system32\IASDLL.dll
2010-02-02 19:59 . 2005-07-21 19:28 53248 ----a-w- c:\windows\system32\IASBB.dll
2010-02-02 19:59 . 2005-03-06 18:26 61440 ----a-w- c:\windows\system32\SFIDLOCK.dll
2010-02-02 19:59 . 2006-07-27 06:21 117248 ----a-w- c:\windows\system32\staco.dll
2010-02-02 19:58 . 2010-02-02 19:58 -------- d-----w- c:\program files\SigmaTel
2010-02-02 19:42 . 2010-02-02 19:43 -------- d-----w- c:\program files\Common Files\Nero
2010-02-02 19:42 . 2010-02-02 19:42 -------- d-----w- c:\program files\Nero
2010-02-02 19:36 . 2010-02-02 19:36 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-02-02 19:35 . 2009-03-12 11:53 483422 ----a-w- c:\windows\sttray.exe
2010-02-02 19:35 . 2006-07-26 02:58 1093632 ----a-w- c:\windows\system32\stlang.dll
2010-02-02 19:35 . 2009-03-12 11:53 171520 ----a-w- c:\windows\system32\st322000.dll
2010-02-02 19:35 . 2006-07-27 06:24 1171464 ----a-w- c:\windows\system32\drivers\sthda.sys
2010-02-02 19:35 . 2010-02-03 19:35 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-02 19:31 . 2010-02-07 18:20 -------- d-----r- c:\program files\Skype
2010-02-02 19:15 . 2010-02-02 19:17 -------- d-----w- C:\TRANSLAT
2010-02-02 19:11 . 2009-12-14 11:33 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-02-02 19:08 . 2008-12-12 09:40 147456 ----a-w- c:\windows\system32\igfxCoIn_v5016.dll
2010-02-02 19:08 . 2008-12-12 09:34 1481884 ----a-w- c:\windows\system32\igkrng400.bin
2010-02-02 19:08 . 2010-02-02 19:08 -------- d-----w- c:\windows\system32\Lang
2010-02-02 19:08 . 2010-02-02 19:08 -------- d-----w- C:\Intel
2010-02-02 19:03 . 2010-02-02 19:03 -------- d-----w- c:\program files\SystemRequirementsLab

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-07 17:43 . 2010-02-02 18:29 -------- d-----w- c:\program files\Alwil Software
2010-02-07 14:31 . 2010-02-02 17:47 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-07 14:31 . 2010-02-02 17:47 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-07 14:30 . 2010-02-02 17:48 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-06 11:47 . 2010-02-02 17:45 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-04 19:26 . 2010-02-02 18:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-03 18:27 . 2010-02-02 18:34 -------- d-----w- c:\program files\ICQ6Toolbar
2010-02-03 09:57 . 2001-10-25 12:00 46196 ----a-w- c:\windows\system32\perfc005.dat
2010-02-03 09:57 . 2001-10-25 12:00 309990 ----a-w- c:\windows\system32\perfh005.dat
2010-02-02 19:59 . 2010-02-02 18:06 -------- d-----w- c:\program files\Intel Audio Studio
2010-02-02 19:35 . 2010-02-02 18:41 -------- d-----w- c:\program files\IDT
2010-02-02 18:52 . 2010-02-02 18:52 -------- d-----w- c:\program files\Microsoft Works
2010-02-02 18:37 . 2010-02-02 18:37 -------- d-----w- c:\program files\PowerISO
2010-02-02 18:35 . 2010-02-02 18:33 -------- d-----w- c:\program files\ICQ7.0
2010-02-02 18:17 . 2010-02-02 18:17 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-02 18:08 . 2010-02-02 18:02 -------- d-----w- c:\program files\Intel
2010-02-02 18:01 . 2010-02-02 18:01 -------- d-----w- c:\program files\MSXML 4.0
2010-02-02 17:49 . 2010-02-02 17:49 -------- d-----w- c:\program files\microsoft frontpage
2010-02-02 17:45 . 2010-02-02 17:45 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-28 22:09 . 2010-02-02 18:29 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-01-28 22:09 . 2010-02-02 18:29 152672 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-28 21:57 . 2010-02-02 18:29 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-28 21:57 . 2010-02-02 18:29 163280 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-28 21:54 . 2010-02-02 18:30 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-28 21:54 . 2010-02-02 18:29 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-28 21:54 . 2010-02-02 18:29 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-28 21:54 . 2010-02-02 18:29 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-28 21:53 . 2010-02-02 18:29 28240 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-12-21 19:08 . 2008-08-08 15:43 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-24 23:54 . 2010-02-07 17:43 1280480 ----a-w- c:\windows\system32\asw9.tmp
2009-11-21 16:03 . 2008-04-14 06:51 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.

------- Sigcheck -------

[-] 2008-08-08 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-01-12 133368]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-02-02 26624]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"Live PC Care"="c:\documents and settings\All Users\Data aplikací\dccfcc4\LPdccf.exe" [2010-02-06 2000896]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-18 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-18 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-18 150040]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-12 483422]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"SigmatelSysTrayApp"="sttray.exe" [2009-03-12 483422]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2006-08-02 9134080]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-01-28 2757512]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\a.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aAvgApi.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AAWTray.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\About.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ackwin32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Ad-Aware.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\adaware.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\advxdwin.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AdwarePrj.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\agent.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\agentsvr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\agentw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\alertsvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\alevir.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\alogserv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AlphaAV]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AlphaAV.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AluSchedulerSvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\amon9x.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\anti-trojan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Anti-Virus Professional.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AntispywarXP2009.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\antivirus.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AntivirusPlus]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AntivirusPlus.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AntivirusPro_2010.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AntivirusXP]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AntivirusXP.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\antivirusxppro2009.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AntiVirus_Pro.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ants.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\apimonitor.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aplica32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\apvxdwin.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\arr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Arrakis3.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashAvast.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashBug.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashChest.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashCnsnt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashDisp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashLogV.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashMaiSv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashPopWz.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashQuick.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashServ.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashSimp2.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashSimpl.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashSkPcc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashSkPck.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashUpd.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashWebSv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aswChLic.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aswRegSvr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aswRunDll.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aswUpdSv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atcon.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atguard.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atro55en.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atupdater.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atwatch.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\au.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aupdate.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\auto-protect.nav80try.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autodown.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autotrace.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autoupdate.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\av360.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avadmin.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVCare.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avcenter.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avciman.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avconfig.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avconsol.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ave32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVENGINE.EXE]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgcc32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgchk.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgcmgr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgcsrvx.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgctrl.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgdumpx.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgemc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgiproxy.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgnsx.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgnt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgrsx.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgscanx.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgserv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgserv9.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgsrmax.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgtray.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgui.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgupd.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgwdsvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avkpop.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avkserv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avkservice.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avkwctl9.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avltmain.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avmailc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avmcdlg.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avnotify.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avnt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avp32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avpcc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avpdos32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avpm.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avptc32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avpupd.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avsched32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avsynmgr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avupgsvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVWEBGRD.EXE]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwin.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwin95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwinnt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwsc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwupd.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwupd32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwupsrv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avxmonitor9x.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avxmonitornt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avxquar.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\b.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\backweb.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bargains.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdagent.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdfvcl.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdfvwiz.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\BDInProcPatch.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdmcon.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\BDMsnScan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdreinit.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdsubwiz.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\BDSurvey.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdtkexec.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdwizreg.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bd_professional.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\beagle.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\belt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bidef.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bidserver.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bipcp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bipcpevalsetup.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bisp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\blackd.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\blackice.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\blink.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\blss.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bootconf.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bootwarn.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\borg2.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bpc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\brasil.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\brastk.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\brw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bs120.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bspatch.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bundle.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bvt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\c.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cavscan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ccapp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ccevtmgr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ccpxysvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ccSvcHst.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cdp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfd.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfgwiz.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfiadmin.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfiaudit.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfinet.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfinet32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfpconfg.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfplogvw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfpupdat.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Cl.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\claw95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\claw95cf.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\clean.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cleaner.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cleaner3.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cleanIELow.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cleanpc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\click.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmd32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmdagent.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmesys.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmgrdian.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmon016.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\connectionmonitor.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\control]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cpd.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cpf9x206.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cpfnt206.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\crashrep.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\csc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cssconfg.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cssupdat.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cssurf.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ctrl.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cwnb181.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cwntdwmo.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\d.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\datemanager.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dcomx.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\defalert.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\defscangui.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\defwatch.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\deloeminfs.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\deputy.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\divx.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dllcache.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dllreg.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\doors.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dop.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dpf.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dpfsetup.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dpps2.exe]
"Debugger"=svchost.exe

Re: Problém Live PC Care

Napsal: 08 úno 2010 18:29
od robopoter
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\driverctrl.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwatson.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drweb32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwebupw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dssagent.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dvp95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dvp95_0.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ecengine.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\efpeadm.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\egui.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ekrn.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\emsw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ent.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\esafe.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\escanhnt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\escanv95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\espwatch.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ethereal.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\etrustcipe.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\evpn.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\exantivirus-cnet.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\exe.avxw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\expert.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\explore.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\f-agnt95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\f-prot.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\f-prot95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\f-stopw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fact.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fameh32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fast.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fch32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fih32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\findviru.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\firewall.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fixcfg.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fixfp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fnrb32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fp-win.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fp-win_trial.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fprot.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\frmwrk32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\frw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsaa.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav530stbyb.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav530wtbyb.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsgk32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsm32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsma32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsmb32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gator.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gav.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gbmenu.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gbn976rl.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gbpoll.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\generics.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gmt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guard.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guarddog.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guardgui.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hacktracersetup.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hbinst.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hbsrv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\History.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\homeav2010.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hotactio.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hotpatch.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htlog.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htpatch.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hwpe.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hxdl.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hxiul.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iamapp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iamserv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iamstats.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ibmasn.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ibmavsp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\icload95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\icloadnt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\icmon.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\icsupp95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\icsuppnt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Identity.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\idle.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iedll.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iedriver.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\IEShow.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iface.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ifw2000.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\inetlnfo.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\infus.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\infwin.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\init.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\init32.exe ]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\install.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\install[1].exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\install[2].exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\install[3].exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\install[4].exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\install[5].exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\intdel.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\intren.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iomon98.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\istsvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jammer.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jdbgmrg.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jedi.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\JsRcGen.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kavlite40eng.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kavpers40eng.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kavpf.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kazza.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\keenvalue.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kerio-pf-213-en-win.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kerio-wrl-421-en-win.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kerio-wrp-421-en-win.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\killprocesssetup161.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\launcher.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ldnetmon.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ldpro.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ldpromenu.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ldscan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\licmgr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\livesrv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lnetinfo.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\loader.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\localnet.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lockdown.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lockdown2000.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lookout.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lordpe.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lsetup.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\luall.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\luau.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lucomserver.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\luinit.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\luspt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MalwareRemoval.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mapisvc32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcagent.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcmnhdlr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcmscsvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcnasvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcproxy.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\McSACore.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcshell.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcshield.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcsysmon.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mctool.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcupdate.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcvsrte.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcvsshld.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\md.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mfin32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mfw2en.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mfweng3.02d30.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mgavrtcl.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mgavrte.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mghtml.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mgui.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\minilog.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mmod.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\monitor.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\moolive.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mostat.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mpfagent.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mpfservice.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MPFSrv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mpftray.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mrflux.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msa.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msapp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MSASCui.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msbb.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msblast.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscache.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msccn32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscman.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msconfig]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msdm.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msdos.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msfwsvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msiexec16.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mslaugh.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msmgt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MsMpEng.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msmsgri32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mssmmc32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mssys.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msvxd.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mu0311ad.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mwatch.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\n32scanw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nav.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navap.navapsvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navapsvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navapw32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navdx.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navlu32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navnt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navstub.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navw32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navwnt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nc2000.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ncinst4.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ndd32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\neomonitor.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\neowatchlog.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netarmor.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netd32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netinfo.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netmon.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netscanpro.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netspyhunter-1.2.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netutils.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nisserv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nisum.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nmain.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nod32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\normist.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\norton_internet_secu_3.0_407.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\notstart.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\npf40_tw_98_nt_me_2k.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\npfmessenger.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nprotect.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\npscheck.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\npssvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nsched32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nssys32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nstask32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nsupdate.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ntrtscan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ntvdm.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ntxconfig.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nui.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nupgrade.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nvarch16.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nvc95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nvsvc32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nwinst4.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nwservice.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nwtool16.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\OAcat.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\OAhlp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\OAReg.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\oasrv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\oaui.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\oaview.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\OcHealthMon.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ODSW.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ollydbg.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\onsrvr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\optimize.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ostronet.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\otfix.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\outpost.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\outpostinstall.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\outpostproinstall.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ozn695m5.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\padmin.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\panixk.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\patch.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pav.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pavcl.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PavFnSvr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pavproxy.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pavprsrv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pavsched.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pavsrv51.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pavw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pccwin98.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pcfwallicon.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pcip10117_0.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pcscan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pctsAuxs.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pctsGui.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pctsSvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pctsTray.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PC_Antispyware2010.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pdfndr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pdsetup.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PerAvir.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\periscope.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\persfw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\personalguard]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\personalguard.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\perswf.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pf2.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pfwadmin.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pgmonitr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pingscan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\platin.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pop3trap.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\poproxy.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\popscan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\portdetective.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\portmonitor.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\powerscan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ppinupdt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pptbc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ppvstop.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prizesurfer.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prmt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prmvr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\procdump.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\processmonitor.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\procexplorerv1.0.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\programauditor.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\proport.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\protector.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\protectx.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PSANCU.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PSANHost.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PSANToManager.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PsCtrls.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PsImSvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PskSvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pspf.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PSUNMain.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\purge.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qconsole.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qh.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qserver.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Quick Heal.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\QuickHealCleaner.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rapapp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rav7.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rav7win.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rav8win32eng.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ray.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rb32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rcsync.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\realmon.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\reged.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\regedt32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rescue.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rescue32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rrguard.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rscdwld.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rshell.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rtvscan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rtvscn95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rulaunch.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rwg]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rwg.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SafetyKeeper.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\safeweb.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sahagent.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Save.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SaveArmor.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SaveDefense.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SaveKeep.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\savenow.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sbserv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\scam32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\scan32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\scan95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\scanpm.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\scrscan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\seccenter.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Secure Veteran.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\secureveteran.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Security Center.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SecurityFighter.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\securitysoldier.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\serv95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setloadorder.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setupvameeval.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setup_flowprotector_us.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sgssfw32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sh.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\shellspyinstall.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\shield.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\shn.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\showbehind.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\signcheck.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\smart.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\smartprotector.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\smc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\smrtdefp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sms.exe]
"Debugger"=svchost.exe

Re: Problém Live PC Care

Napsal: 08 úno 2010 18:29
od robopoter
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\smss32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\snetcfg.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\soap.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sofi.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SoftSafeness.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sperm.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spf.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sphinx.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spoler.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spoolcv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spoolsv32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spywarexpguard.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spyxx.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\srexe.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\srng.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ss3edit.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ssgrate.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ssg_4104.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\st2.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\start.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\stcloader.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\supftrl.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\support.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\supporter5.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\svc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\svchostc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\svchosts.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\svshost.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sweep95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sweepnet.sweepsrv.sys.swnetsup.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\symlcsvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\symproxysvc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\symtray.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\system.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\system32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sysupd.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tapinstall.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\taskmgr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\taumon.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tbscan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tca.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tcm.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tds-3.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tds2-98.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tds2-nt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\teekids.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tfak.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tfak5.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tgbob.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\titanin.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\titaninxp.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TPSrv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\trickler.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\trjscan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\trjsetup.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\trojantrap3.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TrustWarrior.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tsadbot.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tsc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tvmd.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tvtmd.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\uiscan.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\undoboot.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\updat.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\upgrad.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\upgrepl.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\utpost.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbcmserv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbcons.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbust.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbwin9x.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbwinntw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vcsetup.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vet32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vet95.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vettray.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vfsetup.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vir-help.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\virusmdpersonalfirewall.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\VisthAux.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\VisthLic.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\VisthUpd.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vnlan300.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vnpc3000.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vpc32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vpc42.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vpfw30s.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vptray.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vscan40.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vscenu6.02d30.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vsched.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vsecomr.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vshwin32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vsisetup.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vsmain.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vsmon.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vsserv.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vsstat.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vswin9xe.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vswinntse.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vswinperse.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\w32dsm89.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\W3asbas.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\w9x.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\watchdog.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\webdav.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WebProxy.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\webscanx.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\webtrap.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wfindv32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\whoswatchingme.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wimmun32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\win-bugsfix.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\win32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\win32us.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\winactive.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\winav.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\windll32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\window.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\windows Police Pro.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\windows.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wininetd.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wininitx.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\winlogin.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\winmain.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\winppr32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\winrecon.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\winservn.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\winss.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\winssk32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\winssnotify.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WinSSUI.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\winstart.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\winstart001.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wintsk32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\winupdate.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wkufind.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wnad.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wnt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wradmin.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wrctrl.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wsbgate.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wscfxas.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wscfxav.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wscfxfw.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wsctool.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wupdater.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wupdt.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wyvernworksfirewall.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xpdeluxe.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xpf202en.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xp_antispyware.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\zapro.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\zapsetup3001.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\zatutor.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\zonalm2601.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\zonealarm.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\_avp32.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\_avpcc.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\_avpm.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\~1.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\~2.exe]
"Debugger"=svchost.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:Czech /KBD:2

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\dccfcc4\\LPdccf.exe"=

R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [8.8.2008 17:10 143360]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.2.2010 19:29 163280]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.2.2010 19:29 19024]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2.2.2010 19:34 222456]
R3 vmmouse;VMware Pointing Device;c:\windows\system32\drivers\vmmouse.sys [2.2.2010 19:33 11696]
.
Obsah adresáře 'Naplánované úlohy'

2010-02-08 c:\windows\Tasks\User_Feed_Synchronization-{480C6BAD-DEC3-44A1-8624-7F6C2E5B184B}.job
- c:\windows\system32\msfeedssync.exe [2008-08-08 03:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = hxxp://support.intel.com/design/motherbd/software/ias/download.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://systemrequirementslab.com.s3.amazonaws.com/iduu/bin/srldetect_intel.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-PC Translator - c:\docume~1\ROBERT~1\LOCALS~1\Temp\UN32.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-08 18:21
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(2228)
c:\documents and settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2010-02-08 18:23:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-08 17:23

Před spuštěním: Volných bajtů: 26 030 067 712
Po spuštění: Volných bajtů: 27 024 683 008

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - D6B1A2CEE0E4F2AEBF945AEFF54577E0

Re: Problém Live PC Care

Napsal: 08 úno 2010 19:11
od Caroprd111
:arrow: Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok a zkopírujte do něj text z bílého okénka.

Kód: Vybrat vše

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Live PC Care"=-

Folder::
c:\documents and settings\All Users\Data aplikací\dccfcc4
- uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
- po uložení uchopte vámi vytvořený skript levým myšítkem a přesuňte ho nad ikonu Combofixu, kde ho upustíte:
Obrázek

- po aplikaci na Vás vypadne další log,vložte ho sem

Může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci


:arrow: Tohle otestujte na http://www.virustotal.com/cs/
c:\windows\system32\sfcfiles.dll

(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem vložte.)


:arrow: Stahněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229

- Nainstalujte, dejte úplný sken.
- Nic nemažte :!: MBAM má občas falešné detekce
- Log vložte sem


:arrow: Doporučuji aktualizovat Adobe Reader http://www.stahuj.centrum.cz/podnikani_ ... batreader/

:arrow: V logu nevidím firewall, doinstalujte :!: Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

Re: Problém Live PC Care

Napsal: 08 úno 2010 20:15
od robopoter
Jelikož se to nějak kouslo, po půl hodině jsem system restartoval. Teď to log soubor vytvořilo. Přikládádm. PC Care se zatím nehlásí, ikona na ploše se tváří neaktivní.
Jdu na další kroky.

ComboFix 10-02-08.01 - Robert Hanák 08.02.2010 20:08:56.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.998.622 [GMT 1:00]
Spuštěný z: c:\documents and settings\Robert Hanák\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Robert Hanák\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100206-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\documents and settings\All Users\Data aplikací\dccfcc4
c:\documents and settings\All Users\Data aplikací\dccfcc4\7884.mof
c:\documents and settings\All Users\Data aplikací\dccfcc4\LPCG.ico
c:\documents and settings\All Users\Data aplikací\dccfcc4\LPCGSys\vd952342.bd
c:\documents and settings\All Users\Data aplikací\dccfcc4\LPdccf.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-08 do 2010-02-08 )))))))))))))))))))))))))))))))
.

2010-02-08 15:26 . 2010-02-08 15:26 -------- d-----w- C:\rsit
2010-02-08 15:26 . 2010-02-08 15:26 -------- d-----w- c:\program files\trend micro
2010-02-07 18:20 . 2010-02-07 18:20 -------- d-----w- c:\program files\Common Files\Skype
2010-02-07 17:16 . 2008-04-13 23:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-02-07 17:16 . 2008-04-13 23:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-02-06 15:13 . 2010-02-07 09:42 -------- d-----w- c:\program files\ESET
2010-02-06 11:04 . 2010-02-06 11:04 -------- d-----w- c:\program files\TeamViewer
2010-02-04 19:26 . 2010-02-04 19:26 3828 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-02-03 19:35 . 2010-02-03 19:35 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-03 19:35 . 2010-02-03 19:35 -------- d-----w- C:\ProgramData
2010-02-03 19:15 . 2010-02-04 19:26 -------- d-----w- c:\program files\Electronic Arts
2010-02-03 19:15 . 2008-05-30 13:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2010-02-03 19:15 . 2008-05-30 13:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2010-02-03 19:15 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2010-02-03 19:15 . 2007-07-19 17:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2010-02-03 19:15 . 2007-07-19 17:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2010-02-03 19:14 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-02-03 19:14 . 2010-02-03 19:14 -------- d-----w- c:\windows\Logs
2010-02-03 18:29 . 2010-02-04 16:08 -------- d-----w- c:\documents and settings\Radmila Hanáková
2010-02-03 17:33 . 2010-02-03 17:33 -------- d-----w- c:\program files\Gameforge4D
2010-02-03 16:52 . 2010-02-08 17:18 -------- d-----w- c:\program files\ICQ6.5
2010-02-03 16:35 . 2010-02-03 16:36 -------- d-----w- c:\documents and settings\Jiří Hanák
2010-02-03 16:33 . 2010-02-05 14:03 -------- d-----w- c:\documents and settings\Martin Hanák
2010-02-03 12:22 . 2008-04-13 23:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2010-02-03 09:55 . 2008-04-13 23:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2010-02-03 09:55 . 2008-04-13 23:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-02-02 19:59 . 2006-02-17 09:26 266240 ----a-w- c:\windows\system32\IASMXDLL.dll
2010-02-02 19:59 . 2005-11-18 13:57 40960 ----a-w- c:\windows\system32\SFIMLARK.dll
2010-02-02 19:59 . 2005-10-07 11:49 274432 ----a-w- c:\windows\system32\IASDLL.dll
2010-02-02 19:59 . 2005-07-21 19:28 53248 ----a-w- c:\windows\system32\IASBB.dll
2010-02-02 19:59 . 2005-03-06 18:26 61440 ----a-w- c:\windows\system32\SFIDLOCK.dll
2010-02-02 19:59 . 2006-07-27 06:21 117248 ----a-w- c:\windows\system32\staco.dll
2010-02-02 19:58 . 2010-02-02 19:58 -------- d-----w- c:\program files\SigmaTel
2010-02-02 19:42 . 2010-02-02 19:43 -------- d-----w- c:\program files\Common Files\Nero
2010-02-02 19:42 . 2010-02-02 19:42 -------- d-----w- c:\program files\Nero
2010-02-02 19:36 . 2010-02-02 19:36 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-02-02 19:35 . 2009-03-12 11:53 483422 ----a-w- c:\windows\sttray.exe
2010-02-02 19:35 . 2006-07-26 02:58 1093632 ----a-w- c:\windows\system32\stlang.dll
2010-02-02 19:35 . 2009-03-12 11:53 171520 ----a-w- c:\windows\system32\st322000.dll
2010-02-02 19:35 . 2006-07-27 06:24 1171464 ----a-w- c:\windows\system32\drivers\sthda.sys
2010-02-02 19:35 . 2010-02-03 19:35 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-02 19:31 . 2010-02-07 18:20 -------- d-----r- c:\program files\Skype
2010-02-02 19:15 . 2010-02-02 19:17 -------- d-----w- C:\TRANSLAT
2010-02-02 19:11 . 2009-12-14 11:33 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-02-02 19:08 . 2008-12-12 09:40 147456 ----a-w- c:\windows\system32\igfxCoIn_v5016.dll
2010-02-02 19:08 . 2008-12-12 09:34 1481884 ----a-w- c:\windows\system32\igkrng400.bin
2010-02-02 19:08 . 2010-02-02 19:08 -------- d-----w- c:\windows\system32\Lang
2010-02-02 19:08 . 2010-02-02 19:08 -------- d-----w- C:\Intel
2010-02-02 19:03 . 2010-02-02 19:03 -------- d-----w- c:\program files\SystemRequirementsLab

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-07 17:43 . 2010-02-02 18:29 -------- d-----w- c:\program files\Alwil Software
2010-02-07 14:31 . 2010-02-02 17:47 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-07 14:31 . 2010-02-02 17:47 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-07 14:30 . 2010-02-02 17:48 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-06 11:47 . 2010-02-02 17:45 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-04 19:26 . 2010-02-02 18:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-03 18:27 . 2010-02-02 18:34 -------- d-----w- c:\program files\ICQ6Toolbar
2010-02-03 09:57 . 2001-10-25 12:00 46196 ----a-w- c:\windows\system32\perfc005.dat
2010-02-03 09:57 . 2001-10-25 12:00 309990 ----a-w- c:\windows\system32\perfh005.dat
2010-02-02 19:59 . 2010-02-02 18:06 -------- d-----w- c:\program files\Intel Audio Studio
2010-02-02 19:35 . 2010-02-02 18:41 -------- d-----w- c:\program files\IDT
2010-02-02 18:52 . 2010-02-02 18:52 -------- d-----w- c:\program files\Microsoft Works
2010-02-02 18:37 . 2010-02-02 18:37 -------- d-----w- c:\program files\PowerISO
2010-02-02 18:35 . 2010-02-02 18:33 -------- d-----w- c:\program files\ICQ7.0
2010-02-02 18:17 . 2010-02-02 18:17 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-02 18:08 . 2010-02-02 18:02 -------- d-----w- c:\program files\Intel
2010-02-02 18:01 . 2010-02-02 18:01 -------- d-----w- c:\program files\MSXML 4.0
2010-02-02 17:49 . 2010-02-02 17:49 -------- d-----w- c:\program files\microsoft frontpage
2010-02-02 17:45 . 2010-02-02 17:45 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-28 22:09 . 2010-02-02 18:29 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-01-28 22:09 . 2010-02-02 18:29 152672 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-28 21:57 . 2010-02-02 18:29 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-28 21:57 . 2010-02-02 18:29 163280 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-28 21:54 . 2010-02-02 18:30 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-28 21:54 . 2010-02-02 18:29 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-28 21:54 . 2010-02-02 18:29 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-28 21:54 . 2010-02-02 18:29 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-28 21:53 . 2010-02-02 18:29 28240 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-12-21 19:08 . 2008-08-08 15:43 916480 ------w- c:\windows\system32\wininet.dll
2009-11-24 23:54 . 2010-02-07 17:43 1280480 ----a-w- c:\windows\system32\asw9.tmp
2009-11-21 16:03 . 2008-04-14 06:51 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.

------- Sigcheck -------

[-] 2008-08-08 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-01-12 133368]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-02-02 26624]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-18 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-18 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-18 150040]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-12 483422]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"SigmatelSysTrayApp"="sttray.exe" [2009-03-12 483422]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2006-08-02 9134080]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-01-28 2757512]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:Czech /KBD:2

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [8.8.2008 17:10 143360]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.2.2010 19:29 163280]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.2.2010 19:29 19024]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2.2.2010 19:34 222456]
R3 vmmouse;VMware Pointing Device;c:\windows\system32\drivers\vmmouse.sys [2.2.2010 19:33 11696]
.
Obsah adresáře 'Naplánované úlohy'

2010-02-08 c:\windows\Tasks\User_Feed_Synchronization-{480C6BAD-DEC3-44A1-8624-7F6C2E5B184B}.job
- c:\windows\system32\msfeedssync.exe [2008-08-08 03:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = hxxp://support.intel.com/design/motherbd/software/ias/download.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://systemrequirementslab.com.s3.amazonaws.com/iduu/bin/srldetect_intel.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-08 20:12
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3640)
c:\documents and settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
Celkový čas: 2010-02-08 20:13:10
ComboFix-quarantined-files.txt 2010-02-08 19:13
ComboFix2.txt 2010-02-08 17:23

Před spuštěním: Volných bajtů: 27 016 318 976
Po spuštění: Volných bajtů: 26 986 123 264

- - End Of File - - 2AAD9A5226EBE3E8B5E6A63BF0C2D372

Re: Problém Live PC Care

Napsal: 08 úno 2010 20:18
od Caroprd111
Live PC Care by mělo být pryč, ikonu na ploše smažte.

Počkám na další kroky.

Re: Problém Live PC Care

Napsal: 08 úno 2010 20:28
od robopoter
Test programu Malwarebytes:

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3709
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

8.2.2010 20:27:46
mbam-log-2010-02-08 (20-27-33).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 126371
Uplynulý čas: 3 minute(s), 31 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 5
Infikované adresáře: 1
Infikované soubory: 5

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
HKEY_USERS\S-1-5-19\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=241&q={searchTerms}) Good: (http://www.Google.com/) -> No action taken.
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=241&q={searchTerms}) Good: (http://www.Google.com/) -> No action taken.
HKEY_USERS\S-1-5-20\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=241&q={searchTerms}) Good: (http://www.Google.com/) -> No action taken.
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=241&q={searchTerms}) Good: (http://www.Google.com/) -> No action taken.
HKEY_CLASSES_ROOT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=241&q={searchTerms}) Good: (http://www.Google.com/) -> No action taken.

Infikované adresáře:
C:\Documents and Settings\Robert Hanák\Data aplikací\Live PC Care (Rogue.LivePCCare) -> No action taken.

Infikované soubory:
C:\Documents and Settings\Robert Hanák\Data aplikací\Live PC Care\Instructions.ini (Rogue.LivePCCare) -> No action taken.
C:\Documents and Settings\Robert Hanák\Plocha\Live PC Care.lnk (Rogue.LivePCCare) -> No action taken.
C:\Documents and Settings\Robert Hanák\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Live PC Care.lnk (Rogue.LivePCCare) -> No action taken.
C:\Documents and Settings\Robert Hanák\Nabídka Start\Live PC Care.lnk (Rogue.LivePCCare) -> No action taken.
C:\Documents and Settings\Robert Hanák\Nabídka Start\Programy\Live PC Care.lnk (Rogue.LivePCCare) -> No action taken.


Mám něco dát smazat?

Re: Problém Live PC Care

Napsal: 08 úno 2010 20:30
od robopoter
Firewall systému Windows je vypnutý. Myslíte, že tento je nedostatečný a je třeba nainstalovat jiný? Nebo stačí zapnout systémový firewall?
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz