Gery utworzono 24 sierpnia 2010 utworzono 24 sierpnia 2010 Ten pseudoantyvirus to "My Seciurity Shiled" Jak pewnie wiadomo, wysyła on komunikaty, że znalazł on jakieś wirusy, lecz jest to (najprawdopodobniej) pic na wodę, ponieważ chodzi o wykupienie licencji. Zablokował na dodatek Avasta i "popsół" Firefoxa, dlatego musiałem ściągnąć Operę. Oto mój log: [log]OTL logfile created on: 2010-08-24 15:35:41 - Run 1 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Grzegorz\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 148,91 Gb Total Space | 29,15 Gb Free Space | 19,57% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ORGANIZA-CBB9DB Current User Name: Grzegorz Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-08-24 15:24:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grzegorz\Pulpit\OTL.exe PRC - [2010-08-23 15:13:47 | 002,278,912 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\c918233\MSc918_2124.exe PRC - [2010-08-09 15:27:06 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2010-07-22 01:24:16 | 012,477,024 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-06-21 10:23:58 | 016,218,112 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files\ipla\ipla.exe PRC - [2010-01-14 00:44:52 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe PRC - [2009-11-05 19:25:42 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2009-11-05 19:25:16 | 000,116,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe PRC - [2009-09-17 21:37:15 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-09-17 21:37:15 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009-08-31 18:07:34 | 011,391,592 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe PRC - [2009-08-31 16:56:26 | 000,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-04-23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-12-13 06:23:30 | 000,882,176 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe PRC - [2008-07-29 21:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe PRC - [2008-04-14 23:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 23:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2008-04-14 23:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 23:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [mi] PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 23:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2008-04-14 23:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2008-04-14 23:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 23:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 23:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 23:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 23:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2007-05-17 17:08:14 | 000,661,776 | ---- | M] (IVT Corporation.) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe PRC - [2005-11-10 05:14:06 | 015,473,664 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2004-06-14 11:54:20 | 000,200,704 | ---- | M] () -- C:\Program Files\Gigabyte\ET5\GUI.exe PRC - [2003-06-19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE PRC - [2003-05-13 17:17:48 | 001,019,961 | ---- | M] (Silicon Image, Inc.) -- C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-08-24 15:24:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grzegorz\Pulpit\OTL.exe MOD - [2010-07-27 08:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 23:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 23:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 23:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 23:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-14 23:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 23:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 23:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 23:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 23:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 23:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 23:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-14 23:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 23:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-14 23:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 23:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 23:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 23:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 23:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 23:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 23:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 23:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2009-11-25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009-11-25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009-11-25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009-11-25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009-11-05 19:25:42 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2005-06-14 22:40:54 | 000,491,520 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\System32\LMabcoms.exe -- (lmab_device) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Grzegorz\USTAWI~1\Temp\{55638DD9-D5A9-11D3-B74B-204C4F4F5020}\AMDMSRIO.sys -- (AMDMSRIO) DRV - [2010-02-11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2009-11-25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009-11-25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2009-11-25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-11-25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009-11-25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009-11-25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009-11-02 10:39:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009-09-21 10:55:36 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009-09-21 10:55:36 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV - [2009-09-21 10:55:36 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV - [2009-09-17 15:10:30 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-08-29 01:09:35 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2008-10-21 12:12:16 | 006,133,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2008-04-14 01:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008-04-14 01:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008-04-13 23:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-05-11 03:10:50 | 000,034,704 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2007-05-09 01:59:40 | 000,036,496 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb) DRV - [2007-03-05 06:00:04 | 000,027,792 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - [2007-03-05 05:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btnetdrv.sys -- (BT) DRV - [2007-03-05 05:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2007-03-05 05:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\vbtenum.sys -- (BTHidEnum) DRV - [2007-03-05 05:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr) DRV - [2007-03-05 05:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm) DRV - [2006-12-14 10:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006-11-29 23:24:46 | 000,031,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Temp\pfsvgae.sys -- (pfsvgae) DRV - [2006-03-02 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2006-03-02 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2005-11-10 10:44:12 | 004,064,256 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005-04-27 11:40:26 | 000,006,534 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Program Files\Gigabyte\ET5\MARKFUN.W32 -- (MarkFun_NT) DRV - [2005-03-09 15:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2004-09-21 00:09:10 | 000,186,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ET5Drv.sys -- (ET5Drv) DRV - [2003-12-31 05:58:46 | 000,069,504 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023) DRV - [2001-08-17 21:53:42 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\loop.sys -- (msloop) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = wyborcza.pl/0,0.html?p=017 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1645522239-706699826-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com IE - HKU\S-1-5-21-1645522239-706699826-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = wyborcza.pl/0,0.html?p=017 IE - HKU\S-1-5-21-1645522239-706699826-725345543-1004\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1645522239-706699826-725345543-1004\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com) IE - HKU\S-1-5-21-1645522239-706699826-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaultthis.engineName: "Free Lunch Design Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=VE3D01&q=" FF - prefs.js..browser.search.selectedEngine: "search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014 FF - prefs.js..extensions.enabledItems: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}:2.5.6.0 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 [2009-09-10 14:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Extensions [2010-08-23 14:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\jrbpq80l.default\extensions [2009-09-15 11:16:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\jrbpq80l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-03-13 18:47:50 | 000,000,000 | ---D | M] (Free Lunch Design Toolbar) -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\jrbpq80l.default\extensions\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} [2010-03-13 18:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\jrbpq80l.default\extensions\DTToolbar@toolbarnet.com [2010-02-16 23:26:06 | 000,002,172 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\jrbpq80l.default\searchplugins\bing.xml [2009-05-31 19:45:28 | 000,000,896 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\jrbpq80l.default\searchplugins\conduit.xml [2009-09-17 15:13:43 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\jrbpq80l.default\searchplugins\daemon-search.xml [2010-08-23 16:43:16 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll O1 HOSTS File: ([2010-08-24 14:33:31 | 000,002,760 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 74.125.45.100 4-open-davinci.com O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com O1 - Hosts: 74.125.45.100 privatesecuredpayments.com O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com O1 - Hosts: 74.125.45.100 getantivirusplusnow.com O1 - Hosts: 74.125.45.100 secure-plus-payments.com O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com O1 - Hosts: 74.125.45.100 www.getavplusnow.com O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com O1 - Hosts: 74.125.45.100 urs.microsoft.com O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com O1 - Hosts: 74.125.45.100 paysoftbillsolution.com O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com O1 - Hosts: 217.23.15.139 www.google.com O1 - Hosts: 217.23.15.139 google.com O1 - Hosts: 217.23.15.139 google.com.au O1 - Hosts: 217.23.15.139 www.google.com.au O1 - Hosts: 217.23.15.139 google.be O1 - Hosts: 217.23.15.139 www.google.be O1 - Hosts: 217.23.15.139 google.com.br O1 - Hosts: 217.23.15.139 www.google.com.br O1 - Hosts: 217.23.15.139 google.ca O1 - Hosts: 38 more lines... O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_6_2_0.dll (Yahoo! Inc.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.) O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Grzegorz\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll File not found O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_6_2_0.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O3 - HKU\S-1-5-21-1645522239-706699826-725345543-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1645522239-706699826-725345543-1004\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1645522239-706699826-725345543-1004\..\Toolbar\WebBrowser: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_6_2_0.dll (Yahoo! Inc.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\GUI.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-21-1645522239-706699826-725345543-1004..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKU\S-1-5-21-1645522239-706699826-725345543-1004..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKU\S-1-5-21-1645522239-706699826-725345543-1004..\Run: [cdoosoft] C:\DOCUME~1\Grzegorz\USTAWI~1\Temp\herss.exe File not found O4 - HKU\S-1-5-21-1645522239-706699826-725345543-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1645522239-706699826-725345543-1004..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found O4 - HKU\S-1-5-21-1645522239-706699826-725345543-1004..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1645522239-706699826-725345543-1004..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKU\S-1-5-21-1645522239-706699826-725345543-1004..\Run: [My Security Shield] File not found O4 - HKU\S-1-5-21-1645522239-706699826-725345543-1004..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1645522239-706699826-725345543-1004..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\SATARaid.lnk = C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe (Silicon Image, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1645522239-706699826-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1645522239-706699826-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: nodispcpl = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O27 - HKLM IFEO\_avp32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\_avpcc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\_avpm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\~1.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\~2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\a.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aAvgApi.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AAWTray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\About.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ackwin32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\adaware.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Ad-Aware.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\advxdwin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AdwarePrj.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\agent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\agentsvr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\agentw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\alertsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\alevir.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\alogserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AlphaAV: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AlphaAV.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AluSchedulerSvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\amon9x.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntispywarXP2009.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\anti-trojan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Anti-Virus Professional.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\antivirus.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntiVirus_Pro.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusPlus: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusPlus.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusPro_2010.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusXP: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusXP.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\antivirusxppro2009.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ants.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\apimonitor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aplica32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\apvxdwin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\arr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Arrakis3.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashAvast.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashBug.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashChest.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashCnsnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashDisp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashLogV.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashMaiSv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashPopWz.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashQuick.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashServ.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSimp2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSimpl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSkPcc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSkPck.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashUpd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashWebSv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswChLic.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswRegSvr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswRunDll.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswUpdSv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atcon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atguard.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atro55en.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atupdater.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atwatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\au.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aupdate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\autodown.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\auto-protect.nav80try.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\autotrace.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\autoupdate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\av360.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avadmin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AVCare.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avcenter.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avciman.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avconfig.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avconsol.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ave32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AVENGINE.EXE: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgcc32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgchk.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgcmgr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgcsrvx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgctrl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgdumpx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgemc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgiproxy.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgnsx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgrsx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgscanx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgserv9.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgsrmax.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgtray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgupd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgwdsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkpop.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkservice.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkwctl9.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avltmain.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avmailc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avmcdlg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avnotify.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avp32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpcc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpdos32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avptc32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpupd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avsched32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avsynmgr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avupgsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AVWEBGRD.EXE: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwin95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwinnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwsc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwupd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwupd32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwupsrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avxmonitor9x.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avxmonitornt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avxquar.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\b.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\backweb.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bargains.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bd_professional.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdagent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdfvcl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdfvwiz.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\BDInProcPatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdmcon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\BDMsnScan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdreinit.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdsubwiz.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\BDSurvey.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdtkexec.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdwizreg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\beagle.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\belt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bidef.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bidserver.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bipcp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bipcpevalsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bisp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blackd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blackice.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blink.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blss.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bootconf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bootwarn.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\borg2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bpc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\brasil.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\brastk.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\brw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bs120.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bspatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bundle.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bvt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\c.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cavscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccapp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccevtmgr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccpxysvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccSvcHst.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cdp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfgwiz.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfiadmin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfiaudit.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfinet.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfinet32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfpconfg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfplogvw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfpupdat.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Cl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\claw95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\claw95cf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\clean.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleaner.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleaner3.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleanIELow.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleanpc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\click.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmd32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmdagent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmesys.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmgrdian.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmon016.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\connectionmonitor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\control: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cpd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cpf9x206.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cpfnt206.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\crashrep.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\csc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cssconfg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cssupdat.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cssurf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ctrl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cwnb181.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cwntdwmo.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\d.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\datemanager.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dcomx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\defalert.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\defscangui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\defwatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\deloeminfs.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\deputy.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\divx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dllcache.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dllreg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\doors.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dop.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dpf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dpfsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dpps2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\driverctrl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\drwatson.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\drweb32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\drwebupw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dssagent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dvp95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dvp95_0.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ecengine.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\efpeadm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\egui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ekrn.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\emsw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\esafe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\escanhnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\escanv95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\espwatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ethereal.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\etrustcipe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\evpn.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\exantivirus-cnet.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\exe.avxw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\expert.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\explore.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fact.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-agnt95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fameh32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fast.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fch32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fih32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\findviru.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\firewall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fixcfg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fixfp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fnrb32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fprot.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-prot.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-prot95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fp-win.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fp-win_trial.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\frmwrk32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\frw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsaa.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav530stbyb.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav530wtbyb.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsgk32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsm32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsma32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsmb32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-stopw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gator.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gbmenu.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gbn976rl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gbpoll.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\generics.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gmt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\guard.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\guarddog.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\guardgui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hacktracersetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hbinst.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hbsrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\History.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\homeav2010.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hotactio.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hotpatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\htlog.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\htpatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hwpe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hxdl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hxiul.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iamapp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iamserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iamstats.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ibmasn.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ibmavsp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icload95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icloadnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icmon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icsupp95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icsuppnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Identity.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\idle.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iedll.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iedriver.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\IEShow.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iface.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ifw2000.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\inetlnfo.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\infus.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\infwin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\init.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\init32.exe : Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[1].exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[2].exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[3].exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[4].exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[5].exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\intdel.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\intren.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iomon98.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\istsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\jammer.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\jdbgmrg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\jedi.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\JsRcGen.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kavlite40eng.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kavpers40eng.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kavpf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kazza.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\keenvalue.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kerio-pf-213-en-win.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kerio-wrl-421-en-win.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kerio-wrp-421-en-win.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\killprocesssetup161.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\launcher.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldnetmon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldpro.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldpromenu.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\licmgr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\livesrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lnetinfo.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\loader.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\localnet.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lockdown.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lockdown2000.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lookout.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lordpe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luau.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lucomserver.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luinit.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luspt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\MalwareRemoval.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mapisvc32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcagent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcmnhdlr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcmscsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcnasvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcproxy.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\McSACore.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcshell.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcshield.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcsysmon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mctool.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcupdate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcvsrte.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcvsshld.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\md.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mfin32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mfw2en.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mfweng3.02d30.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mgavrtcl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mgavrte.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mghtml.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mgui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\minilog.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mmod.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\monitor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\moolive.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mostat.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mpfagent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mpfservice.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\MPFSrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mpftray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mrflux.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mrt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msa.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msapp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\MSASCui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msbb.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msblast.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mscache.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msccn32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mscman.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msconfig: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msdm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msdos.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msfwsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msiexec16.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mslaugh.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msmgt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\MsMpEng.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msmsgri32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msseces.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mssmmc32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mssys.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msvxd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mu0311ad.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mwatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\n32scanw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navap.navapsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navapsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navapw32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navdx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navlu32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navstub.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navw32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navwnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nc2000.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ncinst4.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ndd32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\neomonitor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\neowatchlog.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netarmor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netd32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netinfo.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netmon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netscanpro.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netspyhunter-1.2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netutils.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nisserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nisum.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nmain.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nod32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\normist.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\norton_internet_secu_3.0_407.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\notstart.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npf40_tw_98_nt_me_2k.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npfmessenger.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nprotect.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npscheck.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npssvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nsched32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nssys32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nstask32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nsupdate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ntrtscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ntvdm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ntxconfig.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nupgrade.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nvarch16.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nvc95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nvsvc32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nwinst4.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nwservice.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nwtool16.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OAcat.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OAhlp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OAReg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\oasrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\oaui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\oaview.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OcHealthMon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ODSW.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ollydbg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\onsrvr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\optimize.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ostronet.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\otfix.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\outpost.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\outpostinstall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\outpostproinstall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ozn695m5.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\padmin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\panixk.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\patch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavcl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PavFnSvr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavproxy.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavprsrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavsched.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavsrv51.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PC_Antispyware2010.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pccwin98.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pcfwallicon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pcip10117_0.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pcscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsAuxs.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsGui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsSvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsTray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pdfndr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pdsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PerAvir.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\periscope.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\persfw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\personalguard: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\personalguard.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\perswf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pf2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pfwadmin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pgmonitr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pingscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\platin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pop3trap.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\poproxy.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\popscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\portdetective.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\portmonitor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\powerscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ppinupdt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pptbc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ppvstop.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\prizesurfer.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\prmt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\prmvr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\procdump.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\processmonitor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\procexplorerv1.0.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\programauditor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\proport.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\protector.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\protectx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSANCU.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSANHost.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSANToManager.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PsCtrls.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PsImSvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PskSvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pspf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSUNMain.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\purge.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\qconsole.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\qh.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\qserver.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Quick Heal.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\QuickHealCleaner.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rapapp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rav7.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rav7win.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rav8win32eng.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rb32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rcsync.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\realmon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\reged.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\regedt32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rescue.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rescue32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rrguard.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rscdwld.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rshell.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rtvscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rtvscn95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rulaunch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rwg: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rwg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SafetyKeeper.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\safeweb.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sahagent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Save.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SaveArmor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SaveDefense.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SaveKeep.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\savenow.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sbserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scam32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scan32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scan95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scanpm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scrscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\seccenter.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Secure Veteran.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\secureveteran.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Security Center.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SecurityFighter.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\securitysoldier.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\serv95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\setloadorder.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\setup_flowprotector_us.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\setupvameeval.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sgssfw32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sh.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\shellspyinstall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\shield.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\shn.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\showbehind.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\signcheck.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smart.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smartprotector.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smrtdefp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sms.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smss32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\snetcfg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\soap.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sofi.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SoftSafeness.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sperm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sphinx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spoler.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spoolcv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spoolsv32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spywarexpguard.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spyxx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\srexe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\srng.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ss3edit.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ssg_4104.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ssgrate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\st2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\start.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\stcloader.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\supftrl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\support.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\supporter5.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svchostc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svchosts.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svshost.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sweep95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\symlcsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\symproxysvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\symtray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\system.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\system32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sysupd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tapinstall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\taskmgr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\taumon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tbscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tca.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tcm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tds2-98.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tds2-nt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tds-3.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\teekids.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tfak.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tfak5.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tgbob.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\titanin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\titaninxp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\TPSrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trickler.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trjscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trjsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trojantrap3.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\TrustWarrior.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tsadbot.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tsc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tvmd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tvtmd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\uiscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\undoboot.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\updat.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\upgrad.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\upgrepl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\utpost.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbcmserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbcons.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbust.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbwin9x.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbwinntw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vcsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vet32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vet95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vettray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vfsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vir-help.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\virusmdpersonalfirewall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\VisthAux.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\VisthLic.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\VisthUpd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vnlan300.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vnpc3000.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vpc32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vpc42.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vpfw30s.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vptray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vscan40.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vscenu6.02d30.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsched.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsecomr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vshwin32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsisetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsmain.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsmon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsstat.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vswin9xe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vswinntse.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vswinperse.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\w32dsm89.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\W3asbas.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\w9x.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\watchdog.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\webdav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\WebProxy.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\webscanx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\webtrap.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wfindv32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\whoswatchingme.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wimmun32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\win32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\win32us.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winactive.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\win-bugsfix.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\windll32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\window.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\windows Police Pro.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\windows.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wininetd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wininitx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winlogin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winmain.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winppr32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winrecon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winservn.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winss.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winssk32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winssnotify.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\WinSSUI.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winstart.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winstart001.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wintsk32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winupdate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wkufind.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wnad.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wradmin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wrctrl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wsbgate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wscfxas.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wscfxav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wscfxfw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wsctool.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wupdater.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wupdt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wyvernworksfirewall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\xp_antispyware.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\xpdeluxe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\xpf202en.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zapro.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zapsetup3001.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zatutor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zonalm2601.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zonealarm.exe: Debugger - svchost.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-08-28 23:29:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-12-05 10:51:40 | 000,000,055 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{1cf3b80b-953f-11de-b397-cb20f73bceba}\Shell\autoPlay\coMMand - "" = hwwn.exe O33 - MountPoints2\{1cf3b80b-953f-11de-b397-cb20f73bceba}\Shell\AutoRun\command - "" = hwwn.exe O33 - MountPoints2\{1cf3b80b-953f-11de-b397-cb20f73bceba}\Shell\eXpLORe\COmmANd - "" = hwwn.exe O33 - MountPoints2\{1cf3b80b-953f-11de-b397-cb20f73bceba}\Shell\opeN\ComMaND - "" = hwwn.exe O33 - MountPoints2\{84d7ca78-deb5-11de-b43a-00c026a8b26f}\Shell\AutoRun\command - "" = J:\mbdm.exe -- File not found O33 - MountPoints2\{84d7ca78-deb5-11de-b43a-00c026a8b26f}\Shell\open\Command - "" = J:\mbdm.exe -- File not found O33 - MountPoints2\{ebc50606-7eec-11df-b57a-001167ab0a67}\Shell - "" = AutoRun O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: nm - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) SafeBootNet: nm.sys - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-08-24 15:24:37 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Grzegorz\Pulpit\OTL.exe [2010-08-23 16:48:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Opera [2010-08-23 16:48:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Opera [2010-08-23 16:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2010-08-23 16:47:14 | 013,318,544 | ---- | C] (Opera Software ASA) -- C:\Documents and Settings\Grzegorz\Pulpit\Opera_1061_int_Setup.exe [2010-08-23 15:13:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\My Security Shield [2010-08-23 15:13:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MSCRDINS [2010-08-23 15:13:37 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\c918233 [2010-08-22 15:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\Simplestutils [2010-08-21 13:39:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Pulpit\wasiak [2010-08-20 23:41:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Pulpit\filmy p ptp [2010-08-17 01:36:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\ipla [2010-08-17 01:36:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-08-17 01:36:50 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2010-08-17 01:35:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Gadu-Gadu 10 [2010-08-17 01:35:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-08-17 01:35:16 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10 [2010-07-08 12:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Pulpit\donGORYLesko [2009-09-17 21:11:20 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lexlog.dll [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-08-24 15:24:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grzegorz\Pulpit\OTL.exe [2010-08-24 14:40:32 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-08-24 14:33:32 | 000,001,790 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\My Security Shield.lnk [2010-08-24 14:33:31 | 000,002,760 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-08-24 14:33:23 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-08-24 14:33:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-08-24 14:33:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-08-23 16:55:34 | 003,670,016 | ---- | M] () -- C:\Documents and Settings\Grzegorz\NTUSER.DAT [2010-08-23 16:55:34 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Grzegorz\ntuser.ini [2010-08-23 16:48:16 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-08-23 16:47:14 | 013,318,544 | ---- | M] (Opera Software ASA) -- C:\Documents and Settings\Grzegorz\Pulpit\Opera_1061_int_Setup.exe [2010-08-22 20:39:41 | 002,648,596 | -H-- | M] () -- C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-08-22 15:07:36 | 000,000,856 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\Google Video Grabber.lnk [2010-08-22 12:03:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-08-20 23:47:53 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-17 12:10:04 | 000,251,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-08-17 02:57:14 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-08-17 02:56:29 | 001,043,322 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-08-17 02:56:29 | 000,490,628 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-08-17 02:56:29 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-08-17 02:56:29 | 000,083,880 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-08-17 02:56:29 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-08-17 01:36:54 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-08-17 01:36:13 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\OpenFM.lnk [2010-08-17 01:36:13 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\Gadu-Gadu 10.lnk [2010-07-05 10:10:07 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\Microsoft Office Word 2003 (2).lnk [2010-07-04 22:03:43 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2010-06-26 11:49:56 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\Skrót do gta_sa.lnk [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-23 16:52:58 | 000,001,790 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\My Security Shield.lnk [2010-08-23 16:48:16 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-08-22 15:07:36 | 000,000,856 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\Google Video Grabber.lnk [2010-08-17 01:36:54 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-08-17 01:36:13 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\OpenFM.lnk [2010-08-17 01:36:13 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\Gadu-Gadu 10.lnk [2010-06-26 11:49:56 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\Skrót do gta_sa.lnk [2010-06-11 16:58:29 | 000,153,448 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-04-07 07:46:51 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-03-11 10:08:12 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2010-03-11 10:08:12 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2010-03-11 10:08:02 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Dane aplikacji\$_hpcst$.hpc [2010-02-01 11:08:49 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-01-18 18:00:54 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-01-17 23:12:50 | 000,000,083 | ---- | C] () -- C:\WINDOWS\WWP.INI [2009-12-07 01:43:07 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Game.INI [2009-11-06 11:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009-11-04 23:59:50 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini [2009-09-17 21:14:53 | 000,000,507 | ---- | C] () -- C:\WINDOWS\LMABB2DD.ini [2009-09-17 21:11:05 | 000,630,784 | ---- | C] () -- C:\WINDOWS\System32\LMabpmui.dll [2009-09-17 21:11:04 | 001,183,744 | ---- | C] () -- C:\WINDOWS\System32\LMabserv.dll [2009-09-17 21:11:04 | 001,134,592 | ---- | C] () -- C:\WINDOWS\System32\LMabusb1.dll [2009-09-17 21:11:04 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\LMabprox.dll [2009-09-17 21:11:04 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\LMabpplc.dll [2009-09-17 21:11:03 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\LMabip1.dll [2009-09-17 21:11:03 | 000,704,512 | ---- | C] () -- C:\WINDOWS\System32\LMabcomc.dll [2009-09-17 21:11:03 | 000,507,904 | ---- | C] () -- C:\WINDOWS\System32\LMabpar1.dll [2009-09-17 21:11:03 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\LMablmpm.dll [2009-09-17 21:11:03 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\LMabcomm.dll [2009-09-17 15:10:29 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-08-30 11:10:44 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2008-10-21 12:12:16 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2008-10-21 12:12:16 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008-10-21 12:12:16 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2008-10-21 12:12:16 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008-10-21 12:12:16 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2008-06-11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-06-11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-06-11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-06-11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-06-11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-06-11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-06-11 09:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-06-11 09:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-06-11 09:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-06-05 08:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-05-04 18:39:34 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\ViaClassCoInstaller.dll [2007-10-25 18:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [color=#E56717]========== LOP Check ==========[/color] [2010-04-07 22:50:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth [2010-08-23 16:45:31 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\c918233 [2009-09-17 15:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-01-22 11:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-08-17 01:35:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-08-17 01:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-08-23 15:13:57 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MSCRDINS [2010-03-11 13:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-03-11 10:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [2010-03-11 15:27:27 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\.# [2009-09-17 15:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\DAEMON Tools Lite [2010-08-17 01:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Gadu-Gadu 10 [2009-10-02 21:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\InterTrust [2010-08-24 14:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\ipla [2009-11-13 20:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Leadertech [2010-08-23 15:14:01 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\My Security Shield [2009-09-10 15:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Nowe Gadu-Gadu [2010-01-23 00:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\OpenFM [2010-08-23 16:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Opera [2010-03-11 10:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Samsung [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< safebootminital >[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-08-28 23:29:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-12-05 10:51:40 | 000,000,055 | RHS- | M] () -- C:\autorun.inf [2009-08-28 23:35:47 | 000,000,223 | RHS- | M] () -- C:\boot.ini [2006-03-02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009-08-28 23:29:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-08-29 01:05:21 | 000,000,010 | ---- | M] () -- C:\csb.log [2010-08-24 14:33:26 | 000,121,416 | ---- | M] () -- C:\errlgr.txt [2009-08-28 23:29:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-08-28 23:29:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006-03-02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010-01-23 12:16:06 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-08-24 14:33:17 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-15 00:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-15 00:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [2008-04-14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-15 00:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-15 00:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-15 00:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-15 00:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2008-04-14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 23:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [2008-04-14 23:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2008-04-14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 23:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe[/log]
adis15 komentarz 24 sierpnia 2010 komentarz 24 sierpnia 2010 (edytowane) Przeskanuj komputer Malwarebytes Anti-Malware i daj logi z usuwania
Tomek01 komentarz 24 sierpnia 2010 komentarz 24 sierpnia 2010 Odinstaluj Deamon Tools Toolbar, Ask Toolbar, Free Lunch Design Toolbar. Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL IE - HKU\S-1-5-21-1645522239-706699826-725345543-1004\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1645522239-706699826-725345543-1004\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com) FF - prefs.js..browser.search.defaultthis.engineName: "Free Lunch Design Customized Web Search" FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014 [2010-03-13 18:47:50 | 000,000,000 | ---D | M] (Free Lunch Design Toolbar) -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\jrbpq80l.default\extensions\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} [2010-03-13 18:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\jrbpq80l.default\extensions\DTToolbar@toolbarnet.com [2009-05-31 19:45:28 | 000,000,896 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\jrbpq80l.default\searchplugins\conduit.xml [2009-09-17 15:13:43 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\jrbpq80l.default\searchplugins\daemon-search.xml O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.) O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com) O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_6_2_0.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O3 - HKU\S-1-5-21-1645522239-706699826-725345543-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1645522239-706699826-725345543-1004\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1645522239-706699826-725345543-1004\..\Toolbar\WebBrowser: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_6_2_0.dll (Yahoo! Inc.) O4 - HKU\S-1-5-21-1645522239-706699826-725345543-1004..\Run: [cdoosoft] C:\DOCUME~1\Grzegorz\USTAWI~1\Temp\herss.exe File not found O4 - HKU\S-1-5-21-1645522239-706699826-725345543-1004..\Run: [My Security Shield] File not found O33 - MountPoints2\{1cf3b80b-953f-11de-b397-cb20f73bceba}\Shell\autoPlay\coMMand - "" = hwwn.exe O33 - MountPoints2\{1cf3b80b-953f-11de-b397-cb20f73bceba}\Shell\AutoRun\command - "" = hwwn.exe O33 - MountPoints2\{1cf3b80b-953f-11de-b397-cb20f73bceba}\Shell\eXpLORe\COmmANd - "" = hwwn.exe O33 - MountPoints2\{1cf3b80b-953f-11de-b397-cb20f73bceba}\Shell\opeN\ComMaND - "" = hwwn.exe O33 - MountPoints2\{84d7ca78-deb5-11de-b43a-00c026a8b26f}\Shell\AutoRun\command - "" = J:\mbdm.exe -- File not found O33 - MountPoints2\{84d7ca78-deb5-11de-b43a-00c026a8b26f}\Shell\open\Command - "" = J:\mbdm.exe -- File not found :Files C:\Documents and Settings\Grzegorz\Dane aplikacji\My Security Shield C:\Documents and Settings\All Users\Dane aplikacji\MSCRDINS C:\Documents and Settings\All Users\Dane aplikacji\c918233 C:\Documents and Settings\Grzegorz\Pulpit\My Security Shield.lnk C:\Documents and Settings\Grzegorz\Dane aplikacji\.# Services: My Security Shield :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzucasz log OTL z usuwania oraz nowe logi OTL i [color="#0000FF"][b][url="http://images.malwareremoval.com/random/RSIT.exe"]Random's System Information Tool[/url][/b][/color].
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.