Prosím o kontrolu - nelze vyvolat správce úloh

Zpráva

Ailen · #1 Příspěvek od **Ailen** » 18 dub 2012 20:51

Dobrý den,
prosím o kontrolu logu. Na WinXP SP3 mi nelze vyvolat Správce úloh. Podle Avastu i Spybotu je počítač čistý, ale někde chyba být musí. Z C:WINDOWS mi zmizel taskmgr.exe a když ho tam opět nakopíruju, pořád nekomunikuje. Když se ho pokouším vyvolat, tak mi nehází žádnou chybovou hlášku (že by byl zakázán, nedostupný...), prostě jen nenaběhne.
Předem děkuju. =)

#2 Příspěvek od **vyosek** » 18 dub 2012 21:01

Zdravim a pekny vecer preji

Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Nahrady za Spybota:
- Spyware Terminator - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=44730
- SuperAntiSpyare - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=51359
Samozrejme pouzivejte jen jeden z nich
Osobne doporucuji SuperAntiSpyware

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Pockejte na dokonceni PreScanu
Zvolte moznost Prohledat (scan)
Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte

Ailen · #3 Příspěvek od **Ailen** » 18 dub 2012 21:06

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: Radka [Práva správce]
Mód: Kontrola -- Datum: 04/18/2012 22:04:11

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 659 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (192.168.1.100:80) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : a.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aAvgApi.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AAWTray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : About.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Ad-Aware.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : adaware.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : advxdwin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AdwarePrj.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : agent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : agentsvr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : agentw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : alertsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : alevir.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : alogserv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AlphaAV (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AlphaAV.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AluSchedulerSvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : amon9x.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Anti-Virus Professional.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntispywarXP2009.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : antivirus.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPlus (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPlus.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPro_2010.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusXP (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusXP.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : antivirusxppro2009.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AntiVirus_Pro.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ants.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : apimonitor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aplica32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : arr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashAvast.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashBug.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashChest.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashCnsnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashDisp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashLogV.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashMaiSv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashPopWz.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashQuick.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashServ.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashSimp2.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashSimpl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashSkPcc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashSkPck.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashUpd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ashWebSv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aswChLic.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aswRegSvr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aswRunDll.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aswUpdSv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : atcon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : atguard.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : atro55en.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : atupdater.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : atwatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : au.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : aupdate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : auto-protect.nav80try.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : autotrace.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : autoupdate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : av360.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avadmin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AVCare.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avcenter.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avciman.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avconfig.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AVENGINE.EXE (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgcc32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgchk.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgcmgr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgcsrvx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgdumpx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgemc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgiproxy.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgnsx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgrsx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgscanx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgserv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgserv9.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgsrmax.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgtray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avguard.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgupd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avgwdsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avkpop.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avkservice.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avkwctl9.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avltmain.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avmailc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avmcdlg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avnotify.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avshadow.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avsynmgr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avupgsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : AVWEBGRD.EXE (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avwin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avwinnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avwsc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avwupd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avwupsrv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avxmonitor9x.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avxmonitornt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : avxquar.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : b.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : backweb.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bargains.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bdfvcl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bdfvwiz.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : BDInProcPatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bdmcon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : BDMsnScan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : BDSurvey.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bd_professional.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : beagle.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : belt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bidef.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bidserver.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bipcp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bipcpevalsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bisp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : blink.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : blss.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bootconf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bootwarn.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : borg2.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bpc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : brasil.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : brastk.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : brw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bs120.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bspatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bundle.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : bvt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : c.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cavscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ccapp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ccevtmgr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ccpxysvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ccSvcHst.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cdp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfgwiz.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfpconfg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfplogvw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cfpupdat.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : clean.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cleanIELow.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cleanpc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : click.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cmd32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cmdagent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cmesys.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cmgrdian.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cmon016.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : connectionmonitor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : control (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cpd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cpf9x206.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cpfnt206.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : crashrep.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : csc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cssconfg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cssupdat.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cssurf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ctrl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cwnb181.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : cwntdwmo.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : d.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : datemanager.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dcomx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : defalert.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : defscangui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : defwatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : deloeminfs.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : deputy.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : divx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dllcache.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dllreg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : doors.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dop.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dpf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dpfsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dpps2.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : driverctrl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : drwatson.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : drweb32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : drwebupw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : dssagent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : efpeadm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : emsw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : escanhnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : escanv95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : espwatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ethereal.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : etrustcipe.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : evpn.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : exantivirus-cnet.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : exe.avxw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : expert.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : explore.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fact.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fameh32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fast.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fch32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fih32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : firewall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fixcfg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fixfp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fnrb32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fp-win_trial.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : frmwrk32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsaa.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsav32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsav530stbyb.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsav530wtbyb.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsav95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsgk32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsm32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsma32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : fsmb32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : gator.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : gav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : gbmenu.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : gbn976rl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : gbpoll.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : generics.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : gmt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : guard.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : guarddog.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : guardgui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hacktracersetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hbinst.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hbsrv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : History.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : homeav2010.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hotactio.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hotpatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : htlog.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : htpatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hwpe.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hxdl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : hxiul.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : iamstats.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Identity.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : idle.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : iedll.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : iedriver.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : IEShow.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ifw2000.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : inetlnfo.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : infus.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : infwin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : init.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : init32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : install[1].exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : install[2].exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : install[3].exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : install[4].exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : install[5].exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : intdel.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : intren.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : istsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : jammer.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : jdbgmrg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : JsRcGen.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kavlite40eng.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kavpers40eng.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kavpf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kazza.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : keenvalue.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kerio-pf-213-en-win.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kerio-wrl-421-en-win.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : kerio-wrp-421-en-win.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : killprocesssetup161.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ldnetmon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ldpro.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ldpromenu.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ldscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : licmgr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : lnetinfo.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : loader.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : localnet.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : lockdown.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : lordpe.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : lsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : luau.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : lucomserver.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : luinit.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : luspt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : MalwareRemoval.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mapisvc32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcagent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcmnhdlr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcmpeng.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcmscsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcnasvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcproxy.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : McSACore.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcshell.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcshield.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcsysmon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mctool.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcupdate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcvsrte.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mcvsshld.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : md.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mfin32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mfw2en.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mfweng3.02d30.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mgavrtcl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mgavrte.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mghtml.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mgui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : minilog.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mmod.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : monitor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mostat.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mpfagent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mpfservice.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : MPFSrv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mrflux.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mrt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msa.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msapp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msbb.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msblast.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mscache.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msccn32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mscman.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msconfig (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msdm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msdos.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msiexec16.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mslaugh.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msmgt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msmsgri32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mssmmc32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mssys.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : msvxd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mu0311ad.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : mwatch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : navap.navapsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : navdx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : navstub.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nc2000.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ncinst4.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ndd32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : neomonitor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : neowatchlog.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netarmor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netd32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netinfo.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netmon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netscanpro.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netspyhunter-1.2.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : netutils.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nisserv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nmain.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nod32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : norton_internet_secu_3.0_407.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : notstart.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : npf40_tw_98_nt_me_2k.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : npfmessenger.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nprotect.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : npscheck.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : npssvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nsched32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nssys32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nstask32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nsupdate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ntrtscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ntvdm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ntxconfig.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nvarch16.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nvsvc32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nwinst4.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nwservice.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : nwtool16.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : OAcat.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : OAhlp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : OAReg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : oasrv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : oaui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : oaview.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ODSW.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ollydbg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : onsrvr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : optimize.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ostronet.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : otfix.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : outpost.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : outpostinstall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : outpostproinstall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ozn695m5.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : padmin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : panixk.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : patch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PavFnSvr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pavproxy.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pavprsrv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pavsrv51.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pcip10117_0.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pcscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pctsAuxs.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pctsGui.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pctsSvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pctsTray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PC_Antispyware2010.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pdfndr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pdsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PerAvir.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : periscope.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : personalguard (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : personalguard.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : perswf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pf2.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pfwadmin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pgmonitr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pingscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : platin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pop3trap.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : poproxy.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : popscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : portdetective.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : portmonitor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : powerscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ppinupdt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pptbc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ppvstop.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : prizesurfer.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : prmt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : prmvr.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : procdump.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : processmonitor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : procexplorerv1.0.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : programauditor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : proport.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : protector.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : protectx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PSANCU.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PSANHost.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PSANToManager.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PsCtrls.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PsImSvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PskSvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : pspf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : PSUNMain.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : purge.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : qconsole.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : qh.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : qserver.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Quick Heal.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : QuickHealCleaner.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rapapp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rav8win32eng.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rb32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rcsync.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : realmon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : reged.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : regedit.exe (C:\Documents and Settings\Radka\Data aplikací\Protector-eovo.exe reg) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : regedt32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rescue.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rescue32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rrguard.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rscdwld.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rshell.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rtvscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rtvscn95.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rulaunch.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rwg (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : rwg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : SafetyKeeper.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sahagent.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Save.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : SaveArmor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : SaveDefense.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : SaveKeep.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : savenow.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sbserv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : scam32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Secure Veteran.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : secureveteran.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : Security Center.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : SecurityFighter.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : securitysoldier.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : setloadorder.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : setupvameeval.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : setup_flowprotector_us.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sgssfw32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sh.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : shellspyinstall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : shield.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : shn.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : showbehind.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : signcheck.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : smart.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : smartprotector.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : smrtdefp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sms.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : smss32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : snetcfg.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : soap.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sofi.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : SoftSafeness.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sperm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : spf.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : spoler.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : spoolcv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : spoolsv32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : spywarexpguard.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : spyxx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : srexe.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : srng.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ss3edit.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ssgrate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ssg_4104.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : st2.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : start.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : stcloader.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : supftrl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : support.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : supporter5.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : svc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : svchostc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : svchosts.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : svshost.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sweepnet.sweepsrv.sys.swnetsup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : symlcsvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : symproxysvc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : symtray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : system.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : system32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : sysupd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tapinstall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : taskmgr.exe (C:\Documents and Settings\Radka\Data aplikací\Protector-eovo.exe task) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : taumon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tcm.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tds-3.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : teekids.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tfak.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tfak5.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tgbob.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : titanin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : titaninxp.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : TPSrv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : trickler.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : trjscan.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : trjsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : trojantrap3.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : TrustWarrior.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tsadbot.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tsc.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tvmd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : tvtmd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : undoboot.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : updat.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : upgrad.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : utpost.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vbcmserv.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vbcons.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vbust.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vbwin9x.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vbwinntw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vcsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vet32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vfsetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vir-help.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : virusmdpersonalfirewall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : VisthAux.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : VisthLic.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : VisthUpd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vnlan300.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vnpc3000.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vpc32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vpc42.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vpfw30s.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vptray.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vscenu6.02d30.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vsched.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vsisetup.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vsmain.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vsmon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vswin9xe.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vswinntse.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : vswinperse.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : w32dsm89.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : W3asbas.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : w9x.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : watchdog.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : webdav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : WebProxy.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : webtrap.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : whoswatchingme.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wimmun32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : win-bugsfix.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : win32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : win32us.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winactive.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : windll32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : window.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : windows Police Pro.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : windows.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wininetd.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wininitx.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winlogin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winmain.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winppr32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winrecon.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winservn.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winssk32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winstart.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winstart001.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wintsk32.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : winupdate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wkufind.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wnad.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wnt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wradmin.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wrctrl.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wsbgate.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wscfxas.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wscfxav.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wscfxfw.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wsctool.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wupdater.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wupdt.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : wyvernworksfirewall.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : xpdeluxe.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : xpf202en.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : xp_antispyware.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : zapro.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : zapsetup3001.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : zatutor.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : zonalm2601.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ~1.exe (svchost.exe) -> FOUND
[IFEO] HKLM\[...]\Image File Execution Options : ~2.exe (svchost.exe) -> FOUND
[HJ] HKCU\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
IRP[IRP_MJ_CREATE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9DF9B40)
IRP[IRP_MJ_CLOSE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9DF9B40)
IRP[IRP_MJ_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9DF9B40)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] sfsync02.sys @ 0xBA0C98B4)
IRP[IRP_MJ_SYSTEM_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9DF9B40)
IRP[IRP_MJ_DEVICE_CHANGE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9DF9B40)

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] 9997a068860f812162f357934b5ae838
[BSP] 03f9b9a637e980082f47ccebc2448ccb : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 230000 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 471041865 | Size: 246928 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt

#4 Příspěvek od **vyosek** » 18 dub 2012 21:07

Spustte znovu RogueKiller

Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
Pak kliknete na Oprava Proxy a Zprava - otevre se log, ten sem vlozte

Ailen · #5 Příspěvek od **Ailen** » 18 dub 2012 21:21

Log po Prohledat a Smazat:

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: Radka [Práva správce]
Mód: Odebrat -- Datum: 04/18/2012 22:20:00

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 659 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (192.168.1.100:80) -> NOT REMOVED, USE PROXYFIX
[IFEO] HKLM\[...]\Image File Execution Options : a.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aAvgApi.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AAWTray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : About.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Ad-Aware.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : adaware.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : advxdwin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AdwarePrj.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : agent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : agentsvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : agentw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : alertsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : alevir.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : alogserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AlphaAV (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AlphaAV.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AluSchedulerSvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : amon9x.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Anti-Virus Professional.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntispywarXP2009.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : antivirus.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPlus (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPlus.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPro_2010.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusXP (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusXP.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : antivirusxppro2009.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntiVirus_Pro.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ants.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : apimonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aplica32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : arr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashAvast.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashBug.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashChest.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashCnsnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashDisp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashLogV.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashMaiSv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashPopWz.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashQuick.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashServ.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashSimp2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashSimpl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashSkPcc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashSkPck.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashUpd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashWebSv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aswChLic.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aswRegSvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aswRunDll.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aswUpdSv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atcon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atro55en.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atupdater.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atwatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : au.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : auto-protect.nav80try.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : autotrace.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : autoupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : av360.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avadmin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AVCare.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avcenter.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avciman.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avconfig.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AVENGINE.EXE (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgcc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgchk.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgcmgr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgcsrvx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgdumpx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgemc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgiproxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgnsx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgrsx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgscanx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgserv9.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgsrmax.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgtray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgupd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgwdsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avkpop.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avkservice.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avkwctl9.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avltmain.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avmailc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avmcdlg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avnotify.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avshadow.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avsynmgr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avupgsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AVWEBGRD.EXE (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwinnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwsc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwupd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwupsrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avxmonitor9x.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avxmonitornt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avxquar.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : b.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : backweb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bargains.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdfvcl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdfvwiz.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : BDInProcPatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdmcon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : BDMsnScan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : BDSurvey.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bd_professional.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : beagle.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : belt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bidef.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bidserver.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bipcp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bipcpevalsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bisp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : blink.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : blss.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bootconf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bootwarn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : borg2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bpc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : brasil.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : brastk.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : brw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bs120.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bspatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bundle.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bvt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : c.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cavscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ccapp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ccevtmgr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ccpxysvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ccSvcHst.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cdp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfgwiz.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfpconfg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfplogvw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfpupdat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : clean.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cleanIELow.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cleanpc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : click.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmd32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmdagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmesys.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmgrdian.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmon016.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : connectionmonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : control (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cpd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cpf9x206.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cpfnt206.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : crashrep.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : csc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cssconfg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cssupdat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cssurf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ctrl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cwnb181.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cwntdwmo.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : d.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : datemanager.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dcomx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : defalert.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : defscangui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : defwatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : deloeminfs.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : deputy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : divx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dllcache.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dllreg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : doors.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dop.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dpf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dpfsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dpps2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : driverctrl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : drwatson.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : drweb32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : drwebupw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dssagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : efpeadm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : emsw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : escanhnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : escanv95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : espwatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ethereal.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : etrustcipe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : evpn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : exantivirus-cnet.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : exe.avxw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : expert.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : explore.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fact.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fameh32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fast.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fch32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fih32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : firewall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fixcfg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fixfp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fnrb32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fp-win_trial.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : frmwrk32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsaa.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav530stbyb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav530wtbyb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsgk32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsm32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsma32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsmb32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gator.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gbmenu.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gbn976rl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gbpoll.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : generics.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gmt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : guard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : guarddog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : guardgui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hacktracersetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hbinst.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hbsrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : History.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : homeav2010.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hotactio.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hotpatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : htlog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : htpatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hwpe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hxdl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hxiul.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iamstats.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Identity.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : idle.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iedll.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iedriver.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : IEShow.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ifw2000.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : inetlnfo.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : infus.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : infwin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : init.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : init32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[1].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[2].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[3].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[4].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[5].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : intdel.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : intren.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : istsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : jammer.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : jdbgmrg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : JsRcGen.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kavlite40eng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kavpers40eng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kavpf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kazza.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : keenvalue.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kerio-pf-213-en-win.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kerio-wrl-421-en-win.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kerio-wrp-421-en-win.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : killprocesssetup161.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ldnetmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ldpro.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ldpromenu.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ldscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : licmgr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lnetinfo.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : loader.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : localnet.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lockdown.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lordpe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : luau.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lucomserver.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : luinit.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : luspt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : MalwareRemoval.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mapisvc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcmnhdlr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcmpeng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcmscsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcnasvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcproxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : McSACore.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcshell.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcshield.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcsysmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mctool.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcvsrte.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcvsshld.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : md.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mfin32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mfw2en.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mfweng3.02d30.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mgavrtcl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mgavrte.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mghtml.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mgui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : minilog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mmod.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : monitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mostat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mpfagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mpfservice.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : MPFSrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mrflux.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mrt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msa.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msapp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msbb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msblast.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mscache.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msccn32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mscman.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msconfig (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msdm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msdos.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msiexec16.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mslaugh.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msmgt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msmsgri32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mssmmc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mssys.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msvxd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mu0311ad.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mwatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navap.navapsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navdx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navstub.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nc2000.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ncinst4.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ndd32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : neomonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : neowatchlog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netarmor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netd32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netinfo.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netscanpro.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netspyhunter-1.2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netutils.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nisserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nmain.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nod32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : norton_internet_secu_3.0_407.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : notstart.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : npf40_tw_98_nt_me_2k.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : npfmessenger.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nprotect.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : npscheck.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : npssvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nsched32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nssys32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nstask32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nsupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ntrtscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ntvdm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ntxconfig.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nvarch16.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nvsvc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nwinst4.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nwservice.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nwtool16.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : OAcat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : OAhlp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : OAReg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : oasrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : oaui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : oaview.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ODSW.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ollydbg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : onsrvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : optimize.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ostronet.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : otfix.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : outpost.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : outpostinstall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : outpostproinstall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ozn695m5.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : padmin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : panixk.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : patch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PavFnSvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavproxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavprsrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavsrv51.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pcip10117_0.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pcscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pctsAuxs.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pctsGui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pctsSvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pctsTray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PC_Antispyware2010.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pdfndr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pdsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PerAvir.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : periscope.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : personalguard (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : personalguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : perswf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pf2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pfwadmin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pgmonitr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pingscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : platin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pop3trap.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : poproxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : popscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : portdetective.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : portmonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : powerscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ppinupdt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pptbc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ppvstop.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : prizesurfer.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : prmt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : prmvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : procdump.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : processmonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : procexplorerv1.0.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : programauditor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : proport.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : protector.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : protectx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PSANCU.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PSANHost.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PSANToManager.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PsCtrls.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PsImSvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PskSvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pspf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PSUNMain.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : purge.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : qconsole.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : qh.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : qserver.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Quick Heal.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : QuickHealCleaner.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rapapp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rav8win32eng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rb32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rcsync.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : realmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : reged.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : regedit.exe (C:\Documents and Settings\Radka\Data aplikací\Protector-eovo.exe reg) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : regedt32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rescue.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rescue32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rrguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rscdwld.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rshell.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rtvscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rtvscn95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rulaunch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rwg (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rwg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SafetyKeeper.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sahagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Save.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SaveArmor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SaveDefense.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SaveKeep.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : savenow.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sbserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : scam32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Secure Veteran.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : secureveteran.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Security Center.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SecurityFighter.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : securitysoldier.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : setloadorder.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : setupvameeval.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : setup_flowprotector_us.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sgssfw32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sh.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : shellspyinstall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : shield.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : shn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : showbehind.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : signcheck.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smart.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smartprotector.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smrtdefp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sms.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smss32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : snetcfg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : soap.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sofi.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SoftSafeness.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sperm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spoler.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spoolcv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spoolsv32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spywarexpguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spyxx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : srexe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : srng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ss3edit.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ssgrate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ssg_4104.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : st2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : start.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : stcloader.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : supftrl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : support.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : supporter5.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : svc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : svchostc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : svchosts.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : svshost.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sweepnet.sweepsrv.sys.swnetsup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : symlcsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : symproxysvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : symtray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : system.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : system32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sysupd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tapinstall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : taskmgr.exe (C:\Documents and Settings\Radka\Data aplikací\Protector-eovo.exe task) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : taumon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tcm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tds-3.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : teekids.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tfak.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tfak5.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tgbob.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : titanin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : titaninxp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : TPSrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : trickler.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : trjscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : trjsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : trojantrap3.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : TrustWarrior.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tsadbot.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tsc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tvmd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tvtmd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : undoboot.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : updat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : upgrad.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : utpost.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vbcmserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vbcons.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vbust.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vbwin9x.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vbwinntw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vcsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vet32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vfsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vir-help.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : virusmdpersonalfirewall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : VisthAux.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : VisthLic.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : VisthUpd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vnlan300.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vnpc3000.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vpc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vpc42.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vpfw30s.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vptray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vscenu6.02d30.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vsched.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vsisetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vsmain.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vsmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vswin9xe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vswinntse.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : vswinperse.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : w32dsm89.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : W3asbas.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : w9x.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : watchdog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : webdav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : WebProxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : webtrap.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : whoswatchingme.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wimmun32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : win-bugsfix.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : win32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : win32us.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winactive.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : windll32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : window.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : windows Police Pro.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : windows.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wininetd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wininitx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winlogin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winmain.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winppr32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winrecon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winservn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winssk32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winstart.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winstart001.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wintsk32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : winupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wkufind.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wnad.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wradmin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wrctrl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wsbgate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wscfxas.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wscfxav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wscfxfw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wsctool.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wupdater.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wupdt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : wyvernworksfirewall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : xpdeluxe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : xpf202en.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : xp_antispyware.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : zapro.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : zapsetup3001.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : zatutor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : zonalm2601.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ~1.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ~2.exe (svchost.exe) -> DELETED
[HJ] HKCU\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> REPLACED (1)
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
IRP[IRP_MJ_CREATE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9DF9B40)
IRP[IRP_MJ_CLOSE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9DF9B40)
IRP[IRP_MJ_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9DF9B40)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] sfsync02.sys @ 0xBA0C98B4)
IRP[IRP_MJ_SYSTEM_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9DF9B40)
IRP[IRP_MJ_DEVICE_CHANGE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9DF9B40)

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] 9997a068860f812162f357934b5ae838
[BSP] 03f9b9a637e980082f47ccebc2448ccb : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 230000 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 471041865 | Size: 246928 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

Ailen · #6 Příspěvek od **Ailen** » 18 dub 2012 21:22

Oprava Host:

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: Radka [Práva správce]
Mód: Oprava HOSTS -- Datum: 04/18/2012 22:21:56

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

Proxy:

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: Radka [Práva správce]
Mód: Oprava Proxy -- Datum: 04/18/2012 22:22:41

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤

¤¤¤ Záznamy Registrů: 1 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (192.168.1.100:80) -> DELETED

Dokončeno : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt

#7 Příspěvek od **vyosek** » 18 dub 2012 21:29

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Kliknete na volbu Change parametrs
V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
Kliknete na OK
Utilite prikazte, at skenuje - klik na Start Scan
Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
Pokud mate vsude Skip, kliknete na Continue
Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

Ailen · #8 Příspěvek od **Ailen** » 18 dub 2012 21:33

22:31:27.0453 3476 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
22:31:27.0578 3476 ============================================================
22:31:27.0578 3476 Current date / time: 2012/04/18 22:31:27.0578
22:31:27.0578 3476 SystemInfo:
22:31:27.0578 3476
22:31:27.0578 3476 OS Version: 5.1.2600 ServicePack: 3.0
22:31:27.0578 3476 Product type: Workstation
22:31:27.0578 3476 ComputerName: RADKA-PC
22:31:27.0578 3476 UserName: Radka
22:31:27.0578 3476 Windows directory: C:\WINDOWS
22:31:27.0578 3476 System windows directory: C:\WINDOWS
22:31:27.0578 3476 Processor architecture: Intel x86
22:31:27.0578 3476 Number of processors: 2
22:31:27.0578 3476 Page size: 0x1000
22:31:27.0578 3476 Boot type: Normal boot
22:31:27.0578 3476 ============================================================
22:31:29.0640 3476 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:31:29.0640 3476 \Device\Harddisk0\DR0:
22:31:29.0640 3476 MBR partitions:
22:31:29.0640 3476 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C13870A
22:31:29.0656 3476 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C138788, BlocksNum 0x1E2485F8
22:31:30.0000 3476 C: <-> \Device\Harddisk0\DR0\Partition0
22:31:30.0109 3476 D: <-> \Device\Harddisk0\DR0\Partition1
22:31:30.0140 3476 Initialize success
22:31:30.0140 3476 ============================================================
22:32:02.0500 1664 ============================================================
22:32:02.0500 1664 Scan started
22:32:02.0500 1664 Mode: Manual; SigCheck; TDLFS;
22:32:02.0500 1664 ============================================================
22:32:02.0781 1664 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
22:32:02.0921 1664 Aavmker4 - ok
22:32:02.0921 1664 Abiosdsk - ok
22:32:02.0937 1664 abp480n5 - ok
22:32:02.0968 1664 Accelerometer (a0baabb7d3549460e3f8c5ad6f778683) C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
22:32:02.0984 1664 Accelerometer - ok
22:32:03.0015 1664 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:32:03.0906 1664 ACPI - ok
22:32:03.0968 1664 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:32:04.0062 1664 ACPIEC - ok
22:32:04.0109 1664 ActivHidSerMini (975e7bb16739d09d0f565e3923361bb2) C:\WINDOWS\system32\DRIVERS\activhidsermini.sys
22:32:04.0125 1664 ActivHidSerMini - ok
22:32:04.0171 1664 ADIHdAudAddService (0bcb5bd6ea1cbf1750d881e0c4e923ff) C:\WINDOWS\system32\drivers\ADIHdAud.sys
22:32:04.0203 1664 ADIHdAudAddService - ok
22:32:04.0281 1664 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:32:04.0296 1664 AdobeFlashPlayerUpdateSvc - ok
22:32:04.0312 1664 adpu160m - ok
22:32:04.0312 1664 AEAudio (3bc9c8baf983b583e14088e6ff74a8a1) C:\WINDOWS\system32\drivers\AEAudio.sys
22:32:04.0328 1664 AEAudio - ok
22:32:04.0375 1664 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:32:04.0484 1664 aec - ok
22:32:04.0515 1664 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:32:04.0546 1664 AFD - ok
22:32:04.0625 1664 AgereModemAudio (9c9d3b7a05445b1ab2df4d0c4d6b77e8) C:\Program Files\LSI SoftModem\agrsmsvc.exe
22:32:04.0640 1664 AgereModemAudio - ok
22:32:04.0671 1664 AgereSoftModem (3712986cc3abf0dc656b43525b9d1279) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
22:32:04.0718 1664 AgereSoftModem - ok
22:32:04.0718 1664 Aha154x - ok
22:32:04.0734 1664 aic78u2 - ok
22:32:04.0750 1664 aic78xx - ok
22:32:04.0781 1664 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
22:32:04.0906 1664 Alerter - ok
22:32:04.0921 1664 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
22:32:04.0984 1664 ALG - ok
22:32:05.0000 1664 AliIde - ok
22:32:05.0015 1664 amsint - ok
22:32:05.0046 1664 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
22:32:05.0109 1664 AppMgmt - ok
22:32:05.0125 1664 asc - ok
22:32:05.0125 1664 asc3350p - ok
22:32:05.0140 1664 asc3550 - ok
22:32:05.0250 1664 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:32:05.0265 1664 aspnet_state - ok
22:32:05.0312 1664 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
22:32:05.0328 1664 aswFsBlk - ok
22:32:05.0343 1664 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
22:32:05.0359 1664 aswMon2 - ok
22:32:05.0375 1664 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
22:32:05.0406 1664 aswRdr - ok
22:32:05.0421 1664 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
22:32:05.0468 1664 aswSnx - ok
22:32:05.0515 1664 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
22:32:05.0531 1664 aswSP - ok
22:32:05.0593 1664 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
22:32:05.0609 1664 aswTdi - ok
22:32:05.0656 1664 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:32:05.0812 1664 AsyncMac - ok
22:32:05.0843 1664 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:32:06.0000 1664 atapi - ok
22:32:06.0000 1664 Atdisk - ok
22:32:06.0046 1664 athsgt (187c905e157d791a3a404eadf8fae754) C:\WINDOWS\system32\DRIVERS\athsgt.sys
22:32:06.0062 1664 athsgt ( UnsignedFile.Multi.Generic ) - warning
22:32:06.0062 1664 athsgt - detected UnsignedFile.Multi.Generic (1)
22:32:06.0109 1664 Ati HotKey Poller (42e4e2cf0406394bbce7eb358ae4e208) C:\WINDOWS\system32\Ati2evxx.exe
22:32:06.0156 1664 Ati HotKey Poller - ok
22:32:06.0265 1664 ati2mtag (81c3e6674d0609aa84c07681bca252de) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:32:06.0359 1664 ati2mtag - ok
22:32:06.0406 1664 AtiHdmiService (1e82f05cff41316bcaa513909d99a004) C:\WINDOWS\system32\drivers\AtiHdmi.sys
22:32:06.0421 1664 AtiHdmiService - ok
22:32:06.0468 1664 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:32:06.0625 1664 Atmarpc - ok
22:32:06.0656 1664 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
22:32:06.0843 1664 AudioSrv - ok
22:32:06.0875 1664 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:32:06.0984 1664 audstub - ok
22:32:07.0109 1664 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:32:07.0125 1664 avast! Antivirus - ok
22:32:07.0218 1664 BCM43XX (911439d49dc396a2bf0f595a703759d6) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
22:32:07.0296 1664 BCM43XX - ok
22:32:07.0343 1664 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:32:07.0500 1664 Beep - ok
22:32:07.0562 1664 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
22:32:07.0671 1664 BITS - ok
22:32:07.0718 1664 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
22:32:07.0812 1664 Browser - ok
22:32:07.0859 1664 btaudio (4b43dfe1c1fbb305a1dc5504ef9bb34e) C:\WINDOWS\system32\drivers\btaudio.sys
22:32:07.0890 1664 btaudio - ok
22:32:07.0937 1664 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
22:32:07.0953 1664 BTDriver - ok
22:32:08.0000 1664 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
22:32:08.0125 1664 BthEnum - ok
22:32:08.0171 1664 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
22:32:08.0203 1664 BTHPORT - ok
22:32:08.0250 1664 BthServ (70ca4b3f634c9dca200832f8da76e009) C:\WINDOWS\System32\bthserv.dll
22:32:08.0359 1664 BthServ - ok
22:32:08.0406 1664 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
22:32:08.0515 1664 BTHUSB - ok
22:32:08.0578 1664 BTKRNL (ed0bd05be3c494a8fec0674880d5bc4d) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
22:32:08.0609 1664 BTKRNL - ok
22:32:08.0734 1664 btwdins (59c3bf4e879d4aca8268f9ce9926e6ec) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
22:32:08.0750 1664 btwdins - ok
22:32:08.0812 1664 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
22:32:08.0859 1664 BTWDNDIS - ok
22:32:08.0875 1664 BTWUSB (6b622612fe21b59faee2ca4385959778) C:\WINDOWS\system32\Drivers\btwusb.sys
22:32:08.0890 1664 BTWUSB - ok
22:32:08.0953 1664 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:32:09.0046 1664 cbidf2k - ok
22:32:09.0093 1664 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:32:09.0296 1664 CCDECODE - ok
22:32:09.0312 1664 cd20xrnt - ok
22:32:09.0359 1664 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:32:09.0453 1664 Cdaudio - ok
22:32:09.0515 1664 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:32:09.0609 1664 Cdfs - ok
22:32:09.0656 1664 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:32:09.0765 1664 Cdrom - ok
22:32:09.0781 1664 Changer - ok
22:32:09.0796 1664 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
22:32:09.0890 1664 CiSvc - ok
22:32:09.0921 1664 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
22:32:10.0062 1664 ClipSrv - ok
22:32:10.0140 1664 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:32:10.0171 1664 clr_optimization_v2.0.50727_32 - ok
22:32:10.0218 1664 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:32:10.0281 1664 clr_optimization_v4.0.30319_32 - ok
22:32:10.0312 1664 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:32:10.0437 1664 CmBatt - ok
22:32:10.0437 1664 CmdIde - ok
22:32:10.0578 1664 Com4QLBEx (f9a79c5b27037821112c50a9c8fb367a) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
22:32:10.0593 1664 Com4QLBEx - ok
22:32:10.0640 1664 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:32:10.0859 1664 Compbatt - ok
22:32:10.0859 1664 COMSysApp - ok
22:32:10.0875 1664 Cpqarray - ok
22:32:10.0921 1664 cpuz134 (75fa19142531cbf490770c2988a7db64) C:\WINDOWS\system32\drivers\cpuz134_x32.sys
22:32:10.0921 1664 cpuz134 - ok
22:32:10.0984 1664 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
22:32:11.0078 1664 CryptSvc - ok
22:32:11.0078 1664 dac2w2k - ok
22:32:11.0093 1664 dac960nt - ok
22:32:11.0140 1664 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
22:32:11.0203 1664 DcomLaunch - ok
22:32:11.0234 1664 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
22:32:11.0328 1664 Dhcp - ok
22:32:11.0343 1664 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:32:11.0437 1664 Disk - ok
22:32:11.0453 1664 dmadmin - ok
22:32:11.0515 1664 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
22:32:11.0656 1664 dmboot - ok
22:32:11.0671 1664 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
22:32:11.0812 1664 dmio - ok
22:32:11.0828 1664 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:32:11.0968 1664 dmload - ok
22:32:11.0968 1664 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
22:32:12.0093 1664 dmserver - ok
22:32:12.0140 1664 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:32:12.0250 1664 DMusic - ok
22:32:12.0296 1664 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
22:32:12.0312 1664 Dnscache - ok
22:32:12.0343 1664 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
22:32:12.0484 1664 Dot3svc - ok
22:32:12.0500 1664 dpti2o - ok
22:32:12.0531 1664 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:32:12.0640 1664 drmkaud - ok
22:32:12.0671 1664 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
22:32:12.0687 1664 dtsoftbus01 - ok
22:32:12.0734 1664 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
22:32:12.0828 1664 EapHost - ok
22:32:12.0843 1664 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
22:32:12.0937 1664 ERSvc - ok
22:32:13.0000 1664 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
22:32:13.0031 1664 Eventlog - ok
22:32:13.0062 1664 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
22:32:13.0078 1664 EventSystem - ok
22:32:13.0125 1664 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:32:13.0250 1664 Fastfat - ok
22:32:13.0296 1664 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
22:32:13.0328 1664 FastUserSwitchingCompatibility - ok
22:32:13.0375 1664 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
22:32:13.0468 1664 Fdc - ok
22:32:13.0500 1664 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
22:32:13.0656 1664 Fips - ok
22:32:13.0671 1664 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:32:13.0765 1664 Flpydisk - ok
22:32:13.0812 1664 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:32:13.0906 1664 FltMgr - ok
22:32:13.0984 1664 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:32:14.0000 1664 FontCache3.0.0.0 - ok
22:32:14.0031 1664 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:32:14.0125 1664 Fs_Rec - ok
22:32:14.0140 1664 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:32:14.0234 1664 Ftdisk - ok
22:32:14.0265 1664 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:32:14.0375 1664 Gpc - ok
22:32:14.0468 1664 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
22:32:14.0484 1664 gupdate - ok
22:32:14.0484 1664 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
22:32:14.0500 1664 gupdatem - ok
22:32:14.0546 1664 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:32:14.0671 1664 HDAudBus - ok
22:32:14.0765 1664 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:32:14.0875 1664 helpsvc - ok
22:32:14.0890 1664 HidServ - ok
22:32:14.0937 1664 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:32:15.0078 1664 HidUsb - ok
22:32:15.0109 1664 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
22:32:15.0218 1664 hkmsvc - ok
22:32:15.0265 1664 hpdskflt (9f620e11b80b74f4dab50a81a5df357f) C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
22:32:15.0281 1664 hpdskflt - ok
22:32:15.0281 1664 hpn - ok
22:32:15.0343 1664 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys
22:32:15.0343 1664 HpqKbFiltr - ok
22:32:15.0484 1664 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
22:32:15.0500 1664 hpqwmiex - ok
22:32:15.0546 1664 HpStm001 (4bbfc5915327bcd4ab00e8736b38238f) C:\WINDOWS\system32\DRIVERS\HpStm001.SYS
22:32:15.0562 1664 HpStm001 - ok
22:32:15.0625 1664 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:32:15.0640 1664 HTTP - ok
22:32:15.0671 1664 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
22:32:15.0875 1664 HTTPFilter - ok
22:32:15.0890 1664 i2omgmt - ok
22:32:15.0906 1664 i2omp - ok
22:32:15.0937 1664 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:32:16.0031 1664 i8042prt - ok
22:32:16.0171 1664 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:32:16.0218 1664 idsvc - ok
22:32:16.0281 1664 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:32:16.0359 1664 Imapi - ok
22:32:16.0406 1664 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
22:32:16.0562 1664 ImapiService - ok
22:32:16.0578 1664 ini910u - ok
22:32:16.0593 1664 IntelIde - ok
22:32:16.0625 1664 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:32:16.0734 1664 intelppm - ok
22:32:16.0750 1664 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:32:16.0859 1664 Ip6Fw - ok
22:32:16.0890 1664 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:32:16.0984 1664 IpFilterDriver - ok
22:32:17.0015 1664 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:32:17.0109 1664 IpInIp - ok
22:32:17.0140 1664 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:32:17.0250 1664 IpNat - ok
22:32:17.0296 1664 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:32:17.0390 1664 IPSec - ok
22:32:17.0437 1664 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:32:17.0500 1664 IRENUM - ok
22:32:17.0546 1664 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:32:17.0640 1664 isapnp - ok
22:32:17.0781 1664 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
22:32:17.0796 1664 JavaQuickStarterService - ok
22:32:17.0843 1664 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:32:18.0000 1664 Kbdclass - ok
22:32:18.0046 1664 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:32:18.0203 1664 kbdhid - ok
22:32:18.0250 1664 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:32:18.0390 1664 kmixer - ok
22:32:18.0437 1664 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:32:18.0453 1664 KSecDD - ok
22:32:18.0500 1664 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
22:32:18.0515 1664 LanmanServer - ok
22:32:18.0562 1664 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
22:32:18.0593 1664 lanmanworkstation - ok
22:32:18.0609 1664 lbrtfdc - ok
22:32:18.0656 1664 limsgt (6ac289ab3de19bee4868666ea3eef34b) C:\WINDOWS\system32\DRIVERS\limsgt.sys
22:32:18.0656 1664 limsgt ( UnsignedFile.Multi.Generic ) - warning
22:32:18.0656 1664 limsgt - detected UnsignedFile.Multi.Generic (1)
22:32:18.0703 1664 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
22:32:18.0796 1664 LmHosts - ok
22:32:18.0843 1664 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
22:32:18.0843 1664 MarvinBus ( UnsignedFile.Multi.Generic ) - warning
22:32:18.0843 1664 MarvinBus - detected UnsignedFile.Multi.Generic (1)
22:32:18.0843 1664 mcdbus - ok
22:32:18.0875 1664 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
22:32:19.0031 1664 Messenger - ok
22:32:19.0140 1664 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:32:19.0171 1664 Microsoft Office Groove Audit Service - ok
22:32:19.0218 1664 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:32:19.0406 1664 mnmdd - ok
22:32:19.0453 1664 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
22:32:19.0546 1664 mnmsrvc - ok
22:32:19.0562 1664 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
22:32:19.0671 1664 Modem - ok
22:32:19.0718 1664 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:32:19.0812 1664 Mouclass - ok
22:32:19.0812 1664 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:32:19.0921 1664 mouhid - ok
22:32:19.0937 1664 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:32:20.0031 1664 MountMgr - ok
22:32:20.0046 1664 mraid35x - ok
22:32:20.0062 1664 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:32:20.0156 1664 MRxDAV - ok
22:32:20.0203 1664 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:32:20.0250 1664 MRxSmb - ok
22:32:20.0312 1664 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
22:32:20.0406 1664 MSDTC - ok
22:32:20.0421 1664 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:32:20.0515 1664 Msfs - ok
22:32:20.0531 1664 MSIServer - ok
22:32:20.0562 1664 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:32:20.0656 1664 MSKSSRV - ok
22:32:20.0671 1664 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:32:20.0796 1664 MSPCLOCK - ok
22:32:20.0828 1664 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:32:20.0937 1664 MSPQM - ok
22:32:20.0984 1664 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:32:21.0093 1664 mssmbios - ok
22:32:21.0187 1664 MSSQL$SQLEXPRESS - ok
22:32:21.0265 1664 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
22:32:21.0281 1664 MSSQLServerADHelper100 - ok
22:32:21.0281 1664 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:32:21.0406 1664 MSTEE - ok
22:32:21.0437 1664 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:32:21.0453 1664 Mup - ok
22:32:21.0500 1664 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:32:21.0625 1664 NABTSFEC - ok
22:32:21.0671 1664 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
22:32:21.0781 1664 napagent - ok
22:32:21.0812 1664 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:32:21.0921 1664 NDIS - ok
22:32:21.0937 1664 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:32:22.0031 1664 NdisIP - ok
22:32:22.0078 1664 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:32:22.0078 1664 NdisTapi - ok
22:32:22.0125 1664 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:32:22.0218 1664 Ndisuio - ok
22:32:22.0265 1664 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:32:22.0375 1664 NdisWan - ok
22:32:22.0421 1664 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:32:22.0453 1664 NDProxy - ok
22:32:22.0468 1664 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:32:22.0562 1664 NetBIOS - ok
22:32:22.0593 1664 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:32:22.0687 1664 NetBT - ok
22:32:22.0734 1664 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
22:32:22.0828 1664 NetDDE - ok
22:32:22.0843 1664 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
22:32:22.0937 1664 NetDDEdsdm - ok
22:32:22.0984 1664 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:32:23.0062 1664 Netlogon - ok
22:32:23.0109 1664 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
22:32:23.0218 1664 Netman - ok
22:32:23.0343 1664 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:32:23.0359 1664 NetTcpPortSharing - ok
22:32:23.0406 1664 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
22:32:23.0421 1664 Nla - ok
22:32:23.0531 1664 NMIndexingService (c4ebbbd7165be535f0bfd06b80601d91) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
22:32:23.0546 1664 NMIndexingService ( UnsignedFile.Multi.Generic ) - warning
22:32:23.0546 1664 NMIndexingService - detected UnsignedFile.Multi.Generic (1)
22:32:23.0593 1664 nmwcd (28e36e677849174c910faaead3e60e9e) C:\WINDOWS\system32\drivers\ccdcmb.sys
22:32:23.0656 1664 nmwcd - ok
22:32:23.0703 1664 nmwcdc (3823deb17f9f6775de0187a98fa0536d) C:\WINDOWS\system32\drivers\ccdcmbo.sys
22:32:23.0765 1664 nmwcdc - ok
22:32:23.0812 1664 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\WINDOWS\system32\drivers\npf.sys
22:32:23.0843 1664 NPF - ok
22:32:23.0890 1664 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:32:24.0078 1664 Npfs - ok
22:32:24.0140 1664 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:32:24.0234 1664 Ntfs - ok
22:32:24.0281 1664 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:32:24.0375 1664 NtLmSsp - ok
22:32:24.0406 1664 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
22:32:24.0531 1664 NtmsSvc - ok
22:32:24.0562 1664 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:32:24.0687 1664 Null - ok
22:32:24.0703 1664 NWCWorkstation (adb82fbc435ae7504082b3c714c3885d) C:\WINDOWS\System32\nwwks.dll
22:32:24.0765 1664 NWCWorkstation - ok
22:32:24.0812 1664 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:32:24.0906 1664 NwlnkFlt - ok
22:32:24.0921 1664 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:32:25.0015 1664 NwlnkFwd - ok
22:32:25.0046 1664 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
22:32:25.0140 1664 NwlnkIpx - ok
22:32:25.0156 1664 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
22:32:25.0250 1664 NwlnkNb - ok
22:32:25.0281 1664 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
22:32:25.0375 1664 NwlnkSpx - ok
22:32:25.0390 1664 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
22:32:25.0437 1664 NWRDR - ok
22:32:25.0562 1664 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:32:25.0593 1664 odserv - ok
22:32:25.0671 1664 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:32:25.0671 1664 ose - ok
22:32:25.0718 1664 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
22:32:25.0812 1664 Parport - ok
22:32:25.0843 1664 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:32:25.0937 1664 PartMgr - ok
22:32:25.0968 1664 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
22:32:26.0109 1664 ParVdm - ok
22:32:26.0140 1664 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
22:32:26.0156 1664 pccsmcfd - ok
22:32:26.0187 1664 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
22:32:26.0312 1664 PCI - ok
22:32:26.0328 1664 PCIDump - ok
22:32:26.0359 1664 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:32:26.0484 1664 PCIIde - ok
22:32:26.0531 1664 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:32:26.0640 1664 Pcmcia - ok
22:32:26.0640 1664 PDCOMP - ok
22:32:26.0656 1664 PDFRAME - ok
22:32:26.0671 1664 PDRELI - ok
22:32:26.0671 1664 PDRFRAME - ok
22:32:26.0687 1664 perc2 - ok
22:32:26.0703 1664 perc2hib - ok
22:32:26.0750 1664 phmcd (6506405854d410978bf12590cedf9a00) C:\WINDOWS\system32\DRIVERS\phmcd.sys
22:32:26.0765 1664 phmcd - ok
22:32:26.0828 1664 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
22:32:26.0859 1664 PlugPlay - ok
22:32:26.0906 1664 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:32:27.0000 1664 PolicyAgent - ok
22:32:27.0046 1664 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:32:27.0140 1664 PptpMiniport - ok
22:32:27.0171 1664 prmvmouse (f1f70dde1fd6713bfb32c62a68a190b4) C:\WINDOWS\system32\DRIVERS\activmouse.sys
22:32:27.0187 1664 prmvmouse - ok
22:32:27.0203 1664 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:32:27.0343 1664 ProtectedStorage - ok
22:32:27.0359 1664 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:32:27.0515 1664 PSched - ok
22:32:27.0593 1664 PSI_SVC_2 (0b6dea0a1662cab8f2bf339dc0752ef4) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
22:32:27.0625 1664 PSI_SVC_2 - ok
22:32:27.0640 1664 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:32:27.0796 1664 Ptilink - ok
22:32:27.0843 1664 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:32:27.0859 1664 PxHelp20 - ok
22:32:27.0875 1664 ql1080 - ok
22:32:27.0875 1664 Ql10wnt - ok
22:32:27.0890 1664 ql12160 - ok
22:32:27.0906 1664 ql1240 - ok
22:32:27.0921 1664 ql1280 - ok
22:32:27.0937 1664 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:32:28.0093 1664 RasAcd - ok
22:32:28.0125 1664 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
22:32:28.0234 1664 RasAuto - ok
22:32:28.0281 1664 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:32:28.0375 1664 Rasl2tp - ok
22:32:28.0390 1664 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
22:32:28.0484 1664 RasMan - ok
22:32:28.0515 1664 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:32:28.0609 1664 RasPppoe - ok
22:32:28.0609 1664 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:32:28.0703 1664 Raspti - ok
22:32:28.0750 1664 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:32:28.0859 1664 Rdbss - ok
22:32:28.0875 1664 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:32:28.0968 1664 RDPCDD - ok
22:32:29.0062 1664 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:32:29.0187 1664 rdpdr - ok
22:32:29.0250 1664 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
22:32:29.0281 1664 RDPWD - ok
22:32:29.0328 1664 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
22:32:29.0468 1664 RDSessMgr - ok
22:32:29.0500 1664 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:32:29.0625 1664 redbook - ok
22:32:29.0656 1664 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
22:32:29.0796 1664 RemoteAccess - ok
22:32:29.0843 1664 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
22:32:29.0968 1664 RemoteRegistry - ok
22:32:30.0015 1664 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
22:32:30.0140 1664 RFCOMM - ok
22:32:30.0187 1664 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
22:32:30.0281 1664 ROOTMODEM - ok
22:32:30.0406 1664 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files\WinPcap\rpcapd.exe
22:32:30.0421 1664 rpcapd - ok
22:32:30.0437 1664 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
22:32:30.0531 1664 RpcLocator - ok
22:32:30.0578 1664 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
22:32:30.0625 1664 RpcSs - ok
22:32:30.0671 1664 RsFx0103 (fd692c6ffade58f7c4c3c3c9a0ec35bd) C:\WINDOWS\system32\DRIVERS\RsFx0103.sys
22:32:30.0687 1664 RsFx0103 - ok
22:32:30.0750 1664 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
22:32:30.0890 1664 RSVP - ok
22:32:30.0937 1664 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:32:31.0031 1664 SamSs - ok
22:32:31.0078 1664 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
22:32:31.0171 1664 SCardSvr - ok
22:32:31.0218 1664 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\WINDOWS\system32\drivers\SCDEmu.sys
22:32:31.0234 1664 SCDEmu ( UnsignedFile.Multi.Generic ) - warning
22:32:31.0234 1664 SCDEmu - detected UnsignedFile.Multi.Generic (1)
22:32:31.0281 1664 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
22:32:31.0375 1664 Schedule - ok
22:32:31.0421 1664 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:32:31.0468 1664 Secdrv - ok
22:32:31.0515 1664 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
22:32:31.0593 1664 seclogon - ok
22:32:31.0625 1664 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
22:32:31.0796 1664 SENS - ok
22:32:31.0875 1664 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
22:32:32.0046 1664 Serial - ok
22:32:32.0125 1664 ServiceLayer (5bf59c6bc737baaf541168e5cb2ec1d9) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
22:32:32.0140 1664 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
22:32:32.0140 1664 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
22:32:32.0203 1664 SFAUDIO (b6401608579b6431994425ba7653f774) C:\WINDOWS\system32\drivers\sfaudio.sys
22:32:32.0234 1664 SFAUDIO - ok
22:32:32.0281 1664 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
22:32:32.0296 1664 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
22:32:32.0296 1664 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
22:32:32.0328 1664 sfdrv01a (4d0ce0fadca29e7da68ce597ac9010bd) C:\WINDOWS\system32\drivers\sfdrv01a.sys
22:32:32.0343 1664 sfdrv01a - ok
22:32:32.0375 1664 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\WINDOWS\system32\drivers\sfhlp02.sys
22:32:32.0390 1664 sfhlp02 - ok
22:32:32.0421 1664 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:32:32.0578 1664 Sfloppy - ok
22:32:32.0593 1664 sfsync02 (6dc03269f4c71e4ab313c3597f42a340) C:\WINDOWS\system32\drivers\sfsync02.sys
22:32:32.0625 1664 sfsync02 - ok
22:32:32.0640 1664 sfvfs02 (107b772690050d3b19cbc637ad8fd96e) C:\WINDOWS\system32\drivers\sfvfs02.sys
22:32:32.0671 1664 sfvfs02 - ok
22:32:32.0718 1664 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
22:32:32.0921 1664 SharedAccess - ok
22:32:32.0968 1664 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
22:32:32.0984 1664 ShellHWDetection - ok
22:32:33.0000 1664 Simbad - ok
22:32:33.0046 1664 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:32:33.0140 1664 SLIP - ok
22:32:33.0187 1664 SNMP (442d891cf7cb138f185fb2a1161c8af9) C:\WINDOWS\System32\snmp.exe
22:32:33.0281 1664 SNMP - ok
22:32:33.0296 1664 SNMPTRAP (4296e52a9d3ca6dcd1cf57e8bca45ab7) C:\WINDOWS\System32\snmptrap.exe
22:32:33.0390 1664 SNMPTRAP - ok
22:32:33.0484 1664 SNP2UVC (d8aba1293b82e7af2f78b67ca46fcb3d) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
22:32:33.0546 1664 SNP2UVC - ok
22:32:33.0562 1664 Sparrow - ok
22:32:33.0609 1664 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:32:33.0718 1664 splitter - ok
22:32:33.0765 1664 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
22:32:33.0781 1664 Spooler - ok
22:32:33.0843 1664 sptd (ab5c8f6e63674dbad9c1e449e8fd77ce) C:\WINDOWS\System32\Drivers\sptd.sys
22:32:33.0890 1664 sptd - ok
22:32:34.0015 1664 SQLAgent$SQLEXPRESS (a687b5b326afcfcf182c4931d1ff9771) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
22:32:34.0046 1664 SQLAgent$SQLEXPRESS - ok
22:32:34.0093 1664 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:32:34.0109 1664 SQLBrowser - ok
22:32:34.0171 1664 SQLWriter (637a0f23f9012358e92e6f99835494d1) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:32:34.0187 1664 SQLWriter - ok
22:32:34.0250 1664 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
22:32:34.0328 1664 sr - ok
22:32:34.0359 1664 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
22:32:34.0437 1664 srservice - ok
22:32:34.0484 1664 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:32:34.0546 1664 Srv - ok
22:32:34.0593 1664 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
22:32:34.0734 1664 SSDPSRV - ok
22:32:35.0046 1664 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
22:32:35.0281 1664 stisvc - ok
22:32:35.0312 1664 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:32:35.0406 1664 streamip - ok
22:32:35.0453 1664 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:32:35.0546 1664 swenum - ok
22:32:35.0687 1664 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:32:35.0718 1664 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
22:32:35.0718 1664 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
22:32:35.0765 1664 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:32:35.0859 1664 swmidi - ok
22:32:35.0875 1664 SwPrv - ok
22:32:35.0875 1664 symc810 - ok
22:32:35.0890 1664 symc8xx - ok
22:32:35.0906 1664 sym_hi - ok
22:32:35.0921 1664 sym_u3 - ok
22:32:35.0968 1664 SynTP (1de40024679cde0e573465253519730e) C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:32:35.0984 1664 SynTP - ok
22:32:36.0046 1664 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:32:36.0156 1664 sysaudio - ok
22:32:36.0203 1664 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
22:32:36.0343 1664 SysmonLog - ok
22:32:36.0390 1664 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
22:32:36.0546 1664 TapiSrv - ok
22:32:36.0609 1664 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:32:36.0625 1664 Tcpip - ok
22:32:36.0671 1664 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:32:36.0843 1664 TDPIPE - ok
22:32:36.0859 1664 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:32:36.0968 1664 TDTCP - ok
22:32:37.0031 1664 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:32:37.0140 1664 TermDD - ok
22:32:37.0187 1664 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
22:32:37.0281 1664 TermService - ok
22:32:37.0343 1664 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
22:32:37.0359 1664 Themes - ok
22:32:37.0406 1664 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
22:32:37.0453 1664 TlntSvr - ok
22:32:37.0484 1664 TosIde - ok
22:32:37.0531 1664 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
22:32:37.0687 1664 TrkWks - ok
22:32:37.0750 1664 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:32:37.0875 1664 Udfs - ok
22:32:37.0875 1664 ultra - ok
22:32:37.0937 1664 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:32:38.0078 1664 Update - ok
22:32:38.0125 1664 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
22:32:38.0218 1664 upnphost - ok
22:32:38.0265 1664 upperdev (b1b8bee26227dad9835019201552cb05) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
22:32:38.0359 1664 upperdev - ok
22:32:38.0375 1664 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
22:32:38.0500 1664 UPS - ok
22:32:38.0531 1664 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:32:38.0640 1664 usbccgp - ok
22:32:38.0687 1664 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:32:38.0781 1664 usbehci - ok
22:32:38.0796 1664 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:32:38.0890 1664 usbhub - ok
22:32:38.0921 1664 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:32:39.0015 1664 usbscan - ok
22:32:39.0031 1664 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
22:32:39.0125 1664 usbser - ok
22:32:39.0156 1664 UsbserFilt (98e1ff1d732c6c7200b6c59d4ff8c1c3) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
22:32:39.0203 1664 UsbserFilt - ok
22:32:39.0250 1664 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:32:39.0359 1664 USBSTOR - ok
22:32:39.0406 1664 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:32:39.0500 1664 usbuhci - ok
22:32:39.0562 1664 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
22:32:39.0656 1664 usbvideo - ok
22:32:39.0687 1664 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:32:39.0796 1664 VgaSave - ok
22:32:39.0812 1664 ViaIde - ok
22:32:39.0828 1664 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
22:32:39.0921 1664 VolSnap - ok
22:32:39.0953 1664 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
22:32:40.0031 1664 VSS - ok
22:32:40.0078 1664 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
22:32:40.0187 1664 W32Time - ok
22:32:40.0234 1664 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:32:40.0328 1664 Wanarp - ok
22:32:40.0390 1664 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
22:32:40.0406 1664 Wdf01000 - ok
22:32:40.0421 1664 WDICA - ok
22:32:40.0453 1664 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:32:40.0562 1664 wdmaud - ok
22:32:40.0593 1664 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
22:32:40.0718 1664 WebClient - ok
22:32:40.0781 1664 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
22:32:40.0906 1664 winmgmt - ok
22:32:40.0953 1664 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
22:32:40.0968 1664 WmdmPmSN - ok
22:32:41.0015 1664 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
22:32:41.0062 1664 Wmi - ok
22:32:41.0109 1664 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:32:41.0218 1664 WmiAcpi - ok
22:32:41.0250 1664 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:32:41.0359 1664 WmiApSrv - ok
22:32:41.0515 1664 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
22:32:41.0578 1664 WMPNetworkSvc - ok
22:32:41.0640 1664 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:32:41.0656 1664 WpdUsb - ok
22:32:41.0812 1664 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:32:41.0843 1664 WPFFontCache_v0400 - ok
22:32:41.0906 1664 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
22:32:42.0125 1664 wscsvc - ok
22:32:42.0156 1664 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:32:42.0250 1664 WSTCODEC - ok
22:32:42.0281 1664 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
22:32:42.0375 1664 wuauserv - ok
22:32:42.0421 1664 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:32:42.0453 1664 WudfPf - ok
22:32:42.0515 1664 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:32:42.0515 1664 WudfRd - ok
22:32:42.0546 1664 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll
22:32:42.0578 1664 WudfSvc - ok
22:32:42.0593 1664 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
22:32:42.0718 1664 WZCSVC - ok
22:32:42.0750 1664 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
22:32:42.0859 1664 xmlprov - ok
22:32:42.0906 1664 yksvc (b074b1ee465a3292636858323d176402) C:\WINDOWS\System32\yk51x86.dll
22:32:42.0937 1664 yksvc - ok
22:32:42.0953 1664 yukonwxp (bdb2509bb037e1d15d1b3a63f5b77bb4) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
22:32:42.0984 1664 yukonwxp - ok
22:32:43.0015 1664 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
22:32:43.0375 1664 \Device\Harddisk0\DR0 - ok
22:32:43.0375 1664 Boot (0x1200) (ba4517c28f8efd84bb666f4a17ad322f) \Device\Harddisk0\DR0\Partition0
22:32:43.0390 1664 \Device\Harddisk0\DR0\Partition0 - ok
22:32:43.0390 1664 Boot (0x1200) (1224cc53e1dd4d6a0bde69f1b2d51d7a) \Device\Harddisk0\DR0\Partition1
22:32:43.0390 1664 \Device\Harddisk0\DR0\Partition1 - ok
22:32:43.0390 1664 ============================================================
22:32:43.0390 1664 Scan finished
22:32:43.0390 1664 ============================================================
22:32:43.0515 0604 Detected object count: 8
22:32:43.0515 0604 Actual detected object count: 8
22:33:31.0125 0604 athsgt ( UnsignedFile.Multi.Generic ) - skipped by user
22:33:31.0125 0604 athsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:33:31.0125 0604 limsgt ( UnsignedFile.Multi.Generic ) - skipped by user
22:33:31.0125 0604 limsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:33:31.0125 0604 MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user
22:33:31.0125 0604 MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:33:31.0140 0604 NMIndexingService ( UnsignedFile.Multi.Generic ) - skipped by user
22:33:31.0140 0604 NMIndexingService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:33:31.0140 0604 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
22:33:31.0140 0604 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:33:31.0140 0604 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
22:33:31.0140 0604 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:33:31.0140 0604 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
22:33:31.0140 0604 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:33:31.0156 0604 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
22:33:31.0156 0604 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

#9 Příspěvek od **vyosek** » 18 dub 2012 21:47

Super, zatim nam to jde dobre

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich
motji píše: Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill SCR:
http://download.bleepingcomputer.com/grinler/rkill.scr

Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Ailen · #10 Příspěvek od **Ailen** » 18 dub 2012 22:24

ComboFix 12-04-18.02 - Radka 18.04.2012 23:06:30.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3036.2326 [GMT 2:00]
Spuštěný z: c:\documents and settings\Radka\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: PC Cleaner Pro *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Radka\WINDOWS
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\system32\ReadMe.txt
c:\windows\system32\Temp
c:\windows\system32\Thumbs.db
.
c:\windows\system32\netsetup.exe . . . je infikován!!
.
c:\windows\system32\odbcconf.exe . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-18 do 2012-04-18 )))))))))))))))))))))))))))))))
.
.
2012-04-18 19:35 . 2012-04-18 19:39 -------- d-----w- c:\program files\trend micro
2012-04-18 19:35 . 2012-04-18 19:36 -------- d-----w- C:\rsit
2012-04-18 08:27 . 2008-04-14 12:00 137216 ----a-w- c:\windows\taskmgr.exe.exe
2012-04-17 19:30 . 2012-04-17 19:39 -------- d-----w- c:\documents and settings\Radka\Data aplikací\PCPro
2012-04-17 19:30 . 2012-04-17 19:30 -------- d-----w- c:\documents and settings\Radka\Data aplikací\PC Cleaners
2012-04-17 17:14 . 2005-09-23 20:18 171520 ----a-w- c:\windows\system32\drivers\MarvinBus.sys
2012-04-17 17:14 . 2012-04-17 17:14 -------- d-----w- c:\program files\Common Files\Pinnacle
2012-04-17 17:14 . 2012-04-17 17:14 -------- d-----w- c:\documents and settings\Radka\Local Settings\Data aplikací\Downloaded Installations
2012-04-17 17:13 . 2012-04-17 17:13 -------- d-----w- c:\documents and settings\Radka\Local Settings\Data aplikací\Pinnacle
2012-04-17 17:13 . 2012-04-17 17:18 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2012-04-17 17:07 . 2012-04-17 17:07 -------- d-----w- c:\program files\Common Files\Pegasus Imaging
2012-04-17 17:07 . 2012-04-17 17:07 -------- d-----w- c:\program files\Common Files\Yahoo!
2012-04-17 17:01 . 2012-04-17 17:07 -------- d-----w- c:\program files\Pinnacle
2012-04-16 18:02 . 2012-04-16 18:02 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
2012-04-14 05:43 . 2012-04-14 05:43 -------- d-----w- c:\program files\Sega
2012-04-13 14:47 . 2012-04-13 14:47 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-04-09 06:02 . 2012-04-14 06:38 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Internet Explorer\plugins\nppdf32.dll
2012-04-01 18:13 . 2012-04-18 20:01 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-04-01 17:25 . 2012-04-01 17:25 -------- d-----w- c:\program files\Loaris
2012-03-30 15:17 . 2012-03-30 15:17 -------- d-----w- c:\program files\NCH Software
2012-03-30 15:16 . 2012-03-30 15:16 -------- d-----w- c:\documents and settings\Radka\Data aplikací\NCH Software
2012-03-28 20:15 . 2012-03-28 20:15 -------- d-----w- C:\SSM
2012-03-28 19:57 . 2012-03-28 19:57 582144 ----a-w- c:\program files\Common Files\Microsoft Shared\DAO\DAO350.DLL
2012-03-28 19:57 . 2012-03-28 19:57 368912 ----a-w- c:\windows\system32\VBAR332.DLL
2012-03-28 19:57 . 2012-03-28 19:57 252176 ----a-w- c:\windows\system32\MSRD2X35.DLL
2012-03-28 19:57 . 2012-03-28 19:57 24848 ----a-w- c:\windows\system32\MSJTER35.DLL
2012-03-28 19:57 . 2012-03-28 19:57 123664 ----a-w- c:\windows\system32\MSJINT35.DLL
2012-03-28 19:57 . 2012-03-28 19:57 1045776 ----a-w- c:\windows\system32\MSJET35.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 06:38 . 2011-11-06 20:02 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-14 21:49 . 2012-03-14 04:46 416 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2012-03-14 04:50 . 2012-03-14 04:50 348256 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\1033\ResourceCache.dll
2012-03-14 04:48 . 2012-03-14 04:48 348256 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VSTAHost\CorelDRAW\9.0\1033\ResourceCache.dll
2012-03-11 19:07 . 2012-03-11 19:08 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-11 19:07 . 2010-04-24 13:12 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-07 00:15 . 2011-03-16 15:33 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:15 . 2009-12-03 22:19 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-07 00:03 . 2011-03-16 15:33 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:03 . 2009-12-03 22:19 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:02 . 2009-12-03 22:19 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-03-07 00:01 . 2009-12-03 22:19 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2009-12-03 22:19 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-03-07 00:01 . 2009-12-03 22:19 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-03-07 00:01 . 2009-12-03 22:19 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-06 23:58 . 2009-12-03 22:19 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-03-01 10:59 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:59 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2008-04-14 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2008-04-14 12:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-02-23 08:18 . 2009-12-05 14:06 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-12 09:02 . 2012-02-08 11:22 188128 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2012-02-11 20:25 . 2011-09-09 19:32 473656 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-02-07 09:02 . 2012-02-07 09:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-02-06 10:21 . 2012-02-06 10:21 796672 ----a-w- c:\windows\GPInstall.exe
2012-02-03 09:57 . 2008-04-14 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 21:15 . 2012-03-14 21:15 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-01-19 3477312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440]
"AccelerometerSysTrayApplet"="c:\windows\System32\accelerometerST.exe" [2009-01-22 82488]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 288312]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-29 1545512]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-07-20 1044480]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-03-24 499608]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-12-11 604776]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Radka^Nabídka Start^Programy^Po spuštění^KvetinkaProzeny.lnk]
path=c:\documents and settings\Radka\Nabídka Start\Programy\Po spuštění\KvetinkaProzeny.lnk
backup=c:\windows\pss\KvetinkaProzeny.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Radka^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.1.lnk]
path=c:\documents and settings\Radka\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ActivControl]
2010-06-10 12:54 1092896 ----a-w- c:\program files\Activ Software\ActivDriver\ActivControl2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-07-22 20:10 402432 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-12-23 17:05 143360 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-01-19 17:08 3477312 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIMDownloading your update...1300677038363]
2010-01-13 16:11 95592 ----a-w- c:\program files\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Input Device Main Program]
2008-10-16 23:22 356352 -c--a-w- c:\program files\HP\HP Wireless Comfort Mouse\TSR\xDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
2010-09-27 11:26 5896656 ---ha-w- c:\qip infium jadrispack\qip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\TrackMania Sunrise\\TmSunrise.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\QIP Infium JadrisPack\\qip.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Cisco Packet Tracer 5.3.3\\bin\\PacketTracer5.exe"=
"c:\\Documents and Settings\\Radka\\Plocha\\Prográmky\\uTorrent.exe"=
"c:\\Program Files\\Pinnacle\\Studio 15\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 15\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 15\\Programs\\umi.exe"=
.
R0 phmcd;phmcd;c:\windows\system32\drivers\phmcd.sys [14.6.2010 5:22 47056]
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [28.3.2008 12:14 24064]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [16.3.2011 17:33 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [4.12.2009 0:19 337880]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [13.4.2012 16:47 242240]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.12.2009 0:19 20696]
R2 athsgt;athsgt;c:\windows\system32\drivers\athsgt.sys [6.2.2010 16:10 164992]
R2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [19.9.2010 8:54 20328]
R2 limsgt;limsgt;c:\windows\system32\drivers\limsgt.sys [6.2.2010 16:10 12544]
R2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe -k yksvcs [14.4.2008 14:00 14336]
R3 ActivHidSerMini;Promethean Serial Board Driver;c:\windows\system32\drivers\activhidsermini.sys [26.5.2010 15:20 74752]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [1.12.2009 12:00 228408]
R3 prmvmouse;Promethean HID Mouse Service;c:\windows\system32\drivers\activmouse.sys [26.5.2010 15:21 6144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 14:16 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5.12.2009 21:19 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [9.4.2012 8:02 253088]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5.12.2009 21:19 135664]
S3 HpStm001;USB Style Packet Filter Driver;c:\windows\system32\drivers\HpStm001.sys [24.12.2009 22:07 11264]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 19:07 35088]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 14:16 753504]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [23.7.2009 5:08 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [30.3.2009 4:09 239336]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [30.3.2009 4:23 366936]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 63943492
*NewlyCreated* - TRUESIGHT
*Deregistered* - 63943492
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
yksvcs REG_MULTI_SZ yksvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 06:38]
.
2012-03-30 c:\windows\Tasks\AdobeAAMUpdater-1.0-RADKA-PC-Radka.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-03-24 22:24]
.
2012-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-05 19:19]
.
2012-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-05 19:19]
.
2012-04-10 c:\windows\Tasks\videopadShakeIcon.job
- c:\program files\NCH Software\VideoPad\videopad.exe [2012-03-30 15:17]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} -
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} -
TCP: DhcpNameServer = 62.204.224.2 62.240.163.170 62.204.224.3
FF - ProfilePath - c:\documents and settings\Radka\Data aplikací\Mozilla\Firefox\Profiles\lkcion54.default\
FF - prefs.js: network.proxy.http - 192.168.1.100
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-AlcoholAutomount - c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
MSConfigStartUp-pckukacky - c:\program files\giovanni software\počítačové kukačky\pckukacky.exe
AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-18 23:19
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1128)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2012-04-18 23:23:51
ComboFix-quarantined-files.txt 2012-04-18 21:23
.
Před spuštěním: Volných bajtů: 36 646 408 192
Po spuštění: Volných bajtů: 37 127 041 024
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 03F970CF888E666C89455047112C243F

#11 Příspěvek od **vyosek** » 18 dub 2012 22:30

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

c:\windows\system32\netsetup.exe
c:\windows\system32\odbcconf.exe
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

Ailen · #12 Příspěvek od **Ailen** » 18 dub 2012 22:40

https://www.virustotal.com/file/4626521 ... 334784759/

https://www.virustotal.com/file/abd6cf4 ... 334785083/

#13 Příspěvek od **vyosek** » 18 dub 2012 22:47

Stahnete SytemLook http://jpshortstuff.247fixes.com/SystemLook.exe a ulozte jej na plochu

Do okna vlozte skript nize
Kód: Vybrat vše
```
:filefind
taskmgr.exe
```
Kliknete na Look
Tlacitko Look se zmeni na Scanning a zsedne
Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte

Ailen · #14 Příspěvek od **Ailen** » 18 dub 2012 22:48

SystemLook 30.07.11 by jpshortstuff
Log created at 23:48 on 18/04/2012 by Radka
Administrator - Elevation successful

========== filefind ==========

Searching for "taskmgr.exe"
C:\WINDOWS\system32\taskmgr.exe --a---- 137216 bytes [12:00 14/04/2008] [12:00 14/04/2008] D3079916F8E77BD419A895C5709F88FC
C:\WINDOWS\system32\dllcache\taskmgr.exe --a--c- 137216 bytes [12:00 14/04/2008] [12:00 14/04/2008] D3079916F8E77BD419A895C5709F88FC

-= EOF =-

#15 Příspěvek od **vyosek** » 18 dub 2012 23:23

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

DDS::
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip

Firefox::
FF - ProfilePath - c:\documents and settings\Radka\Data aplikací\Mozilla\Firefox\Profiles\lkcion54.default\
FF - prefs.js: network.proxy.http - 192.168.1.100
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0

Driver::
yksvcs
gupdate
NMIndexingService
gupdatem

NetSvc::
yksvcs

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIMDownloading your update...1300677038363]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"AdobeAAMUpdater-1.0"=-
"SwitchBoard"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-

File::
c:\windows\taskmgr.exe.exe
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-RADKA-PC-Radka.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-515967899-1801674531-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-515967899-1801674531-1003UA.job
C:\WINDOWS\tasks\videopadShakeIcon.job

ClearJavaCache::

AtJob::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

VIRY.CZ

Prosím o kontrolu - nelze vyvolat správce úloh

Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh

Re: Prosím o kontrolu - nelze vyvolat správce úloh