swiatek94 utworzono 1 stycznia 2012 utworzono 1 stycznia 2012 (edytowane) Witam serdecznie, wczoraj otrzymałem od kumpla komputer, który powiedział mi, że strasznie wolno mu chodzi, a na starcie systemu pojawia się brak jakiegoś pliku dll. Prosiłbym o pomoc, dziękuje. [log]OTL logfile created on: 2012-01-01 21:14:00 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\jacec\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2,97 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 68,55% Memory free 5,93 Gb Paging File | 4,96 Gb Available in Paging File | 83,56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 101,47 Gb Total Space | 24,26 Gb Free Space | 23,91% Space Free | Partition Type: NTFS Drive D: | 271,14 Gb Total Space | 42,70 Gb Free Space | 15,75% Space Free | Partition Type: NTFS Computer Name: ONLYMINE | User Name: jacec | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-01-01 21:12:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\jacec\Desktop\OTL.exe PRC - [2011-11-21 05:42:37 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-11-21 05:42:37 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011-05-04 05:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2011-04-22 13:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2011-04-22 13:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011-02-09 17:26:34 | 000,203,776 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe PRC - [2010-11-20 13:17:58 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe PRC - [2010-11-20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2010-11-20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2010-11-20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-20 13:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-11-20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2010-11-20 13:17:30 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe PRC - [2010-11-20 13:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiexec.exe PRC - [2010-11-20 13:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2010-11-20 13:16:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010-09-29 02:33:40 | 000,249,856 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe PRC - [2010-09-29 02:33:34 | 000,228,352 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2009-12-08 14:51:52 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe PRC - [2009-08-18 01:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009-08-18 01:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009-07-14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 02:14:43 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2009-04-30 11:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe PRC - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-01-01 21:12:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\jacec\Desktop\OTL.exe MOD - [2012-01-01 20:47:54 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2011-12-06 05:04:54 | 000,076,800 | ---- | M] () -- C:\Users\jacec\AppData\Roaming\Mozilla\Firefox\Profiles\ozbth2gs.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCoreGecko8.dll MOD - [2011-11-21 05:42:37 | 015,793,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll MOD - [2011-11-21 05:42:37 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011-11-21 05:42:37 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe MOD - [2011-11-21 05:42:37 | 000,801,752 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll MOD - [2011-11-21 05:42:37 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcrt19.dll MOD - [2011-11-21 05:42:37 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcpp19.dll MOD - [2011-11-21 05:42:37 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll MOD - [2011-11-21 05:42:37 | 000,371,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll MOD - [2011-11-21 05:42:37 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll MOD - [2011-11-21 05:42:37 | 000,183,256 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll MOD - [2011-11-21 05:42:37 | 000,166,872 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll MOD - [2011-11-21 05:42:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll MOD - [2011-11-21 05:42:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll MOD - [2011-11-21 05:42:37 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll MOD - [2011-11-21 05:42:37 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll MOD - [2011-11-21 05:42:37 | 000,089,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll MOD - [2011-11-21 05:42:37 | 000,021,464 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll MOD - [2011-11-21 05:42:37 | 000,020,440 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll MOD - [2011-11-21 05:42:37 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll MOD - [2011-11-21 05:42:37 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe MOD - [2011-11-21 05:42:37 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll MOD - [2011-11-19 00:28:14 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll MOD - [2011-11-19 00:28:14 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll MOD - [2011-11-19 00:28:14 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll MOD - [2011-11-19 00:28:14 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll MOD - [2011-11-19 00:28:14 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll MOD - [2011-11-04 00:02:45 | 012,279,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll MOD - [2011-11-03 23:47:42 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll MOD - [2011-11-03 23:46:47 | 009,705,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2011-11-03 23:40:43 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2011-11-03 23:39:47 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll MOD - [2011-11-03 23:32:17 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2011-07-16 05:27:30 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2011-07-16 05:27:30 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2011-06-16 05:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2011-06-15 17:02:24 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2011-06-15 17:02:24 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011-04-22 13:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll MOD - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe MOD - [2011-02-19 07:30:51 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll MOD - [2011-02-19 07:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll MOD - [2011-01-17 06:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll MOD - [2010-11-20 13:24:36 | 001,288,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-11-20 13:21:40 | 002,414,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll MOD - [2010-11-20 13:21:40 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll MOD - [2010-11-20 13:21:39 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll MOD - [2010-11-20 13:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll MOD - [2010-11-20 13:21:39 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshbth.dll MOD - [2010-11-20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2010-11-20 13:21:38 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll MOD - [2010-11-20 13:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2010-11-20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll MOD - [2010-11-20 13:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2010-11-20 13:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2010-11-20 13:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll MOD - [2010-11-20 13:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll MOD - [2010-11-20 13:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll MOD - [2010-11-20 13:21:35 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll MOD - [2010-11-20 13:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll MOD - [2010-11-20 13:21:35 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webio.dll MOD - [2010-11-20 13:21:35 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll MOD - [2010-11-20 13:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2010-11-20 13:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-11-20 13:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2010-11-20 13:21:30 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll MOD - [2010-11-20 13:21:28 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll MOD - [2010-11-20 13:21:27 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll MOD - [2010-11-20 13:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll MOD - [2010-11-20 13:21:27 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll MOD - [2010-11-20 13:21:27 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll MOD - [2010-11-20 13:21:26 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll MOD - [2010-11-20 13:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2010-11-20 13:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll MOD - [2010-11-20 13:21:25 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll MOD - [2010-11-20 13:21:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Portable Devices\sqmapi.dll MOD - [2010-11-20 13:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2010-11-20 13:21:23 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll MOD - [2010-11-20 13:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-11-20 13:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-11-20 13:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-11-20 13:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2010-11-20 13:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2010-11-20 13:21:06 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFolder.dll MOD - [2010-11-20 13:21:04 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll MOD - [2010-11-20 13:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2010-11-20 13:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2010-11-20 13:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll MOD - [2010-11-20 13:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll MOD - [2010-11-20 13:21:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL MOD - [2010-11-20 13:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2010-11-20 13:20:57 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL MOD - [2010-11-20 13:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll MOD - [2010-11-20 13:20:56 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll MOD - [2010-11-20 13:20:55 | 001,750,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll MOD - [2010-11-20 13:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll MOD - [2010-11-20 13:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-11-20 13:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2010-11-20 13:20:46 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll MOD - [2010-11-20 13:20:46 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll MOD - [2010-11-20 13:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll MOD - [2010-11-20 13:20:29 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll MOD - [2010-11-20 13:20:29 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll MOD - [2010-11-20 13:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2010-11-20 13:20:27 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll MOD - [2010-11-20 13:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll MOD - [2010-11-20 13:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll MOD - [2010-11-20 13:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll MOD - [2010-11-20 13:19:55 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll MOD - [2010-11-20 13:19:54 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll MOD - [2010-11-20 13:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll MOD - [2010-11-20 13:19:47 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll MOD - [2010-11-20 13:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll MOD - [2010-11-20 13:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll MOD - [2010-11-20 13:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll MOD - [2010-11-20 13:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL MOD - [2010-11-20 13:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2010-11-20 13:19:21 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll MOD - [2010-11-20 13:19:21 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll MOD - [2010-11-20 13:19:10 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll MOD - [2010-11-20 13:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll MOD - [2010-11-20 13:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2010-11-20 13:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL MOD - [2010-11-20 13:19:03 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll MOD - [2010-11-20 13:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll MOD - [2010-11-20 13:18:38 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll MOD - [2010-11-20 13:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll MOD - [2010-11-20 13:18:36 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll MOD - [2010-11-20 13:18:35 | 001,371,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll MOD - [2010-11-20 13:18:35 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll MOD - [2010-11-20 13:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll MOD - [2010-11-20 13:18:26 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll MOD - [2010-11-20 13:18:25 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll MOD - [2010-11-20 13:18:25 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll MOD - [2010-11-20 13:18:25 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll MOD - [2010-11-20 13:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll MOD - [2010-11-20 13:18:25 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll MOD - [2010-11-20 13:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2010-11-20 13:18:25 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll MOD - [2010-11-20 13:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll MOD - [2010-11-20 13:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll MOD - [2010-11-20 13:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-20 13:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2010-11-20 13:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2010-11-20 13:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll MOD - [2010-11-20 13:18:06 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll MOD - [2010-11-20 13:18:05 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll MOD - [2010-11-20 13:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll MOD - [2010-11-20 13:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2010-11-20 13:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2010-11-20 13:18:01 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll MOD - [2010-11-20 13:18:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2010-11-20 13:17:58 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe MOD - [2010-11-20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe MOD - [2010-11-20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe MOD - [2010-11-20 13:16:50 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl MOD - [2010-11-20 13:16:50 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl MOD - [2010-11-20 13:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2010-11-20 13:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv MOD - [2010-11-20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-20 12:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll MOD - [2010-09-29 02:33:34 | 000,228,352 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe MOD - [2010-08-17 13:36:04 | 005,969,360 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2009-12-08 14:51:52 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe MOD - [2009-12-04 12:52:14 | 000,327,680 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\ModemWiz.dll MOD - [2009-11-24 16:31:32 | 000,549,888 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\NewUI.dll MOD - [2009-08-18 01:31:32 | 002,469,888 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009-07-14 02:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll MOD - [2009-07-14 02:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll MOD - [2009-07-14 02:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll MOD - [2009-07-14 02:16:20 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL MOD - [2009-07-14 02:16:19 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\wlsrvc.dll MOD - [2009-07-14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll MOD - [2009-07-14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll MOD - [2009-07-14 02:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll MOD - [2009-07-14 02:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-07-14 02:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 02:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 02:16:16 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll MOD - [2009-07-14 02:16:15 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapi32.dll MOD - [2009-07-14 02:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll MOD - [2009-07-14 02:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll MOD - [2009-07-14 02:16:13 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensorsApi.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 02:16:13 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sbdrop.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll MOD - [2009-07-14 02:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll MOD - [2009-07-14 02:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PeerDist.dll MOD - [2009-07-14 02:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2009-07-14 02:16:03 | 001,537,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll MOD - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll MOD - [2009-07-14 02:16:03 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 02:15:50 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll MOD - [2009-07-14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll MOD - [2009-07-14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll MOD - [2009-07-14 02:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 02:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-07-14 02:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpOAV.dll MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll MOD - [2009-07-14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\LocationApi.dll MOD - [2009-07-14 02:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll MOD - [2009-07-14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll MOD - [2009-07-14 02:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll MOD - [2009-07-14 02:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll MOD - [2009-07-14 02:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll MOD - [2009-07-14 02:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll MOD - [2009-07-14 02:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll MOD - [2009-07-14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll MOD - [2009-07-14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-07-14 02:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 02:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsrole.dll MOD - [2009-07-14 02:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drprov.dll MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll MOD - [2009-07-14 02:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll MOD - [2009-07-14 02:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll MOD - [2009-07-14 02:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll MOD - [2009-07-14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll MOD - [2009-07-14 02:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddrawex.dll MOD - [2009-07-14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll MOD - [2009-07-14 02:15:08 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll MOD - [2009-07-14 02:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davhlpr.dll MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll MOD - [2009-07-14 02:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 02:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll MOD - [2009-07-14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 02:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm MOD - [2009-07-14 02:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll MOD - [2009-07-14 02:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll MOD - [2009-06-24 09:32:20 | 000,262,144 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\bvrpctln.dll MOD - [2009-06-17 12:09:12 | 000,356,352 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\RasCnxMngr.dll MOD - [2009-06-17 09:28:04 | 000,317,440 | ---- | M] (BVRP Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\MExplorer.dll MOD - [2009-05-15 16:14:34 | 000,114,688 | ---- | M] (BVRP Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\WUNPACLN.dll MOD - [2009-04-02 14:57:42 | 000,278,528 | ---- | M] (BVRP Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\WFP1N.dll MOD - [2009-02-05 13:25:38 | 000,049,152 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\bvrpnac.dll MOD - [2008-12-05 15:05:56 | 000,073,728 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\Comm.dll MOD - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe MOD - [2007-09-02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll MOD - [2007-02-07 14:31:36 | 000,036,864 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\ModExch.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-01-01 20:47:34 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011-04-22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2011-02-09 17:26:34 | 000,203,776 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc) SRV - [2010-09-29 02:33:40 | 000,249,856 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe) SRV - [2009-08-18 01:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-04-30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | Disabled | Running] -- -- (epfwwfpr) DRV - File not found [Kernel | Disabled | Running] -- -- (ehdrv) DRV - [2011-02-09 17:26:36 | 000,208,896 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2011-02-09 17:26:36 | 000,106,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2011-02-09 17:26:36 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2011-02-09 17:26:36 | 000,072,832 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2011-02-09 17:26:36 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV - [2010-11-20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-11-19 14:06:48 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM) DRV - [2009-11-19 14:06:48 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS) DRV - [2009-11-19 14:06:46 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2009-11-19 14:06:46 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM) DRV - [2009-11-19 14:06:46 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM) DRV - [2009-11-19 14:06:46 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex) DRV - [2009-11-19 14:06:46 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2009-08-18 02:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009-07-13 23:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009-07-13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel® DRV - [2009-03-25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm) DRV - [2009-03-25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) DRV - [2009-03-25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) DRV - [2009-03-25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex) DRV - [2009-03-25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM) DRV - [2009-03-25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) DRV - [2009-03-25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2008-05-06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2007-08-03 04:36:10 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://search.conduit.com?SearchSource=10&ctid=CT2475029"]http://search.condui...&ctid=CT2475029[/url] IE - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 21 E6 43 9E 65 95 CA 01 [binary data] IE - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found IE - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.onet.pl" FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2 FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=UT2V5&o=15158&locale=en_US&apn_uid=9813BD7E-E1C6-4F52-ACF8-81AD1F7ED754&apn_ptnrs=UG&apn_sauid=C90B561E-B532-4040-80FE-F2717B161233&apn_dtid=YYYYYYYYSE&q=" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-11-30 09:33:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-12-22 08:44:00 | 000,000,000 | ---D | M] [2011-04-11 20:11:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jacec\AppData\Roaming\mozilla\Extensions [2011-04-11 20:11:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jacec\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012-01-01 18:04:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions [2011-06-11 22:11:46 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-12-07 07:19:39 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} [2011-12-31 17:55:40 | 000,002,402 | ---- | M] () -- C:\Users\jacec\AppData\Roaming\Mozilla\Firefox\Profiles\ozbth2gs.default\searchplugins\askcom.xml [2010-12-15 15:12:32 | 000,000,923 | ---- | M] () -- C:\Users\jacec\AppData\Roaming\Mozilla\Firefox\Profiles\ozbth2gs.default\searchplugins\conduit.xml [2011-11-30 09:33:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-11-21 05:42:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010-08-14 01:32:47 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-11-21 02:31:40 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-11-21 02:31:40 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-11-21 02:31:40 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-11-21 02:31:40 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-11-21 02:31:40 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-11-21 02:31:40 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-10-05 09:18:44 | 000,002,080 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 217.23.4.166 google.com O1 - Hosts: 217.23.4.166 google.com.au O1 - Hosts: 217.23.4.166 www.google.com.au O1 - Hosts: 217.23.4.166 google.be O1 - Hosts: 217.23.4.166 www.google.be O1 - Hosts: 217.23.4.166 google.com.br O1 - Hosts: 217.23.4.166 www.google.com.br O1 - Hosts: 217.23.4.166 google.ca O1 - Hosts: 217.23.4.166 www.google.ca O1 - Hosts: 217.23.4.166 google.ch O1 - Hosts: 217.23.4.166 www.google.ch O1 - Hosts: 217.23.4.166 google.de O1 - Hosts: 217.23.4.166 www.google.de O1 - Hosts: 217.23.4.166 google.dk O1 - Hosts: 217.23.4.166 www.google.dk O1 - Hosts: 217.23.4.166 google.fr O1 - Hosts: 217.23.4.166 www.google.fr O1 - Hosts: 217.23.4.166 google.ie O1 - Hosts: 217.23.4.166 www.google.ie O1 - Hosts: 217.23.4.166 google.it O1 - Hosts: 217.23.4.166 www.google.it O1 - Hosts: 217.23.4.166 google.co.jp O1 - Hosts: 217.23.4.166 www.google.co.jp O1 - Hosts: 217.23.4.166 google.nl O1 - Hosts: 217.23.4.166 www.google.nl O1 - Hosts: 22 more lines... O3 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\..\Toolbar\WebBrowser: (no name) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No CLSID value found. O3 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [JCFSE7V7Z1] C:\Users\jacec\AppData\Local\Temp\Pjh.exe File not found O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [Metropolis] rundll32.exe C:\Windows\system32\sshnas21.dll,GetHandle File not found O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [Mobile Partner] C:\Program Files\Mobile Partner\Mobile Partner.exe () O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [Smart Security] "C:\ProgramData\73bc1f\SM73b_231.exe" /s /d File not found O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB) O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2 O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1 O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 0 = msseces.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = MSASCui.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 2 = ekrn.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 3 = egui.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 4 = avgnt.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 5 = avcenter.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 6 = avscan.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 7 = avgfrw.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 8 = avgui.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 9 = avgtray.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 10 = avgscanx.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 11 = avgcfgex.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 12 = avgemc.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 13 = avgchsvx.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 14 = avgcmgr.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 15 = avgwdsvc.exe O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.1.13 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B3B45B6-0391-490C-AC97-43CC218062C1}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74A74C83-4DE6-477B-A1CD-D62C7D0FC04F}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{854D390F-C082-4532-AF8E-BAF7DEE3F948}: DhcpNameServer = 172.22.1.13 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{914CD710-D399-492E-9B0E-A0C8867069BC}: DhcpNameServer = 83.255.245.11 193.150.193.150 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2140604-F271-4019-865D-E623A344362D}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3F5FA7B-A4B8-486C-ADA8-9998579E0232}: NameServer = 80.251.201.177 80.251.201.178 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O27 - HKLM IFEO\_avp32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\_avpcc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\_avpm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\~1.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\~2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\a.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aAvgApi.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AAWTray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\About.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ackwin32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\adaware.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Ad-Aware.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\advxdwin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AdwarePrj.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\agent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\agentsvr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\agentw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\alertsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\alevir.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\alogserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AlphaAV: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AlphaAV.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AluSchedulerSvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\amon9x.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntispywarXP2009.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\anti-trojan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Anti-Virus Professional.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\antivirus.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntiVirus_Pro.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusPlus: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusPlus.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusPro_2010.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusXP: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusXP.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\antivirusxppro2009.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ants.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\apimonitor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aplica32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\apvxdwin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\arr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Arrakis3.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashAvast.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashBug.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashChest.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashCnsnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashDisp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashLogV.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashMaiSv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashPopWz.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashQuick.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashServ.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSimp2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSimpl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSkPcc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSkPck.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashUpd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashWebSv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswChLic.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswRegSvr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswRunDll.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswUpdSv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atcon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atguard.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atro55en.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atupdater.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atwatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\au.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aupdate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\autodown.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\auto-protect.nav80try.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\autotrace.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\autoupdate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\av360.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avadmin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AVCare.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avcenter.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avciman.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avconfig.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avconsol.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ave32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AVENGINE.EXE: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgcc32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgchk.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgcmgr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgcsrvx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgctrl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgdumpx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgemc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgiproxy.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgnsx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgrsx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgscanx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgserv9.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgsrmax.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgtray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgupd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgwdsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkpop.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkservice.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkwctl9.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avltmain.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avmailc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avmcdlg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avnotify.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avp32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpcc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpdos32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avptc32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpupd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avsched32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avsynmgr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avupgsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AVWEBGRD.EXE: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwin95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwinnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwsc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwupd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwupd32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwupsrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avxmonitor9x.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avxmonitornt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avxquar.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\b.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\backweb.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bargains.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bd_professional.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdagent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdfvcl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdfvwiz.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\BDInProcPatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdmcon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\BDMsnScan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdreinit.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdsubwiz.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\BDSurvey.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdtkexec.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdwizreg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\beagle.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\belt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bidef.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bidserver.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bipcp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bipcpevalsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bisp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blackd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blackice.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blink.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blss.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bootconf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bootwarn.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\borg2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bpc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\brasil.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\brastk.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\brw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bs120.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bspatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bundle.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bvt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\c.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cavscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccapp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccevtmgr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccpxysvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccSvcHst.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cdp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfgwiz.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfiadmin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfiaudit.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfinet.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfinet32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfpconfg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfplogvw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfpupdat.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Cl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\claw95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\claw95cf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\clean.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleaner.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleaner3.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleanIELow.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleanpc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\click.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmd32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmdagent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmesys.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmgrdian.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmon016.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\connectionmonitor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\control: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cpd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cpf9x206.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cpfnt206.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\crashrep.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\csc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cssconfg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cssupdat.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cssurf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ctrl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cwnb181.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cwntdwmo.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\d.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\datemanager.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dcomx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\defalert.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\defscangui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\defwatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\deloeminfs.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\deputy.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\divx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dllcache.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dllreg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\doors.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dop.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dpf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dpfsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dpps2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\driverctrl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\drwatson.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\drweb32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\drwebupw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dssagent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dvp95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dvp95_0.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ecengine.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\efpeadm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\egui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ekrn.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\emsw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\esafe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\escanhnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\escanv95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\espwatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ethereal.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\etrustcipe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\evpn.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\exantivirus-cnet.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\exe.avxw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\expert.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\explore.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fact.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-agnt95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fameh32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fast.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fch32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fih32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\findviru.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\firewall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fixcfg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fixfp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fnrb32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fprot.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-prot.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-prot95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fp-win.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fp-win_trial.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\frmwrk32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\frw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsaa.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav530stbyb.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav530wtbyb.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsgk32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsm32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsma32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsmb32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-stopw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gator.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gbmenu.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gbn976rl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gbpoll.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\generics.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gmt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\guard.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\guarddog.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\guardgui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hacktracersetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hbinst.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hbsrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\History.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\homeav2010.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hotactio.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hotpatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\htlog.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\htpatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hwpe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hxdl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hxiul.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iamapp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iamserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iamstats.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ibmasn.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ibmavsp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icload95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icloadnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icmon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icsupp95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icsuppnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Identity.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\idle.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iedll.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iedriver.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\IEShow.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iface.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ifw2000.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\inetlnfo.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\infus.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\infwin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\init.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\init32.exe : Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[1].exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[2].exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[3].exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[4].exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[5].exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\intdel.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\intren.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iomon98.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\istsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\jammer.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\jdbgmrg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\jedi.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\JsRcGen.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kavlite40eng.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kavpers40eng.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kavpf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kazza.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\keenvalue.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kerio-pf-213-en-win.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kerio-wrl-421-en-win.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kerio-wrp-421-en-win.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\killprocesssetup161.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldnetmon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldpro.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldpromenu.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\licmgr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\livesrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lnetinfo.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\loader.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\localnet.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lockdown.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lockdown2000.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lookout.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lordpe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luau.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lucomserver.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luinit.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luspt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\MalwareRemoval.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mapisvc32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcagent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcmnhdlr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcmscsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcnasvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcproxy.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\McSACore.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcshell.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcshield.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcsysmon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mctool.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcupdate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcvsrte.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcvsshld.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\md.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mfin32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mfw2en.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mfweng3.02d30.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mgavrtcl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mgavrte.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mghtml.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mgui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\minilog.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mmod.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\monitor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\moolive.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mostat.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mpfagent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mpfservice.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\MPFSrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mpftray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mrflux.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mrt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msa.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msapp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\MSASCui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msbb.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msblast.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mscache.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msccn32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mscman.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msconfig: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msdm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msdos.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msiexec16.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mslaugh.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msmgt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msmsgri32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msseces.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mssmmc32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mssys.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msvxd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mu0311ad.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mwatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\n32scanw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navap.navapsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navapsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navapw32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navdx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navlu32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navstub.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navw32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navwnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nc2000.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ncinst4.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ndd32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\neomonitor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\neowatchlog.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netarmor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netd32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netinfo.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netmon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netscanpro.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netspyhunter-1.2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netutils.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nisserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nisum.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nmain.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nod32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\normist.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\norton_internet_secu_3.0_407.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\notstart.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npf40_tw_98_nt_me_2k.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npfmessenger.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nprotect.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npscheck.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npssvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nsched32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nssys32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nstask32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nsupdate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ntrtscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ntvdm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ntxconfig.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nupgrade.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nvarch16.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nvc95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nvsvc32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nwinst4.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nwservice.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nwtool16.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OAcat.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OAhlp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OAReg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\oasrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\oaui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\oaview.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ODSW.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ollydbg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\onsrvr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\optimize.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ostronet.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\otfix.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\outpost.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\outpostinstall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\outpostproinstall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ozn695m5.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\padmin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\panixk.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\patch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavcl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PavFnSvr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavproxy.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavprsrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavsched.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavsrv51.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PC_Antispyware2010.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pccwin98.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pcfwallicon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pcip10117_0.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pcscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsAuxs.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsGui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsSvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsTray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pdfndr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pdsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PerAvir.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\periscope.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\persfw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\personalguard: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\personalguard.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\perswf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pf2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pfwadmin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pgmonitr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pingscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\platin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pop3trap.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\poproxy.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\popscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\portdetective.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\portmonitor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\powerscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ppinupdt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pptbc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ppvstop.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\prizesurfer.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\prmt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\prmvr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\procdump.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\processmonitor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\procexplorerv1.0.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\programauditor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\proport.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\protector.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\protectx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSANCU.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSANHost.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSANToManager.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PsCtrls.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PsImSvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PskSvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pspf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSUNMain.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\purge.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\qconsole.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\qh.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\qserver.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Quick Heal.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\QuickHealCleaner.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rapapp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rav7.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rav7win.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rav8win32eng.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rb32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rcsync.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\realmon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\reged.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\regedt32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rescue.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rescue32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rrguard.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rscdwld.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rshell.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rtvscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rtvscn95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rulaunch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rwg: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rwg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SafetyKeeper.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\safeweb.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sahagent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Save.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SaveArmor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SaveDefense.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SaveKeep.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\savenow.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sbserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scam32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scan32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scan95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scanpm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scrscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\seccenter.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Secure Veteran.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\secureveteran.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Security Center.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SecurityFighter.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\securitysoldier.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\serv95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\setloadorder.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\setup_flowprotector_us.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\setupvameeval.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sgssfw32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sh.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\shellspyinstall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\shield.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\shn.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\showbehind.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\signcheck.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smart.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smartprotector.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smrtdefp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sms.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smss32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\snetcfg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\soap.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sofi.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SoftSafeness.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sperm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sphinx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spoler.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spoolcv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spoolsv32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spywarexpguard.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spyxx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\srexe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\srng.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ss3edit.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ssg_4104.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ssgrate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\st2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\start.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\stcloader.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\supftrl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\support.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\supporter5.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svchostc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svchosts.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svshost.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sweep95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\symlcsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\symproxysvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\symtray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\system.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\system32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sysupd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tapinstall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\taumon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tbscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tca.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tcm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tds2-98.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tds2-nt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tds-3.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\teekids.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tfak.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tfak5.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tgbob.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\titanin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\titaninxp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\TPSrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trickler.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trjscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trjsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trojantrap3.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\TrustWarrior.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tsadbot.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tsc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tvmd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tvtmd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\uiscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\undoboot.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\updat.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\upgrad.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\upgrepl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\utpost.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbcmserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbcons.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbust.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbwin9x.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbwinntw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vcsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vet32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vet95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vettray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vfsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vir-help.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\virusmdpersonalfirewall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\VisthAux.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\VisthLic.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\VisthUpd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vnlan300.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vnpc3000.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vpc32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vpc42.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vpfw30s.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vptray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vscan40.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vscenu6.02d30.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsched.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsecomr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vshwin32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsisetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsmain.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsmon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsstat.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vswin9xe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vswinntse.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vswinperse.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\w32dsm89.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\W3asbas.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\w9x.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\watchdog.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\webdav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\WebProxy.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\webscanx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\webtrap.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wfindv32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\whoswatchingme.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wimmun32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\win32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\win32us.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winactive.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\win-bugsfix.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\windll32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\window.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\windows Police Pro.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\windows.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wininetd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wininitx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winlogin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winmain.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winppr32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winrecon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winservn.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winssk32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winstart.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winstart001.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wintsk32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winupdate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wkufind.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wnad.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wradmin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wrctrl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wsbgate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wscfxas.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wscfxav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wscfxfw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wsctool.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wupdater.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wupdt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wyvernworksfirewall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\xp_antispyware.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\xpdeluxe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\xpf202en.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zapro.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zapsetup3001.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zatutor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zonalm2601.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zonealarm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{22ae3d62-2bc9-11e0-86a6-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{22ae3d62-2bc9-11e0-86a6-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2a39ab88-a9c8-11df-ae52-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{2a39ab88-a9c8-11df-ae52-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2a39ab98-a9c8-11df-ae52-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{2a39ab98-a9c8-11df-ae52-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2ec4b55d-d61a-11e0-9c09-8d3c7fbb2f92}\Shell - "" = AutoRun O33 - MountPoints2\{2ec4b55d-d61a-11e0-9c09-8d3c7fbb2f92}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{488f11bc-a20e-11e0-a3b8-8555dca48493}\Shell - "" = AutoRun O33 - MountPoints2\{488f11bc-a20e-11e0-a3b8-8555dca48493}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{4fd2e168-45bb-11e0-8910-fc218274819a}\Shell - "" = AutoRun O33 - MountPoints2\{4fd2e168-45bb-11e0-8910-fc218274819a}\Shell\AutoRun\command - "" = I:\Startme.exe O33 - MountPoints2\{5f3371f9-f9b3-11e0-91e5-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{5f3371f9-f9b3-11e0-91e5-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{5f850b90-3b61-11e0-8d25-001dbaad9030}\Shell - "" = AutoRun O33 - MountPoints2\{5f850b90-3b61-11e0-8d25-001dbaad9030}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{6d89b563-80a4-11e0-9b4f-9e27d4cbe2a7}\Shell - "" = AutoRun O33 - MountPoints2\{6d89b563-80a4-11e0-9b4f-9e27d4cbe2a7}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{85eea45d-2b0f-11e0-bec9-001dbaad9030}\Shell - "" = AutoRun O33 - MountPoints2\{85eea45d-2b0f-11e0-bec9-001dbaad9030}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{ad0c364a-0159-11df-a922-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{ad0c364a-0159-11df-a922-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{ad0c3681-0159-11df-a922-001dbaad9030}\Shell - "" = AutoRun O33 - MountPoints2\{ad0c3681-0159-11df-a922-001dbaad9030}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c30f6daf-3305-11e0-8832-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{c30f6daf-3305-11e0-8832-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c30f6dbb-3305-11e0-8832-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{c30f6dbb-3305-11e0-8832-00214fbc7df6}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{f0bbaeeb-2ad4-11e0-8758-001dbaad9030}\Shell - "" = AutoRun O33 - MountPoints2\{f0bbaeeb-2ad4-11e0-8758-001dbaad9030}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f0bbaef9-2ad4-11e0-8758-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{f0bbaef9-2ad4-11e0-8758-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f7f761db-a965-11df-aaa9-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{f7f761db-a965-11df-aaa9-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f7f761f6-a965-11df-aaa9-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{f7f761f6-a965-11df-aaa9-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]avast[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-01-01 21:12:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\jacec\Desktop\OTL.exe [2012-01-01 20:47:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat [2012-01-01 20:40:54 | 000,000,000 | ---D | C] -- C:\Users\jacec\Desktop\Remove WAT 2.2.6.0 [2012-01-01 20:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-01-01 18:25:34 | 000,000,000 | ---D | C] -- C:\Users\jacec\Desktop\ESET.NOD32.Antivirus.4.0.474.0 [2011-12-27 02:33:55 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Roaming\vlc [2011-12-26 20:56:45 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Local\Apple Computer [2011-12-26 20:56:19 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Roaming\Apple Computer [2011-12-22 08:45:00 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Local\Sony Ericsson [2011-12-02 22:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2011-12-02 22:23:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011-12-02 21:31:15 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011-12-02 21:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011-03-03 19:27:34 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe5FDC.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-01-01 21:12:42 | 000,781,383 | ---- | M] () -- C:\Users\jacec\Desktop\RSIT.exe [2012-01-01 21:12:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\jacec\Desktop\OTL.exe [2012-01-01 20:49:46 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-01-01 20:49:46 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-01-01 20:49:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-01-01 20:49:12 | 2389,995,520 | -HS- | M] () -- C:\hiberfil.sys [2012-01-01 20:28:36 | 012,118,573 | ---- | M] () -- C:\Users\jacec\Desktop\Remove WAT 2.2.6.0.rar [2012-01-01 19:16:29 | 000,697,896 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-01-01 19:16:29 | 000,625,738 | ---- | M] () -- C:\Windows\System32\perfh01D.dat [2012-01-01 19:16:29 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-01-01 19:16:29 | 000,134,974 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-01-01 19:16:29 | 000,123,874 | ---- | M] () -- C:\Windows\System32\perfc01D.dat [2012-01-01 19:16:29 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-01-01 18:23:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2011-12-27 02:33:47 | 000,000,610 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011-12-22 08:44:53 | 000,002,176 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk [2011-12-22 08:44:01 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011-12-20 20:14:36 | 000,115,200 | ---- | M] () -- C:\Users\jacec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-12-17 19:09:40 | 000,289,576 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-12-02 21:30:14 | 001,525,928 | ---- | M] () -- C:\Users\jacec\Desktop\wrar401pl.exe [2011-11-30 09:33:05 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011-11-30 02:57:25 | 000,000,104 | ---- | M] () -- C:\Users\jacec\Documents\Playlista.m3u [2011-11-28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011-11-19 02:37:36 | 000,001,381 | ---- | M] () -- C:\Users\jacec\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011-11-19 00:28:14 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-01-01 21:12:38 | 000,781,383 | ---- | C] () -- C:\Users\jacec\Desktop\RSIT.exe [2012-01-01 20:40:46 | 012,118,573 | ---- | C] () -- C:\Users\jacec\Desktop\Remove WAT 2.2.6.0.rar [2011-12-22 08:44:53 | 000,002,176 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk [2011-12-02 21:30:08 | 001,525,928 | ---- | C] () -- C:\Users\jacec\Desktop\wrar401pl.exe [2011-11-30 09:33:05 | 000,001,074 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011-11-30 09:33:05 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011-11-30 02:57:25 | 000,000,104 | ---- | C] () -- C:\Users\jacec\Documents\Playlista.m3u [2011-11-19 02:37:36 | 000,001,387 | ---- | C] () -- C:\Users\jacec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011-11-19 00:28:14 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-09-12 10:49:13 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-09-12 10:47:22 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2010-08-22 10:16:25 | 000,033,134 | ---- | C] () -- C:\Users\jacec\AppData\Roaming\UserTile.png [2010-08-18 06:24:01 | 000,115,200 | ---- | C] () -- C:\Users\jacec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-17 19:37:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-08-17 09:06:48 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-08-14 02:24:52 | 000,697,896 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2010-08-14 02:24:52 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2010-08-14 02:24:52 | 000,134,974 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2010-08-14 02:24:52 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2010-08-14 02:03:24 | 000,625,738 | ---- | C] () -- C:\Windows\System32\perfh01D.dat [2010-08-14 02:03:24 | 000,294,764 | ---- | C] () -- C:\Windows\System32\perfi01D.dat [2010-08-14 02:03:24 | 000,123,874 | ---- | C] () -- C:\Windows\System32\perfc01D.dat [2010-08-14 02:03:24 | 000,037,052 | ---- | C] () -- C:\Windows\System32\perfd01D.dat [2010-07-26 09:13:40 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-06-23 11:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-06-23 11:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010-01-14 22:03:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009-08-16 09:08:36 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009-07-14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 05:33:53 | 000,289,576 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009-07-14 03:05:48 | 000,624,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009-07-14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009-07-14 03:05:48 | 000,106,522 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009-07-14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009-07-14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009-07-14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009-07-14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009-06-18 18:29:04 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2007-02-05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [color=#E56717]========== LOP Check ==========[/color] [2010-08-17 08:31:01 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Ashampoo [2010-08-17 09:01:24 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\OpenOffice.org [2010-10-05 08:47:53 | 000,000,000 | -HSD | M] -- C:\Users\jacec\AppData\Roaming\Smart Security [2011-03-03 19:28:39 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Sony [2011-03-03 19:17:12 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Sony Setup [2011-04-11 20:11:49 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\TomTom [2010-08-17 08:23:55 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Uniblue [2011-06-18 17:39:47 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\uTorrent [2010-08-14 01:56:18 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Win7codecs [2011-12-14 21:11:24 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010-11-20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2010-01-14 22:00:08 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2009-06-10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2012-01-01 20:49:12 | 2389,995,520 | -HS- | M] () -- C:\hiberfil.sys [2012-01-01 20:49:15 | 3186,663,424 | -HS- | M] () -- C:\pagefile.sys [2010-01-14 22:12:50 | 000,171,136 | RHS- | M] () -- C:\w7ldr [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009-07-14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [2010-11-20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010-11-20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010-11-20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [2010-11-20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010-11-20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-10-28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009-10-28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010-11-20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010-11-20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009-07-14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:D1B5B4F1 < End of report > [/log] [log]OTL Extras logfile created on: 2012-01-01 21:14:00 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\jacec\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2,97 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 68,55% Memory free 5,93 Gb Paging File | 4,96 Gb Available in Paging File | 83,56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 101,47 Gb Total Space | 24,26 Gb Free Space | 23,91% Space Free | Partition Type: NTFS Drive D: | 271,14 Gb Total Space | 42,70 Gb Free Space | 15,75% Space Free | Partition Type: NTFS Computer Name: ONLYMINE | User Name: jacec | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "D:\programy\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "D:\programy\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 21 "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime "{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{8727531E-6C58-4852-A90B-39CF45E269A9}" = OpenOffice.org 3.2 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.7 - Polish "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader "{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5 "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.13 "{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ares" = Ares 2.1.6 "CCleaner" = CCleaner "KLiteCodecPack_is1" = K-Lite Codec Pack 6.4.0 (Full) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mobile Partner" = Mobile Partner "Mozilla Firefox 8.0.1 (x86 pl)" = Mozilla Firefox 8.0.1 (x86 pl) "RocketDock_is1" = RocketDock 1.3.5 "TomTom HOME" = TomTom HOME 2.8.2.2264 "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.4 "WinRAR archiver" = WinRAR 4.01 (32-bitowy) [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-11-13 14:00:03 | Computer Name = onlymine | Source = Windows Backup | ID = 4103 Description = Error - 2011-11-14 19:51:02 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc suite\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-14 19:51:09 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-17 02:00:53 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc suite\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-17 02:01:02 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-18 22:46:37 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc suite\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-18 22:46:44 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-20 14:00:02 | Computer Name = onlymine | Source = Windows Backup | ID = 4103 Description = Error - 2011-11-21 06:40:16 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc suite\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-21 06:40:24 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. [ System Events ] Error - 2010-12-02 09:51:39 | Computer Name = onlymine | Source = bowser | ID = 8003 Description = Error - 2010-12-02 10:54:21 | Computer Name = onlymine | Source = DCOM | ID = 10001 Description = Error - 2010-12-02 20:08:09 | Computer Name = onlymine | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2010-12-02 20:08:09 | Computer Name = onlymine | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2010-12-02 20:24:22 | Computer Name = onlymine | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2010-12-02 20:24:22 | Computer Name = onlymine | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2010-12-03 04:52:03 | Computer Name = onlymine | Source = DCOM | ID = 10001 Description = Error - 2010-12-03 15:29:55 | Computer Name = onlymine | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2010-12-03 15:29:55 | Computer Name = onlymine | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2010-12-03 23:19:14 | Computer Name = onlymine | Source = DCOM | ID = 10001 Description = < End of report > [/log] [log]Logfile of random's system information tool 1.09 (written by random/random) Run by jacec at 2012-01-01 21:31:52 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 25 GB (24%) free of 104 GB Total RAM: 3039 MB (65% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:32:12, on 2012-01-01 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\jacec\Desktop\OTL.exe C:\Users\jacec\Desktop\RSIT.exe C:\Program Files\trend micro\jacec.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://search.conduit.com?SearchSource=10&ctid=CT2475029"]http://search.condui...&ctid=CT2475029[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Metropolis] rundll32.exe C:\Windows\system32\sshnas21.dll,GetHandle O4 - HKCU\..\Run: [JCFSE7V7Z1] C:\Users\jacec\AppData\Local\Temp\Pjh.exe O4 - HKCU\..\Run: [Smart Security] "C:\ProgramData\73bc1f\SM73b_231.exe" /s /d O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files\Mobile Partner\Mobile Partner.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] O17 - HKLM\System\CCS\Services\Tcpip\..\{6B3B45B6-0391-490C-AC97-43CC218062C1}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\..\{74A74C83-4DE6-477B-A1CD-D62C7D0FC04F}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\..\{C2140604-F271-4019-865D-E623A344362D}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\..\{F3F5FA7B-A4B8-486C-ADA8-9998579E0232}: NameServer = 80.251.201.177 80.251.201.178 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files\Mobile Partner\UpdateDog\ouc.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 4928 bytes =========Mozilla firefox========= ProfilePath - C:\Users\jacec\AppData\Roaming\Mozilla\Firefox\Profiles\ozbth2gs.default prefs.js - "browser.search.suggest.enabled" - false prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "www.onet.pl" prefs.js - "extensions.enabledItems" - "{3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20101113Wb1, engine@conduit.com:3.2.5.2, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16" prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?client=ff&src=kw&tb=UT2V5&o=15158&locale=en_US&apn_uid=9813BD7E-E1C6-4F52-ACF8-81AD1F7ED754&apn_ptnrs=UG&apn_sauid=C90B561E-B532-4040-80FE-F2717B161233&apn_dtid=YYYYYYYYSE&q=" "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 10.1 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0] "Description"= "Path"=c:\Program Files\Sony\Media Go\npmediago.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll nsIQTScriptablePlugin.xpt C:\Program Files\Mozilla Firefox\plugins\ npdeployJava1.dll nppdf32.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll QuickTimePlugin.class WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Program Files\Mozilla Firefox\searchplugins\ allegro-pl.xml fbc-pl.xml google.xml merlin-pl.xml pwn-pl.xml wikipedia-pl.xml wp-pl.xml C:\Users\jacec\AppData\Roaming\Mozilla\Firefox\Profiles\ozbth2gs.default\extensions\ {3112ca9c-de6d-4884-a869-9855de68056c} {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} C:\Users\jacec\AppData\Roaming\Mozilla\Firefox\Profiles\ozbth2gs.default\searchplugins\ askcom.xml conduit.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-14 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016] "Metropolis"=C:\Windows\system32\sshnas21.dll,GetHandle [] "JCFSE7V7Z1"=C:\Users\jacec\AppData\Local\Temp\Pjh.exe [] "Smart Security"=C:\ProgramData\73bc1f\SM73b_231.exe /s /d [] "Sony Ericsson PC Companion"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2009-12-08 774144] "Mobile Partner"=C:\Program Files\Mobile Partner\Mobile Partner.exe [2011-02-09 514048] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2011-04-22 247728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast] C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=2 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "DisallowRun"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\a.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aAvgApi.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\About.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ackwin32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ad-Aware.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adaware.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\advxdwin.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AdwarePrj.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agent.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentsvr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alertsvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alevir.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alogserv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AluSchedulerSvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\amon9x.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\anti-trojan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Anti-Virus Professional.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntispywarXP2009.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirus.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusPlus] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusPlus.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusPro_2010.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusXP] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusXP.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusxppro2009.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntiVirus_Pro.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ants.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apimonitor.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aplica32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apvxdwin.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\arr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Arrakis3.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashAvast.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashBug.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashChest.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashCnsnt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashLogV.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashMaiSv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashPopWz.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashQuick.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashServ.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSimp2.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSimpl.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSkPcc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSkPck.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashUpd.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashWebSv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswChLic.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswRegSvr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswRunDll.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswUpdSv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atcon.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atguard.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atro55en.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atupdater.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atwatch.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\au.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aupdate.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\auto-protect.nav80try.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autodown.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autotrace.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoupdate.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\av360.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avadmin.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avciman.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ave32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcc32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgchk.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcmgr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcsrvx.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgctrl.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgdumpx.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgemc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgiproxy.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnsx.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrsx.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgscanx.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv9.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgsrmax.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgtray.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgupd.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgwdsvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkpop.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkserv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkservice.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkwctl9.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avltmain.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avmailc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avmcdlg.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avnotify.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avnt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpcc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpdos32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpm.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avptc32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpupd.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avsched32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avsynmgr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avupgsvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWEBGRD.EXE] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwin.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwin95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwinnt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwsc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupsrv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitor9x.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitornt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxquar.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\b.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backweb.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bargains.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdagent.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdfvcl.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdfvwiz.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BDInProcPatch.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdmcon.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BDMsnScan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdreinit.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdsubwiz.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BDSurvey.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdtkexec.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdwizreg.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bd_professional.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\beagle.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\belt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bidef.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bidserver.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bipcp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bipcpevalsetup.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bisp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blackd.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blackice.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blink.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blss.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bootconf.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bootwarn.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\borg2.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brasil.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brastk.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bs120.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bspatch.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundle.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bvt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\c.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cavscan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccapp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccevtmgr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccpxysvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cdp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfd.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfgwiz.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfiadmin.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfiaudit.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfinet.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfinet32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfpconfg.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfplogvw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfpupdat.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Cl.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\claw95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\claw95cf.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\clean.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cleaner.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cleaner3.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cleanIELow.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cleanpc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\click.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmdagent.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmesys.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmgrdian.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmon016.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\connectionmonitor.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\control] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cpd.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cpf9x206.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cpfnt206.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\crashrep.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\csc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cssconfg.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cssupdat.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cssurf.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctrl.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cwnb181.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cwntdwmo.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\d.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\datemanager.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dcomx.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defalert.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defscangui.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defwatch.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deloeminfs.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deputy.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllcache.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllreg.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\doors.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dop.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dpf.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dpfsetup.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dpps2.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\driverctrl.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwatson.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drweb32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwebupw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dssagent.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95_0.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ecengine.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\efpeadm.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\emsw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ent.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\esafe.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\escanhnt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\escanv95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\espwatch.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ethereal.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\etrustcipe.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\evpn.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\exantivirus-cnet.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\exe.avxw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\expert.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explore.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-agnt95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-prot.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-prot95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-stopw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fact.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fameh32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fast.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fch32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fih32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\findviru.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firewall.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fixcfg.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fixfp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fnrb32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fp-win.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fp-win_trial.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fprot.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frmwrk32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsaa.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav530stbyb.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav530wtbyb.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsgk32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsm32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsma32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsmb32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gator.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gav.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gbmenu.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gbn976rl.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gbpoll.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\generics.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gmt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guard.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guarddog.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardgui.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hacktracersetup.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hbinst.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hbsrv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\History.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\homeav2010.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hotactio.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hotpatch.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htlog.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htpatch.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hwpe.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hxdl.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hxiul.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iamapp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iamserv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iamstats.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ibmasn.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ibmavsp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icload95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icloadnt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icmon.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icsupp95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icsuppnt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Identity.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\idle.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iedll.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iedriver.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEShow.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iface.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ifw2000.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\inetlnfo.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infus.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infwin.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\init.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\init32.exe ] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[1].exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[2].exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[3].exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[4].exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[5].exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\intdel.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\intren.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iomon98.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\istsvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jammer.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jdbgmrg.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jedi.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\JsRcGen.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavlite40eng.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavpers40eng.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavpf.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kazza.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\keenvalue.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-pf-213-en-win.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-wrl-421-en-win.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-wrp-421-en-win.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\killprocesssetup161.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldnetmon.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldpro.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldpromenu.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldscan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\licmgr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\livesrv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lnetinfo.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\loader.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\localnet.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lockdown.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lockdown2000.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lookout.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lordpe.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lsetup.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luall.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luau.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lucomserver.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luinit.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luspt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MalwareRemoval.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mapisvc32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcagent.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcmnhdlr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcmscsvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcnasvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcproxy.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\McSACore.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshell.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcsysmon.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mctool.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcupdate.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsrte.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsshld.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\md.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfin32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfw2en.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfweng3.02d30.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mgavrtcl.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mgavrte.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mghtml.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mgui.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\minilog.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmod.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\monitor.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\moolive.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpfagent.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpfservice.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MPFSrv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpftray.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mrflux.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mrt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msa.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msapp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msbb.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msblast.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscache.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msccn32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscman.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msdm.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msdos.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msiexec16.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mslaugh.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmgt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmsgri32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mssmmc32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mssys.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msvxd.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mu0311ad.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mwatch.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\n32scanw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nav.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navap.navapsvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapsvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapw32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navdx.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navlu32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navnt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navstub.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navw32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navwnt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nc2000.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ncinst4.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ndd32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neomonitor.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neowatchlog.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netarmor.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netd32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netinfo.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netmon.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netscanpro.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netspyhunter-1.2.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netutils.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nisserv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nisum.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nmain.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\normist.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\norton_internet_secu_3.0_407.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notstart.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npf40_tw_98_nt_me_2k.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npfmessenger.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nprotect.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npscheck.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npssvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nsched32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nssys32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nstask32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nsupdate.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ntrtscan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ntvdm.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ntxconfig.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nui.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nupgrade.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvarch16.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvc95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvsvc32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nwinst4.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nwservice.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nwtool16.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OAcat.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OAhlp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OAReg.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oasrv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oaui.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oaview.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ODSW.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ollydbg.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onsrvr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\optimize.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ostronet.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\otfix.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpost.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpostinstall.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpostproinstall.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ozn695m5.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\padmin.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\panixk.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\patch.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pav.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavcl.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PavFnSvr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavproxy.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavprsrv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavsched.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavsrv51.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pccwin98.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcfwallicon.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcip10117_0.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcscan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsAuxs.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsGui.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsSvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsTray.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PC_Antispyware2010.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdfndr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdsetup.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PerAvir.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\periscope.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\persfw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\personalguard] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\personalguard.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\perswf.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pf2.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pfwadmin.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pgmonitr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pingscan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pop3trap.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\poproxy.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\popscan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\portdetective.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\portmonitor.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerscan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ppinupdt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pptbc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ppvstop.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prizesurfer.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prmt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prmvr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procdump.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\processmonitor.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexplorerv1.0.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\programauditor.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\proport.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protector.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectx.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSANCU.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSANHost.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSANToManager.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PsCtrls.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PsImSvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PskSvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pspf.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSUNMain.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\purge.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qconsole.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qh.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qserver.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quick Heal.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QuickHealCleaner.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rapapp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rav7.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rav7win.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rav8win32eng.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ray.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rb32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rcsync.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\realmon.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\reged.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rescue.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rescue32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rrguard.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rscdwld.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rshell.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rtvscan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rtvscn95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rulaunch.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rwg] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rwg.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SafetyKeeper.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeweb.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sahagent.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Save.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveArmor.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveDefense.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveKeep.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\savenow.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sbserv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scam32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanpm.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scrscan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\seccenter.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Secure Veteran.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\secureveteran.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Security Center.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SecurityFighter.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\securitysoldier.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\serv95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setloadorder.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setupvameeval.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup_flowprotector_us.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sgssfw32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sh.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shellspyinstall.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shield.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shn.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\showbehind.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\signcheck.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smart.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartprotector.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smrtdefp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sms.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smss32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snetcfg.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\soap.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sofi.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftSafeness.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sperm.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spf.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sphinx.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spoler.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spoolcv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spoolsv32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spywarexpguard.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spyxx.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\srexe.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\srng.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ss3edit.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ssgrate.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ssg_4104.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\st2.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\start.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stcloader.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\supftrl.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\support.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\supporter5.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svchostc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svchosts.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svshost.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweep95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweepnet.sweepsrv.sys.swnetsup.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symproxysvc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symtray.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\system.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\system32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sysupd.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taumon.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbscan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tca.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tcm.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tds-3.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tds2-98.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tds2-nt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\teekids.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tfak.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tfak5.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tgbob.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\titanin.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\titaninxp.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TPSrv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trickler.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trjscan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trjsetup.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trojantrap3.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrustWarrior.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tsadbot.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tsc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tvmd.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tvtmd.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uiscan.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\undoboot.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\updat.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upgrad.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upgrepl.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utpost.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbcmserv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbcons.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbust.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbwin9x.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbwinntw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vcsetup.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vet32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vet95.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vettray.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vfsetup.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vir-help.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\virusmdpersonalfirewall.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthAux.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthLic.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthUpd.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vnlan300.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vnpc3000.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vpc32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vpc42.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vpfw30s.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vptray.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vscan40.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vscenu6.02d30.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsched.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsecomr.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vshwin32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsisetup.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsmain.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsmon.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsserv.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsstat.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vswin9xe.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vswinntse.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vswinperse.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w32dsm89.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\W3asbas.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w9x.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\watchdog.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webdav.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WebProxy.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webscanx.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webtrap.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wfindv32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\whoswatchingme.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wimmun32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\win-bugsfix.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\win32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\win32us.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winactive.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winav.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\windll32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\window.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\windows Police Pro.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\windows.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wininetd.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wininitx.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winlogin.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winmain.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winppr32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winrecon.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winservn.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winssk32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winstart.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winstart001.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintsk32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupdate.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wkufind.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wnad.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wnt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wradmin.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wrctrl.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wsbgate.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscfxas.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscfxav.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscfxfw.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wsctool.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wupdater.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wupdt.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wyvernworksfirewall.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xpdeluxe.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xpf202en.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xp_antispyware.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapro.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zatutor.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zonalm2601.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zonealarm.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpm.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~1.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~2.exe] "Debugger="svchost.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "vidc.XVID"=xvidvfw.dll "VIDC.FFDS"=ff_vfw.dll "msacm.ac3filter"=ac3filter.acm "msacm.avis"=ff_acm.acm "VIDC.YV12"=yv12vfw.dll "msacm.ac3acm"=ac3acm.acm "msacm.lameacm"=lameACM.acm ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-01-01 21:31:52 ----D---- C:\rsit 2012-01-01 21:31:52 ----D---- C:\Program Files\trend micro 2012-01-01 20:47:35 ----D---- C:\Windows\system32\Wat 2012-01-01 20:24:00 ----D---- C:\Program Files\ESET 2012-01-01 19:13:17 ----A---- C:\Windows\system32\FntCache.dll 2012-01-01 19:13:17 ----A---- C:\Windows\system32\DWrite.dll 2012-01-01 19:13:17 ----A---- C:\Windows\system32\d2d1.dll 2012-01-01 19:13:16 ----A---- C:\Windows\system32\prevhost.exe 2011-12-27 02:33:55 ----D---- C:\Users\jacec\AppData\Roaming\vlc 2011-12-26 20:56:19 ----D---- C:\Users\jacec\AppData\Roaming\Apple Computer 2011-12-17 18:59:06 ----A---- C:\Windows\system32\mshtmled.dll 2011-12-17 18:59:06 ----A---- C:\Windows\system32\iertutil.dll 2011-12-17 18:59:05 ----A---- C:\Windows\system32\jscript9.dll 2011-12-17 18:59:05 ----A---- C:\Windows\system32\jscript.dll 2011-12-17 18:59:04 ----A---- C:\Windows\system32\wininet.dll 2011-12-17 18:59:04 ----A---- C:\Windows\system32\jsproxy.dll 2011-12-17 18:59:03 ----A---- C:\Windows\system32\url.dll 2011-12-17 18:59:03 ----A---- C:\Windows\system32\ieui.dll 2011-12-17 18:59:02 ----A---- C:\Windows\system32\urlmon.dll 2011-12-17 18:59:01 ----A---- C:\Windows\system32\mshtml.dll 2011-12-17 18:59:00 ----A---- C:\Windows\system32\ieframe.dll 2011-12-17 18:57:46 ----A---- C:\Windows\system32\tzres.dll 2011-12-17 18:57:40 ----A---- C:\Windows\system32\csrsrv.dll 2011-12-17 18:57:38 ----A---- C:\Windows\system32\win32k.sys 2011-12-17 18:57:37 ----A---- C:\Windows\system32\EncDec.dll 2011-12-17 18:56:43 ----A---- C:\Windows\system32\ntoskrnl.exe 2011-12-17 18:56:43 ----A---- C:\Windows\system32\ntkrnlpa.exe 2011-12-02 22:23:49 ----D---- C:\ProgramData\AVAST Software 2011-12-02 22:23:49 ----D---- C:\Program Files\AVAST Software 2011-12-02 22:02:18 ----A---- C:\Windows\ntbtlog.txt ======List of files/folders modified in the last 1 month====== 2012-01-01 21:32:04 ----D---- C:\Windows\Prefetch 2012-01-01 21:31:54 ----D---- C:\Windows\Temp 2012-01-01 21:31:52 ----D---- C:\Program Files 2012-01-01 21:07:13 ----SHD---- C:\Windows\Installer 2012-01-01 21:07:13 ----HD---- C:\ProgramData 2012-01-01 21:07:12 ----D---- C:\Windows\system32\drivers 2012-01-01 21:03:08 ----D---- C:\Windows\system32\config 2012-01-01 20:54:50 ----SHD---- C:\System Volume Information 2012-01-01 20:47:54 ----D---- C:\Windows\System32 2012-01-01 20:47:54 ----A---- C:\Windows\system32\user32.dll 2012-01-01 20:47:54 ----A---- C:\Windows\system32\systemcpl.dll 2012-01-01 20:47:54 ----A---- C:\Windows\system32\slwga.dll 2012-01-01 20:47:50 ----D---- C:\Windows 2012-01-01 20:47:47 ----D---- C:\Windows\winsxs 2012-01-01 20:47:33 ----D---- C:\Windows\system32\catroot 2012-01-01 20:47:22 ----D---- C:\Windows\system32\catroot2 2012-01-01 20:46:40 ----D---- C:\Windows\SoftwareDistribution 2012-01-01 20:35:30 ----D---- C:\Windows\Microsoft.NET 2012-01-01 20:35:11 ----RSD---- C:\Windows\assembly 2012-01-01 19:33:05 ----D---- C:\Windows\AppPatch 2012-01-01 19:16:29 ----D---- C:\Windows\inf 2012-01-01 19:16:29 ----A---- C:\Windows\system32\PerfStringBackup.INI 2012-01-01 18:03:48 ----D---- C:\Windows\system32\Tasks 2011-12-31 04:27:32 ----D---- C:\Windows\system32\NDF 2011-12-22 08:44:41 ----HD---- C:\Program Files\InstallShield Installation Information 2011-12-22 08:44:41 ----D---- C:\Program Files\Sony Ericsson 2011-12-21 00:58:49 ----D---- C:\Windows\rescache 2011-12-17 19:07:42 ----D---- C:\Windows\system32\sv-SE 2011-12-17 19:07:42 ----D---- C:\Windows\system32\pl-PL 2011-12-17 19:07:42 ----D---- C:\Windows\system32\migration 2011-12-17 19:07:42 ----D---- C:\Windows\system32\en-US 2011-12-17 19:07:42 ----D---- C:\Program Files\Internet Explorer 2011-12-17 18:59:34 ----A---- C:\Windows\system32\MRT.exe 2011-12-16 19:54:44 ----D---- C:\Users\jacec\AppData\Roaming\Skype 2011-12-16 16:07:15 ----D---- C:\Users\jacec\AppData\Roaming\skypePM 2011-12-06 17:29:34 ----D---- C:\Users\jacec\AppData\Roaming\Media Player Classic 2011-12-02 23:08:08 ----D---- C:\ProgramData\OnlineUpdate 2011-12-02 22:02:16 ----D---- C:\Program Files\WinRAR ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560] R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816] R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696] R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416] R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-02-09 72832] R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536] R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992] R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-03 9344] R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] R4 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [] R4 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [] S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2011-02-09 102784] S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-02-09 11136] S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2011-02-09 208896] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2011-02-09 106880] S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872] S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824] S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016] S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728] S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208] S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024] S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744] S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864] S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2009-11-19 98672] S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2009-11-19 14960] S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2009-11-19 124016] S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2009-11-19 117872] S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2009-11-19 25456] S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2009-11-19 113904] S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2009-11-19 123504] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 DCService.exe;DCService.exe; C:\ProgramData\DatacardService\DCService.exe [2010-09-29 249856] R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [2011-02-09 203776] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-01 1343400] -----------------EOF----------------- [/log]
ratosluaf komentarz 2 stycznia 2012 komentarz 2 stycznia 2012 Ja się akurat na sprawdzaniu logów nie znam, ale by usprawnić pracę, powiem, że pierwszy spoiler się nie otwiera. 1
swiatek94 komentarz 2 stycznia 2012 Autor komentarz 2 stycznia 2012 ratosluaf@ Dzięki wielki już poprawiłem
Natsuki Kuga komentarz 2 stycznia 2012 komentarz 2 stycznia 2012 Do OTL wklej: [log] :Processes killallprocesses :OTL IE - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://search.condui...&ctid=CT2475029"]http://search.condui...&ctid=CT2475029[/url] IE - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 21 E6 43 9E 65 95 CA 01 [binary data] IE - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=UT2V5&o=15158&locale=en_US&apn_uid=9813BD7E-E1C6-4F52-ACF8-81AD1F7ED754&apn_ptnrs=UG&apn_sauid=C90B561E-B532-4040-80FE-F2717B161233&apn_dtid=YYYYYYYYSE&q=" [2011-12-07 07:19:39 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} [2011-12-31 17:55:40 | 000,002,402 | ---- | M] () -- C:\Users\jacec\AppData\Roaming\Mozilla\Firefox\Profiles\ozbth2gs.default\searchplugins\askcom.xml [2010-12-15 15:12:32 | 000,000,923 | ---- | M] () -- C:\Users\jacec\AppData\Roaming\Mozilla\Firefox\Profiles\ozbth2gs.default\searchplugins\conduit.xml O3 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\..\Toolbar\WebBrowser: (no name) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No CLSID value found. O3 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [JCFSE7V7Z1] C:\Users\jacec\AppData\Local\Temp\Pjh.exe File not found O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [Metropolis] rundll32.exe C:\Windows\system32\sshnas21.dll,GetHandle File not found O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [Smart Security] "C:\ProgramData\73bc1f\SM73b_231.exe" /s /d File not found O27 - HKLM IFEO\_avp32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\_avpcc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\_avpm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\~1.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\~2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\a.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aAvgApi.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AAWTray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\About.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ackwin32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\adaware.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Ad-Aware.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\advxdwin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AdwarePrj.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\agent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\agentsvr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\agentw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\alertsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\alevir.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\alogserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AlphaAV: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AlphaAV.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AluSchedulerSvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\amon9x.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntispywarXP2009.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\anti-trojan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Anti-Virus Professional.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\antivirus.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntiVirus_Pro.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusPlus: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusPlus.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusPro_2010.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusXP: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusXP.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\antivirusxppro2009.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ants.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\apimonitor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aplica32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\apvxdwin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\arr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Arrakis3.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashAvast.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashBug.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashChest.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashCnsnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashDisp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashLogV.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashMaiSv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashPopWz.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashQuick.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashServ.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSimp2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSimpl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSkPcc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSkPck.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashUpd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashWebSv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswChLic.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswRegSvr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswRunDll.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswUpdSv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atcon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atguard.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atro55en.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atupdater.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atwatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\au.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aupdate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\autodown.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\auto-protect.nav80try.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\autotrace.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\autoupdate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\av360.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avadmin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AVCare.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avcenter.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avciman.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avconfig.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avconsol.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ave32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AVENGINE.EXE: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgcc32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgchk.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgcmgr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgcsrvx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgctrl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgdumpx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgemc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgiproxy.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgnsx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgrsx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgscanx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgserv9.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgsrmax.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgtray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgupd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgwdsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkpop.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkservice.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkwctl9.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avltmain.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avmailc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avmcdlg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avnotify.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avp32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpcc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpdos32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avptc32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpupd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avsched32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avsynmgr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avupgsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AVWEBGRD.EXE: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwin95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwinnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwsc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwupd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwupd32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwupsrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avxmonitor9x.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avxmonitornt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avxquar.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\b.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\backweb.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bargains.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bd_professional.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdagent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdfvcl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdfvwiz.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\BDInProcPatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdmcon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\BDMsnScan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdreinit.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdsubwiz.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\BDSurvey.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdtkexec.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdwizreg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\beagle.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\belt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bidef.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bidserver.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bipcp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bipcpevalsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bisp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blackd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blackice.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blink.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blss.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bootconf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bootwarn.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\borg2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bpc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\brasil.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\brastk.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\brw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bs120.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bspatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bundle.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bvt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\c.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cavscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccapp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccevtmgr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccpxysvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccSvcHst.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cdp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfgwiz.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfiadmin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfiaudit.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfinet.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfinet32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfpconfg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfplogvw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfpupdat.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Cl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\claw95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\claw95cf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\clean.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleaner.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleaner3.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleanIELow.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleanpc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\click.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmd32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmdagent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmesys.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmgrdian.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmon016.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\connectionmonitor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\control: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cpd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cpf9x206.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cpfnt206.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\crashrep.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\csc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cssconfg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cssupdat.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cssurf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ctrl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cwnb181.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cwntdwmo.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\d.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\datemanager.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dcomx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\defalert.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\defscangui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\defwatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\deloeminfs.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\deputy.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\divx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dllcache.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dllreg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\doors.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dop.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dpf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dpfsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dpps2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\driverctrl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\drwatson.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\drweb32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\drwebupw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dssagent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dvp95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dvp95_0.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ecengine.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\efpeadm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\egui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ekrn.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\emsw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\esafe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\escanhnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\escanv95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\espwatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ethereal.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\etrustcipe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\evpn.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\exantivirus-cnet.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\exe.avxw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\expert.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\explore.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fact.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-agnt95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fameh32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fast.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fch32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fih32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\findviru.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\firewall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fixcfg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fixfp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fnrb32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fprot.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-prot.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-prot95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fp-win.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fp-win_trial.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\frmwrk32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\frw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsaa.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav530stbyb.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav530wtbyb.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsgk32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsm32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsma32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsmb32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-stopw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gator.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gbmenu.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gbn976rl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gbpoll.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\generics.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gmt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\guard.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\guarddog.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\guardgui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hacktracersetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hbinst.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hbsrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\History.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\homeav2010.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hotactio.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hotpatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\htlog.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\htpatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hwpe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hxdl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hxiul.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iamapp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iamserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iamstats.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ibmasn.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ibmavsp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icload95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icloadnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icmon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icsupp95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icsuppnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Identity.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\idle.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iedll.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iedriver.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\IEShow.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iface.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ifw2000.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\inetlnfo.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\infus.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\infwin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\init.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\init32.exe : Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[1].exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[2].exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[3].exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[4].exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\install[5].exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\intdel.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\intren.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iomon98.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\istsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\jammer.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\jdbgmrg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\jedi.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\JsRcGen.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kavlite40eng.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kavpers40eng.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kavpf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kazza.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\keenvalue.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kerio-pf-213-en-win.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kerio-wrl-421-en-win.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kerio-wrp-421-en-win.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\killprocesssetup161.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldnetmon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldpro.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldpromenu.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\licmgr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\livesrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lnetinfo.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\loader.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\localnet.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lockdown.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lockdown2000.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lookout.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lordpe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luau.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lucomserver.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luinit.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luspt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\MalwareRemoval.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mapisvc32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcagent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcmnhdlr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcmscsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcnasvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcproxy.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\McSACore.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcshell.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcshield.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcsysmon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mctool.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcupdate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcvsrte.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcvsshld.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\md.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mfin32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mfw2en.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mfweng3.02d30.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mgavrtcl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mgavrte.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mghtml.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mgui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\minilog.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mmod.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\monitor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\moolive.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mostat.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mpfagent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mpfservice.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\MPFSrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mpftray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mrflux.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mrt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msa.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msapp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\MSASCui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msbb.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msblast.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mscache.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msccn32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mscman.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msconfig: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msdm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msdos.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msiexec16.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mslaugh.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msmgt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msmsgri32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msseces.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mssmmc32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mssys.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msvxd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mu0311ad.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mwatch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\n32scanw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navap.navapsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navapsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navapw32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navdx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navlu32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navstub.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navw32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navwnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nc2000.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ncinst4.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ndd32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\neomonitor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\neowatchlog.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netarmor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netd32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netinfo.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netmon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netscanpro.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netspyhunter-1.2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netutils.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nisserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nisum.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nmain.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nod32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\normist.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\norton_internet_secu_3.0_407.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\notstart.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npf40_tw_98_nt_me_2k.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npfmessenger.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nprotect.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npscheck.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npssvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nsched32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nssys32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nstask32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nsupdate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ntrtscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ntvdm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ntxconfig.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nupgrade.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nvarch16.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nvc95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nvsvc32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nwinst4.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nwservice.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nwtool16.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OAcat.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OAhlp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OAReg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\oasrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\oaui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\oaview.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ODSW.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ollydbg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\onsrvr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\optimize.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ostronet.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\otfix.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\outpost.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\outpostinstall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\outpostproinstall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ozn695m5.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\padmin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\panixk.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\patch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavcl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PavFnSvr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavproxy.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavprsrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavsched.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavsrv51.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PC_Antispyware2010.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pccwin98.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pcfwallicon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pcip10117_0.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pcscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsAuxs.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsGui.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsSvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsTray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pdfndr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pdsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PerAvir.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\periscope.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\persfw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\personalguard: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\personalguard.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\perswf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pf2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pfwadmin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pgmonitr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pingscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\platin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pop3trap.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\poproxy.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\popscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\portdetective.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\portmonitor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\powerscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ppinupdt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pptbc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ppvstop.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\prizesurfer.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\prmt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\prmvr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\procdump.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\processmonitor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\procexplorerv1.0.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\programauditor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\proport.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\protector.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\protectx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSANCU.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSANHost.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSANToManager.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PsCtrls.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PsImSvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PskSvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pspf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSUNMain.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\purge.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\qconsole.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\qh.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\qserver.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Quick Heal.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\QuickHealCleaner.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rapapp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rav7.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rav7win.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rav8win32eng.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rb32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rcsync.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\realmon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\reged.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\regedt32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rescue.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rescue32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rrguard.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rscdwld.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rshell.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rtvscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rtvscn95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rulaunch.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rwg: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rwg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SafetyKeeper.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\safeweb.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sahagent.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Save.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SaveArmor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SaveDefense.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SaveKeep.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\savenow.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sbserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scam32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scan32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scan95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scanpm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scrscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\seccenter.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Secure Veteran.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\secureveteran.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Security Center.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SecurityFighter.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\securitysoldier.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\serv95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\setloadorder.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\setup_flowprotector_us.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\setupvameeval.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sgssfw32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sh.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\shellspyinstall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\shield.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\shn.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\showbehind.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\signcheck.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smart.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smartprotector.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smrtdefp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sms.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smss32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\snetcfg.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\soap.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sofi.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SoftSafeness.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sperm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spf.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sphinx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spoler.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spoolcv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spoolsv32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spywarexpguard.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spyxx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\srexe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\srng.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ss3edit.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ssg_4104.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ssgrate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\st2.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\start.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\stcloader.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\supftrl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\support.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\supporter5.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svchostc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svchosts.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svshost.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sweep95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\symlcsvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\symproxysvc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\symtray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\system.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\system32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sysupd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tapinstall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\taumon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tbscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tca.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tcm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tds2-98.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tds2-nt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tds-3.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\teekids.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tfak.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tfak5.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tgbob.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\titanin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\titaninxp.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\TPSrv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trickler.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trjscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trjsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trojantrap3.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\TrustWarrior.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tsadbot.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tsc.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tvmd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tvtmd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\uiscan.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\undoboot.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\updat.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\upgrad.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\upgrepl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\utpost.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbcmserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbcons.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbust.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbwin9x.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbwinntw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vcsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vet32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vet95.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vettray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vfsetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vir-help.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\virusmdpersonalfirewall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\VisthAux.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\VisthLic.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\VisthUpd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vnlan300.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vnpc3000.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vpc32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vpc42.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vpfw30s.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vptray.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vscan40.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vscenu6.02d30.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsched.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsecomr.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vshwin32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsisetup.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsmain.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsmon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsserv.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsstat.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vswin9xe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vswinntse.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vswinperse.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\w32dsm89.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\W3asbas.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\w9x.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\watchdog.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\webdav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\WebProxy.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\webscanx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\webtrap.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wfindv32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\whoswatchingme.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wimmun32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\win32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\win32us.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winactive.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\win-bugsfix.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\windll32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\window.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\windows Police Pro.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\windows.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wininetd.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wininitx.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winlogin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winmain.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winppr32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winrecon.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winservn.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winssk32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winstart.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winstart001.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wintsk32.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winupdate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wkufind.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wnad.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wnt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wradmin.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wrctrl.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wsbgate.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wscfxas.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wscfxav.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wscfxfw.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wsctool.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wupdater.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wupdt.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wyvernworksfirewall.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\xp_antispyware.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\xpdeluxe.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\xpf202en.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zapro.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zapsetup3001.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zatutor.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zonalm2601.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zonealarm.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation) @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:D1B5B4F1 :Commands [resethosts] [emptytemp] [Reboot] [/log] [b]Wykonaj skrypt,[/b] pokaż raport. Po wykonaniu pokaż zestaw nowych logów. 1
swiatek94 komentarz 2 stycznia 2012 Autor komentarz 2 stycznia 2012 (edytowane) [log]All processes killed ========== PROCESSES ========== ========== OTL ========== HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-666643132-1411173658-3390636905-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ not found. Prefs.js: "Ask.com" removed from browser.search.defaultengine Prefs.js: "Ask.com" removed from browser.search.defaultenginename Prefs.js: "MyAshampoo Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Prefs.js: "Ask.com" removed from browser.search.order.1 Prefs.js: "Ask.com" removed from browser.search.selectedEngine Prefs.js: engine@conduit.com:3.2.5.2 removed from extensions.enabledItems Prefs.js: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=UT2V5&o=15158&locale=en_US&apn_uid=9813BD7E-E1C6-4F52-ACF8-81AD1F7ED754&apn_ptnrs=UG&apn_sauid=C90B561E-B532-4040-80FE-F2717B161233&apn_dtid=YYYYYYYYSE&q=" removed from keyword.URL C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\searchplugin folder moved successfully. C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\modules folder moved successfully. C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\META-INF folder moved successfully. C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\defaults folder moved successfully. C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components folder moved successfully. C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\chrome folder moved successfully. C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} folder moved successfully. C:\Users\jacec\AppData\Roaming\Mozilla\Firefox\Profiles\ozbth2gs.default\searchplugins\askcom.xml moved successfully. C:\Users\jacec\AppData\Roaming\Mozilla\Firefox\Profiles\ozbth2gs.default\searchplugins\conduit.xml moved successfully. Registry value HKEY_USERS\S-1-5-21-666643132-1411173658-3390636905-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}\ not found. Registry value HKEY_USERS\S-1-5-21-666643132-1411173658-3390636905-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_USERS\S-1-5-21-666643132-1411173658-3390636905-1000\Software\Microsoft\Windows\CurrentVersion\Run\\JCFSE7V7Z1 deleted successfully. Registry value HKEY_USERS\S-1-5-21-666643132-1411173658-3390636905-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Metropolis deleted successfully. Registry value HKEY_USERS\S-1-5-21-666643132-1411173658-3390636905-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Smart Security deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe\ deleted successfully. Invalid CLSID key: _avp32.exe Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe\ deleted successfully. Invalid CLSID key: _avpcc.exe Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpm.exe\ deleted successfully. Invalid CLSID key: _avpm.exe Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~1.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~2.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\a.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aAvgApi.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\About.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ackwin32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adaware.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ad-Aware.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\advxdwin.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AdwarePrj.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agent.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentsvr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alertsvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alevir.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alogserv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AluSchedulerSvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\amon9x.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntispywarXP2009.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\anti-trojan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Anti-Virus Professional.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirus.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntiVirus_Pro.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusPlus\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusPlus.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusPro_2010.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusXP\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusXP.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusxppro2009.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ants.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apimonitor.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aplica32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apvxdwin.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\arr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Arrakis3.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashAvast.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashBug.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashChest.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashCnsnt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashLogV.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashMaiSv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashPopWz.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashQuick.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashServ.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSimp2.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSimpl.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSkPcc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSkPck.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashUpd.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashWebSv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswChLic.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswRegSvr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswRunDll.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswUpdSv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atcon.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atguard.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atro55en.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atupdater.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atwatch.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\au.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aupdate.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autodown.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\auto-protect.nav80try.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autotrace.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoupdate.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\av360.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avadmin.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avciman.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ave32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcc32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgchk.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcmgr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcsrvx.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgctrl.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgdumpx.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgemc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgiproxy.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnsx.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrsx.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgscanx.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv9.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgsrmax.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgtray.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgupd.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgwdsvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkpop.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkserv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkservice.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkwctl9.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avltmain.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avmailc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avmcdlg.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avnotify.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avnt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpcc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpdos32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpm.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avptc32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpupd.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avsched32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avsynmgr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avupgsvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWEBGRD.EXE\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwin.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwin95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwinnt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwsc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupsrv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitor9x.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitornt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxquar.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\b.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backweb.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bargains.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bd_professional.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdagent.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdfvcl.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdfvwiz.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BDInProcPatch.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdmcon.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BDMsnScan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdreinit.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdsubwiz.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BDSurvey.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdtkexec.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdwizreg.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\beagle.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\belt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bidef.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bidserver.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bipcp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bipcpevalsetup.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bisp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blackd.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blackice.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blink.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blss.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bootconf.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bootwarn.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\borg2.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brasil.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brastk.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bs120.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bspatch.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundle.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bvt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\c.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cavscan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccapp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccevtmgr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccpxysvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cdp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfd.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfgwiz.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfiadmin.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfiaudit.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfinet.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfinet32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfpconfg.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfplogvw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfpupdat.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Cl.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\claw95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\claw95cf.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\clean.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cleaner.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cleaner3.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cleanIELow.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cleanpc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\click.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmdagent.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmesys.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmgrdian.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmon016.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\connectionmonitor.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\control\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cpd.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cpf9x206.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cpfnt206.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\crashrep.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\csc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cssconfg.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cssupdat.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cssurf.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctrl.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cwnb181.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cwntdwmo.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\d.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\datemanager.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dcomx.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defalert.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defscangui.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defwatch.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deloeminfs.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deputy.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllcache.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllreg.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\doors.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dop.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dpf.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dpfsetup.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dpps2.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\driverctrl.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwatson.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drweb32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwebupw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dssagent.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95_0.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ecengine.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\efpeadm.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\emsw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ent.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\esafe.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\escanhnt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\escanv95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\espwatch.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ethereal.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\etrustcipe.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\evpn.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\exantivirus-cnet.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\exe.avxw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\expert.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explore.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fact.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-agnt95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fameh32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fast.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fch32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fih32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\findviru.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firewall.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fixcfg.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fixfp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fnrb32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fprot.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-prot.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-prot95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fp-win.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fp-win_trial.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frmwrk32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsaa.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav530stbyb.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav530wtbyb.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsgk32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsm32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsma32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsmb32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-stopw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gator.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gav.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gbmenu.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gbn976rl.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gbpoll.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\generics.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gmt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guard.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guarddog.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardgui.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hacktracersetup.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hbinst.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hbsrv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\History.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\homeav2010.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hotactio.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hotpatch.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htlog.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htpatch.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hwpe.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hxdl.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hxiul.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iamapp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iamserv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iamstats.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ibmasn.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ibmavsp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icload95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icloadnt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icmon.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icsupp95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icsuppnt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Identity.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\idle.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iedll.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iedriver.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEShow.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iface.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ifw2000.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\inetlnfo.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infus.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infwin.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\init.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\init32.exe \ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[1].exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[2].exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[3].exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[4].exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[5].exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\intdel.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\intren.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iomon98.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\istsvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jammer.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jdbgmrg.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jedi.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\JsRcGen.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavlite40eng.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavpers40eng.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavpf.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kazza.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\keenvalue.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-pf-213-en-win.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-wrl-421-en-win.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-wrp-421-en-win.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\killprocesssetup161.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldnetmon.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldpro.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldpromenu.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldscan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\licmgr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\livesrv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lnetinfo.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\loader.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\localnet.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lockdown.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lockdown2000.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lookout.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lordpe.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lsetup.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luall.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luau.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lucomserver.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luinit.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luspt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MalwareRemoval.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mapisvc32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcagent.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcmnhdlr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcmscsvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcnasvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcproxy.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\McSACore.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshell.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcsysmon.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mctool.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcupdate.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsrte.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsshld.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\md.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfin32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfw2en.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfweng3.02d30.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mgavrtcl.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mgavrte.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mghtml.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mgui.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\minilog.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmod.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\monitor.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\moolive.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpfagent.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpfservice.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MPFSrv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpftray.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mrflux.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mrt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msa.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msapp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msbb.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msblast.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscache.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msccn32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscman.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msdm.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msdos.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msiexec16.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mslaugh.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmgt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmsgri32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mssmmc32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mssys.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msvxd.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mu0311ad.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mwatch.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\n32scanw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nav.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navap.navapsvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapsvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapw32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navdx.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navlu32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navnt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navstub.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navw32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navwnt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nc2000.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ncinst4.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ndd32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neomonitor.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neowatchlog.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netarmor.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netd32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netinfo.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netmon.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netscanpro.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netspyhunter-1.2.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netutils.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nisserv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nisum.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nmain.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\normist.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\norton_internet_secu_3.0_407.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notstart.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npf40_tw_98_nt_me_2k.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npfmessenger.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nprotect.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npscheck.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npssvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nsched32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nssys32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nstask32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nsupdate.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ntrtscan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ntvdm.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ntxconfig.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nui.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nupgrade.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvarch16.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvc95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvsvc32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nwinst4.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nwservice.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nwtool16.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OAcat.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OAhlp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OAReg.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oasrv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oaui.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oaview.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ODSW.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ollydbg.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onsrvr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\optimize.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ostronet.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\otfix.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpost.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpostinstall.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpostproinstall.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ozn695m5.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\padmin.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\panixk.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\patch.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pav.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavcl.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PavFnSvr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavproxy.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavprsrv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavsched.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavsrv51.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PC_Antispyware2010.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pccwin98.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcfwallicon.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcip10117_0.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcscan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsAuxs.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsGui.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsSvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsTray.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdfndr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdsetup.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PerAvir.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\periscope.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\persfw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\personalguard\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\personalguard.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\perswf.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pf2.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pfwadmin.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pgmonitr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pingscan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pop3trap.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\poproxy.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\popscan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\portdetective.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\portmonitor.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerscan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ppinupdt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pptbc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ppvstop.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prizesurfer.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prmt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prmvr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procdump.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\processmonitor.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexplorerv1.0.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\programauditor.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\proport.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protector.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectx.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSANCU.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSANHost.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSANToManager.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PsCtrls.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PsImSvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PskSvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pspf.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSUNMain.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\purge.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qconsole.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qh.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qserver.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quick Heal.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QuickHealCleaner.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rapapp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rav7.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rav7win.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rav8win32eng.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ray.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rb32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rcsync.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\realmon.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\reged.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rescue.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rescue32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rrguard.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rscdwld.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rshell.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rtvscan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rtvscn95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rulaunch.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rwg\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rwg.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SafetyKeeper.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeweb.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sahagent.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Save.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveArmor.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveDefense.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveKeep.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\savenow.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sbserv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scam32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanpm.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scrscan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\seccenter.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Secure Veteran.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\secureveteran.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Security Center.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SecurityFighter.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\securitysoldier.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\serv95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setloadorder.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup_flowprotector_us.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setupvameeval.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sgssfw32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sh.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shellspyinstall.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shield.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shn.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\showbehind.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\signcheck.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smart.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartprotector.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smrtdefp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sms.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smss32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snetcfg.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\soap.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sofi.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftSafeness.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sperm.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spf.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sphinx.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spoler.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spoolcv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spoolsv32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spywarexpguard.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spyxx.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\srexe.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\srng.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ss3edit.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ssg_4104.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ssgrate.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\st2.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\start.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stcloader.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\supftrl.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\support.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\supporter5.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svchostc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svchosts.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svshost.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweep95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweepnet.sweepsrv.sys.swnetsup.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symproxysvc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symtray.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\system.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\system32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sysupd.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taumon.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbscan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tca.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tcm.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tds2-98.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tds2-nt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tds-3.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\teekids.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tfak.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tfak5.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tgbob.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\titanin.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\titaninxp.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TPSrv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trickler.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trjscan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trjsetup.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trojantrap3.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrustWarrior.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tsadbot.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tsc.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tvmd.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tvtmd.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uiscan.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\undoboot.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\updat.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upgrad.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upgrepl.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utpost.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbcmserv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbcons.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbust.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbwin9x.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbwinntw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vcsetup.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vet32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vet95.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vettray.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vfsetup.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vir-help.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\virusmdpersonalfirewall.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthAux.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthLic.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthUpd.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vnlan300.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vnpc3000.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vpc32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vpc42.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vpfw30s.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vptray.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vscan40.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vscenu6.02d30.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsched.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsecomr.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vshwin32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsisetup.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsmain.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsmon.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsserv.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsstat.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vswin9xe.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vswinntse.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vswinperse.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w32dsm89.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\W3asbas.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w9x.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\watchdog.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webdav.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WebProxy.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webscanx.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webtrap.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wfindv32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\whoswatchingme.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wimmun32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\win32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\win32us.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winactive.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winav.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\win-bugsfix.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\windll32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\window.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\windows Police Pro.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\windows.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wininetd.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wininitx.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winlogin.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winmain.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winppr32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winrecon.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winservn.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winssk32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winstart.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winstart001.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintsk32.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupdate.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wkufind.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wnad.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wnt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wradmin.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wrctrl.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wsbgate.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscfxas.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscfxav.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscfxfw.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wsctool.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wupdater.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wupdt.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wyvernworksfirewall.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xp_antispyware.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xpdeluxe.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xpf202en.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapro.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zatutor.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zonalm2601.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zonealarm.exe\ deleted successfully. Item C:\Windows\System32\svchost.exe is whitelisted and cannot be moved. ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: jacec ->Temp folder emptied: 66716274 bytes ->Temporary Internet Files folder emptied: 5850024 bytes ->Java cache emptied: 1238989 bytes ->FireFox cache emptied: 103965936 bytes ->Flash cache emptied: 15900 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 14610436 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 183,00 mb OTL by OldTimer - Version 3.2.31.0 log created on 01022012_222041 Files\Folders moved on Reboot... Registry entries deleted on Reboot... [/log] [log]OTL logfile created on: 2012-01-02 22:44:58 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\jacec\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2,97 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 58,64% Memory free 5,93 Gb Paging File | 4,68 Gb Available in Paging File | 78,93% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 101,47 Gb Total Space | 24,71 Gb Free Space | 24,35% Space Free | Partition Type: NTFS Drive D: | 271,14 Gb Total Space | 42,70 Gb Free Space | 15,75% Space Free | Partition Type: NTFS Computer Name: ONLYMINE | User Name: jacec | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-01-01 21:12:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\jacec\Desktop\OTL.exe PRC - [2011-11-21 05:42:37 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-11-21 05:42:37 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011-05-04 05:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2011-04-22 13:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2011-04-22 13:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011-02-09 17:26:34 | 000,203,776 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe PRC - [2010-11-20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2010-11-20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2010-11-20 13:17:48 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe PRC - [2010-11-20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-20 13:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-11-20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2010-11-20 13:17:30 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe PRC - [2010-11-20 13:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiexec.exe PRC - [2010-11-20 13:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2010-11-20 13:16:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010-09-29 02:33:40 | 000,249,856 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe PRC - [2010-09-29 02:33:34 | 000,228,352 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2009-12-08 14:51:52 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2009-08-18 01:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009-08-18 01:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009-07-14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 02:14:43 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2009-04-30 11:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe PRC - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-01-01 21:12:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\jacec\Desktop\OTL.exe MOD - [2012-01-01 20:47:54 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2011-11-21 05:42:37 | 015,793,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll MOD - [2011-11-21 05:42:37 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011-11-21 05:42:37 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe MOD - [2011-11-21 05:42:37 | 000,801,752 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll MOD - [2011-11-21 05:42:37 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcrt19.dll MOD - [2011-11-21 05:42:37 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcpp19.dll MOD - [2011-11-21 05:42:37 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll MOD - [2011-11-21 05:42:37 | 000,371,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll MOD - [2011-11-21 05:42:37 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll MOD - [2011-11-21 05:42:37 | 000,183,256 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll MOD - [2011-11-21 05:42:37 | 000,166,872 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll MOD - [2011-11-21 05:42:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll MOD - [2011-11-21 05:42:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll MOD - [2011-11-21 05:42:37 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll MOD - [2011-11-21 05:42:37 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll MOD - [2011-11-21 05:42:37 | 000,089,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll MOD - [2011-11-21 05:42:37 | 000,021,464 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll MOD - [2011-11-21 05:42:37 | 000,020,440 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll MOD - [2011-11-21 05:42:37 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll MOD - [2011-11-21 05:42:37 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe MOD - [2011-11-21 05:42:37 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll MOD - [2011-11-19 00:28:14 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll MOD - [2011-11-19 00:28:14 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll MOD - [2011-11-19 00:28:14 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll MOD - [2011-11-19 00:28:14 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll MOD - [2011-11-19 00:28:14 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll MOD - [2011-11-04 00:02:45 | 012,279,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll MOD - [2011-11-03 23:47:42 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll MOD - [2011-11-03 23:46:47 | 009,705,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2011-11-03 23:40:43 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2011-11-03 23:39:47 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll MOD - [2011-11-03 23:32:17 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2011-07-16 05:27:30 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2011-07-16 05:27:30 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2011-06-16 05:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2011-06-15 17:02:29 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll MOD - [2011-06-15 17:02:27 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll MOD - [2011-06-15 17:02:24 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2011-06-15 17:02:24 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011-04-22 13:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll MOD - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe MOD - [2011-02-19 07:30:51 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll MOD - [2011-02-19 07:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll MOD - [2011-01-17 06:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll MOD - [2010-11-20 13:24:36 | 001,288,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-11-20 13:21:39 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll MOD - [2010-11-20 13:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll MOD - [2010-11-20 13:21:39 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshbth.dll MOD - [2010-11-20 13:21:38 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpdshext.dll MOD - [2010-11-20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2010-11-20 13:21:38 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll MOD - [2010-11-20 13:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2010-11-20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll MOD - [2010-11-20 13:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2010-11-20 13:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2010-11-20 13:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll MOD - [2010-11-20 13:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll MOD - [2010-11-20 13:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll MOD - [2010-11-20 13:21:35 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll MOD - [2010-11-20 13:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll MOD - [2010-11-20 13:21:35 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webio.dll MOD - [2010-11-20 13:21:35 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll MOD - [2010-11-20 13:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2010-11-20 13:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-11-20 13:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2010-11-20 13:21:30 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll MOD - [2010-11-20 13:21:27 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll MOD - [2010-11-20 13:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll MOD - [2010-11-20 13:21:27 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll MOD - [2010-11-20 13:21:27 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll MOD - [2010-11-20 13:21:26 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll MOD - [2010-11-20 13:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2010-11-20 13:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll MOD - [2010-11-20 13:21:25 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll MOD - [2010-11-20 13:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2010-11-20 13:21:23 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll MOD - [2010-11-20 13:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-11-20 13:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-11-20 13:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-11-20 13:21:15 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll MOD - [2010-11-20 13:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2010-11-20 13:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2010-11-20 13:21:06 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFolder.dll MOD - [2010-11-20 13:21:04 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll MOD - [2010-11-20 13:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2010-11-20 13:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll MOD - [2010-11-20 13:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll MOD - [2010-11-20 13:21:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL MOD - [2010-11-20 13:20:57 | 002,504,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL MOD - [2010-11-20 13:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2010-11-20 13:20:57 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL MOD - [2010-11-20 13:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll MOD - [2010-11-20 13:20:56 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll MOD - [2010-11-20 13:20:55 | 001,750,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll MOD - [2010-11-20 13:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll MOD - [2010-11-20 13:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-11-20 13:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2010-11-20 13:20:46 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll MOD - [2010-11-20 13:20:46 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll MOD - [2010-11-20 13:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll MOD - [2010-11-20 13:20:29 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll MOD - [2010-11-20 13:20:29 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll MOD - [2010-11-20 13:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2010-11-20 13:20:27 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll MOD - [2010-11-20 13:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll MOD - [2010-11-20 13:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll MOD - [2010-11-20 13:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll MOD - [2010-11-20 13:19:55 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll MOD - [2010-11-20 13:19:54 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll MOD - [2010-11-20 13:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll MOD - [2010-11-20 13:19:47 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll MOD - [2010-11-20 13:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll MOD - [2010-11-20 13:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll MOD - [2010-11-20 13:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll MOD - [2010-11-20 13:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL MOD - [2010-11-20 13:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2010-11-20 13:19:21 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll MOD - [2010-11-20 13:19:21 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll MOD - [2010-11-20 13:19:10 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll MOD - [2010-11-20 13:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll MOD - [2010-11-20 13:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2010-11-20 13:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL MOD - [2010-11-20 13:19:03 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll MOD - [2010-11-20 13:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll MOD - [2010-11-20 13:18:38 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll MOD - [2010-11-20 13:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll MOD - [2010-11-20 13:18:36 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll MOD - [2010-11-20 13:18:35 | 001,371,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll MOD - [2010-11-20 13:18:35 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll MOD - [2010-11-20 13:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll MOD - [2010-11-20 13:18:26 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll MOD - [2010-11-20 13:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll MOD - [2010-11-20 13:18:25 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll MOD - [2010-11-20 13:18:25 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll MOD - [2010-11-20 13:18:25 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll MOD - [2010-11-20 13:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll MOD - [2010-11-20 13:18:25 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll MOD - [2010-11-20 13:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2010-11-20 13:18:25 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll MOD - [2010-11-20 13:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll MOD - [2010-11-20 13:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll MOD - [2010-11-20 13:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-20 13:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2010-11-20 13:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2010-11-20 13:18:06 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll MOD - [2010-11-20 13:18:05 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll MOD - [2010-11-20 13:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll MOD - [2010-11-20 13:18:04 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodev.dll MOD - [2010-11-20 13:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2010-11-20 13:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2010-11-20 13:18:01 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll MOD - [2010-11-20 13:18:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2010-11-20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe MOD - [2010-11-20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe MOD - [2010-11-20 13:16:50 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl MOD - [2010-11-20 13:16:50 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl MOD - [2010-11-20 13:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2010-11-20 13:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv MOD - [2010-11-20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-20 12:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll MOD - [2010-09-29 02:33:34 | 000,228,352 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe MOD - [2010-08-17 13:36:04 | 005,969,360 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2009-12-08 14:51:52 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe MOD - [2009-12-04 12:52:14 | 000,327,680 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\ModemWiz.dll MOD - [2009-11-24 16:31:32 | 000,549,888 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\NewUI.dll MOD - [2009-11-16 09:20:20 | 000,291,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll MOD - [2009-11-16 09:16:42 | 000,097,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll MOD - [2009-11-16 09:08:48 | 000,307,480 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll MOD - [2009-11-16 09:06:32 | 000,904,880 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll MOD - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe MOD - [2009-11-16 09:02:04 | 000,109,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll MOD - [2009-11-16 09:00:14 | 000,101,480 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll MOD - [2009-11-16 08:57:16 | 000,142,680 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll MOD - [2009-08-18 01:31:32 | 002,469,888 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009-07-14 02:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll MOD - [2009-07-14 02:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll MOD - [2009-07-14 02:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll MOD - [2009-07-14 02:16:20 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL MOD - [2009-07-14 02:16:19 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL MOD - [2009-07-14 02:16:19 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\wlsrvc.dll MOD - [2009-07-14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll MOD - [2009-07-14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll MOD - [2009-07-14 02:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll MOD - [2009-07-14 02:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-07-14 02:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 02:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 02:16:16 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll MOD - [2009-07-14 02:16:15 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapi32.dll MOD - [2009-07-14 02:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll MOD - [2009-07-14 02:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll MOD - [2009-07-14 02:16:13 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensorsApi.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 02:16:13 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sbdrop.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll MOD - [2009-07-14 02:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll MOD - [2009-07-14 02:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PeerDist.dll MOD - [2009-07-14 02:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2009-07-14 02:16:03 | 001,537,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll MOD - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll MOD - [2009-07-14 02:16:03 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 02:15:50 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll MOD - [2009-07-14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll MOD - [2009-07-14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll MOD - [2009-07-14 02:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 02:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll MOD - [2009-07-14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\LocationApi.dll MOD - [2009-07-14 02:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll MOD - [2009-07-14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll MOD - [2009-07-14 02:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll MOD - [2009-07-14 02:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll MOD - [2009-07-14 02:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll MOD - [2009-07-14 02:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll MOD - [2009-07-14 02:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll MOD - [2009-07-14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll MOD - [2009-07-14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-07-14 02:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2009-07-14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 02:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsrole.dll MOD - [2009-07-14 02:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drprov.dll MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll MOD - [2009-07-14 02:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll MOD - [2009-07-14 02:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll MOD - [2009-07-14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll MOD - [2009-07-14 02:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddrawex.dll MOD - [2009-07-14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll MOD - [2009-07-14 02:15:08 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll MOD - [2009-07-14 02:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davhlpr.dll MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll MOD - [2009-07-14 02:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 02:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll MOD - [2009-07-14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 02:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm MOD - [2009-07-14 02:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll MOD - [2009-07-14 02:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll MOD - [2009-06-24 09:32:20 | 000,262,144 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\bvrpctln.dll MOD - [2009-06-17 12:09:12 | 000,356,352 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\RasCnxMngr.dll MOD - [2009-06-17 09:28:04 | 000,317,440 | ---- | M] (BVRP Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\MExplorer.dll MOD - [2009-05-15 16:14:34 | 000,114,688 | ---- | M] (BVRP Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\WUNPACLN.dll MOD - [2009-04-02 14:57:42 | 000,278,528 | ---- | M] (BVRP Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\WFP1N.dll MOD - [2009-02-05 13:25:38 | 000,049,152 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\bvrpnac.dll MOD - [2008-12-05 15:05:56 | 000,073,728 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\Comm.dll MOD - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe MOD - [2007-09-02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll MOD - [2007-02-07 14:31:36 | 000,036,864 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\ModExch.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-01-01 20:47:34 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011-04-22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2011-02-09 17:26:34 | 000,203,776 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc) SRV - [2010-09-29 02:33:40 | 000,249,856 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe) SRV - [2009-11-16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EHttpSrv) SRV - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2009-08-18 01:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-04-30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-09 17:26:36 | 000,208,896 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2011-02-09 17:26:36 | 000,106,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2011-02-09 17:26:36 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2011-02-09 17:26:36 | 000,072,832 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2011-02-09 17:26:36 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV - [2010-11-20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-11-19 14:06:48 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM) DRV - [2009-11-19 14:06:48 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS) DRV - [2009-11-19 14:06:46 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2009-11-19 14:06:46 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM) DRV - [2009-11-19 14:06:46 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM) DRV - [2009-11-19 14:06:46 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex) DRV - [2009-11-19 14:06:46 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2009-11-16 09:06:52 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2009-11-16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-11-16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon) DRV - [2009-08-18 02:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009-07-13 23:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009-07-13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel® DRV - [2009-03-25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm) DRV - [2009-03-25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) DRV - [2009-03-25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) DRV - [2009-03-25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex) DRV - [2009-03-25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM) DRV - [2009-03-25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) DRV - [2009-03-25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2008-05-06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2007-08-03 04:36:10 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = IE - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "" FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.onet.pl" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-11-30 09:33:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-12-22 08:44:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-01-02 22:31:25 | 000,000,000 | ---D | M] [2011-04-11 20:11:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jacec\AppData\Roaming\mozilla\Extensions [2011-04-11 20:11:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jacec\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012-01-01 18:04:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions [2011-06-11 22:11:46 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-11-30 09:33:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-11-21 05:42:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010-08-14 01:32:47 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-11-21 02:31:40 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-11-21 02:31:40 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-11-21 02:31:40 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-11-21 02:31:40 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-11-21 02:31:40 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-11-21 02:31:40 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2012-01-02 22:21:31 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [Mobile Partner] C:\Program Files\Mobile Partner\Mobile Partner.exe () O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB) O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2 O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1 O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 0 = msseces.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = MSASCui.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 2 = ekrn.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 3 = egui.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 4 = avgnt.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 5 = avcenter.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 6 = avscan.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 7 = avgfrw.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 8 = avgui.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 9 = avgtray.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 10 = avgscanx.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 11 = avgcfgex.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 12 = avgemc.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 13 = avgchsvx.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 14 = avgcmgr.exe O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 15 = avgwdsvc.exe O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.1.13 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B3B45B6-0391-490C-AC97-43CC218062C1}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74A74C83-4DE6-477B-A1CD-D62C7D0FC04F}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{854D390F-C082-4532-AF8E-BAF7DEE3F948}: DhcpNameServer = 172.22.1.13 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{914CD710-D399-492E-9B0E-A0C8867069BC}: DhcpNameServer = 83.255.245.11 193.150.193.150 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2140604-F271-4019-865D-E623A344362D}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3F5FA7B-A4B8-486C-ADA8-9998579E0232}: NameServer = 80.251.201.177 80.251.201.178 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{22ae3d62-2bc9-11e0-86a6-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{22ae3d62-2bc9-11e0-86a6-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2a39ab88-a9c8-11df-ae52-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{2a39ab88-a9c8-11df-ae52-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2a39ab98-a9c8-11df-ae52-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{2a39ab98-a9c8-11df-ae52-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2ec4b55d-d61a-11e0-9c09-8d3c7fbb2f92}\Shell - "" = AutoRun O33 - MountPoints2\{2ec4b55d-d61a-11e0-9c09-8d3c7fbb2f92}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{488f11bc-a20e-11e0-a3b8-8555dca48493}\Shell - "" = AutoRun O33 - MountPoints2\{488f11bc-a20e-11e0-a3b8-8555dca48493}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{4fd2e168-45bb-11e0-8910-fc218274819a}\Shell - "" = AutoRun O33 - MountPoints2\{4fd2e168-45bb-11e0-8910-fc218274819a}\Shell\AutoRun\command - "" = I:\Startme.exe O33 - MountPoints2\{5f3371f9-f9b3-11e0-91e5-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{5f3371f9-f9b3-11e0-91e5-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{5f850b90-3b61-11e0-8d25-001dbaad9030}\Shell - "" = AutoRun O33 - MountPoints2\{5f850b90-3b61-11e0-8d25-001dbaad9030}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{6d89b563-80a4-11e0-9b4f-9e27d4cbe2a7}\Shell - "" = AutoRun O33 - MountPoints2\{6d89b563-80a4-11e0-9b4f-9e27d4cbe2a7}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{85eea45d-2b0f-11e0-bec9-001dbaad9030}\Shell - "" = AutoRun O33 - MountPoints2\{85eea45d-2b0f-11e0-bec9-001dbaad9030}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{ad0c364a-0159-11df-a922-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{ad0c364a-0159-11df-a922-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{ad0c3681-0159-11df-a922-001dbaad9030}\Shell - "" = AutoRun O33 - MountPoints2\{ad0c3681-0159-11df-a922-001dbaad9030}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c30f6daf-3305-11e0-8832-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{c30f6daf-3305-11e0-8832-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c30f6dbb-3305-11e0-8832-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{c30f6dbb-3305-11e0-8832-00214fbc7df6}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{f0bbaeeb-2ad4-11e0-8758-001dbaad9030}\Shell - "" = AutoRun O33 - MountPoints2\{f0bbaeeb-2ad4-11e0-8758-001dbaad9030}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f0bbaef9-2ad4-11e0-8758-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{f0bbaef9-2ad4-11e0-8758-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f7f761db-a965-11df-aaa9-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{f7f761db-a965-11df-aaa9-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f7f761f6-a965-11df-aaa9-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{f7f761f6-a965-11df-aaa9-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-01-02 22:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2012-01-02 22:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2012-01-02 22:20:41 | 000,000,000 | ---D | C] -- C:\_OTL [2012-01-01 21:31:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2012-01-01 21:31:52 | 000,000,000 | ---D | C] -- C:\rsit [2012-01-01 21:12:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\jacec\Desktop\OTL.exe [2012-01-01 20:47:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat [2012-01-01 20:40:54 | 000,000,000 | ---D | C] -- C:\Users\jacec\Desktop\Remove WAT 2.2.6.0 [2012-01-01 20:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-01-01 18:25:34 | 000,000,000 | ---D | C] -- C:\Users\jacec\Desktop\ESET.NOD32.Antivirus.4.0.474.0 [2011-12-27 02:33:55 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Roaming\vlc [2011-12-26 20:56:45 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Local\Apple Computer [2011-12-26 20:56:19 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Roaming\Apple Computer [2011-12-22 08:45:00 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Local\Sony Ericsson [2011-12-02 22:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2011-12-02 22:23:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011-12-02 21:31:15 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011-12-02 21:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011-03-03 19:27:34 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe5FDC.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-01-02 22:24:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-01-02 22:24:37 | 2389,995,520 | -HS- | M] () -- C:\hiberfil.sys [2012-01-02 22:24:04 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-01-02 22:24:04 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-01-02 22:21:31 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2012-01-01 21:12:42 | 000,781,383 | ---- | M] () -- C:\Users\jacec\Desktop\RSIT.exe [2012-01-01 21:12:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\jacec\Desktop\OTL.exe [2012-01-01 20:28:36 | 012,118,573 | ---- | M] () -- C:\Users\jacec\Desktop\Remove WAT 2.2.6.0.rar [2012-01-01 19:16:29 | 000,697,896 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-01-01 19:16:29 | 000,625,738 | ---- | M] () -- C:\Windows\System32\perfh01D.dat [2012-01-01 19:16:29 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-01-01 19:16:29 | 000,134,974 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-01-01 19:16:29 | 000,123,874 | ---- | M] () -- C:\Windows\System32\perfc01D.dat [2012-01-01 19:16:29 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-01-01 18:23:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2011-12-27 02:33:47 | 000,000,610 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011-12-22 08:44:53 | 000,002,176 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk [2011-12-22 08:44:01 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011-12-20 20:14:36 | 000,115,200 | ---- | M] () -- C:\Users\jacec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-12-17 19:09:40 | 000,289,576 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-12-02 21:30:14 | 001,525,928 | ---- | M] () -- C:\Users\jacec\Desktop\wrar401pl.exe [2011-11-30 09:33:05 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011-11-30 02:57:25 | 000,000,104 | ---- | M] () -- C:\Users\jacec\Documents\Playlista.m3u [2011-11-28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011-11-19 02:37:36 | 000,001,381 | ---- | M] () -- C:\Users\jacec\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011-11-19 00:28:14 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-01-01 21:12:38 | 000,781,383 | ---- | C] () -- C:\Users\jacec\Desktop\RSIT.exe [2012-01-01 20:40:46 | 012,118,573 | ---- | C] () -- C:\Users\jacec\Desktop\Remove WAT 2.2.6.0.rar [2011-12-22 08:44:53 | 000,002,176 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk [2011-12-02 21:30:08 | 001,525,928 | ---- | C] () -- C:\Users\jacec\Desktop\wrar401pl.exe [2011-11-30 09:33:05 | 000,001,074 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011-11-30 09:33:05 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011-11-30 02:57:25 | 000,000,104 | ---- | C] () -- C:\Users\jacec\Documents\Playlista.m3u [2011-11-19 02:37:36 | 000,001,387 | ---- | C] () -- C:\Users\jacec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011-11-19 00:28:14 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-09-12 10:49:13 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-09-12 10:47:22 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2010-08-22 10:16:25 | 000,033,134 | ---- | C] () -- C:\Users\jacec\AppData\Roaming\UserTile.png [2010-08-18 06:24:01 | 000,115,200 | ---- | C] () -- C:\Users\jacec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-17 19:37:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-08-17 09:06:48 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-08-14 02:24:52 | 000,697,896 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2010-08-14 02:24:52 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2010-08-14 02:24:52 | 000,134,974 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2010-08-14 02:24:52 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2010-08-14 02:03:24 | 000,625,738 | ---- | C] () -- C:\Windows\System32\perfh01D.dat [2010-08-14 02:03:24 | 000,294,764 | ---- | C] () -- C:\Windows\System32\perfi01D.dat [2010-08-14 02:03:24 | 000,123,874 | ---- | C] () -- C:\Windows\System32\perfc01D.dat [2010-08-14 02:03:24 | 000,037,052 | ---- | C] () -- C:\Windows\System32\perfd01D.dat [2010-07-26 09:13:40 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-06-23 11:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-06-23 11:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010-01-14 22:03:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009-08-16 09:08:36 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009-07-14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 05:33:53 | 000,289,576 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009-07-14 03:05:48 | 000,624,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009-07-14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009-07-14 03:05:48 | 000,106,522 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009-07-14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009-07-14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009-07-14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009-07-14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009-06-18 18:29:04 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2007-02-05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [color=#E56717]========== LOP Check ==========[/color] [2010-08-17 08:31:01 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Ashampoo [2010-08-17 09:01:24 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\OpenOffice.org [2010-10-05 08:47:53 | 000,000,000 | -HSD | M] -- C:\Users\jacec\AppData\Roaming\Smart Security [2011-03-03 19:28:39 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Sony [2011-03-03 19:17:12 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Sony Setup [2011-04-11 20:11:49 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\TomTom [2010-08-17 08:23:55 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Uniblue [2011-06-18 17:39:47 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\uTorrent [2010-08-14 01:56:18 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Win7codecs [2011-12-14 21:11:24 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010-11-20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2010-01-14 22:00:08 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2009-06-10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2012-01-02 22:24:37 | 2389,995,520 | -HS- | M] () -- C:\hiberfil.sys [2012-01-02 22:24:40 | 3186,663,424 | -HS- | M] () -- C:\pagefile.sys [2010-01-14 22:12:50 | 000,171,136 | RHS- | M] () -- C:\w7ldr [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009-07-14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [2010-11-20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010-11-20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010-11-20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [2010-11-20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010-11-20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-10-28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009-10-28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010-11-20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010-11-20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009-07-14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < End of report > [/log] [log]OTL Extras logfile created on: 2012-01-02 22:55:06 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\jacec\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2,97 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 60,00% Memory free 5,93 Gb Paging File | 4,75 Gb Available in Paging File | 80,12% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 101,47 Gb Total Space | 24,70 Gb Free Space | 24,35% Space Free | Partition Type: NTFS Drive D: | 271,14 Gb Total Space | 42,70 Gb Free Space | 15,75% Space Free | Partition Type: NTFS Computer Name: ONLYMINE | User Name: jacec | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "D:\programy\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "D:\programy\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store "{1871FE54-36AA-478F-B374-A46BA54474CC}" = ESET NOD32 Antivirus "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 21 "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime "{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{8727531E-6C58-4852-A90B-39CF45E269A9}" = OpenOffice.org 3.2 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.7 - Polish "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader "{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5 "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.13 "{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ares" = Ares 2.1.6 "CCleaner" = CCleaner "KLiteCodecPack_is1" = K-Lite Codec Pack 6.4.0 (Full) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mobile Partner" = Mobile Partner "Mozilla Firefox 8.0.1 (x86 pl)" = Mozilla Firefox 8.0.1 (x86 pl) "RocketDock_is1" = RocketDock 1.3.5 "TomTom HOME" = TomTom HOME 2.8.2.2264 "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.4 "WinRAR archiver" = WinRAR 4.01 (32-bitowy) [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-11-13 14:00:03 | Computer Name = onlymine | Source = Windows Backup | ID = 4103 Description = Error - 2011-11-14 19:51:02 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc suite\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-14 19:51:09 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-17 02:00:53 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc suite\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-17 02:01:02 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-18 22:46:37 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc suite\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-18 22:46:44 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-20 14:00:02 | Computer Name = onlymine | Source = Windows Backup | ID = 4103 Description = Error - 2011-11-21 06:40:16 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc suite\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-21 06:40:24 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. [ System Events ] Error - 2010-12-01 23:58:27 | Computer Name = onlymine | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2010-12-02 09:51:39 | Computer Name = onlymine | Source = bowser | ID = 8003 Description = Error - 2010-12-02 10:54:21 | Computer Name = onlymine | Source = DCOM | ID = 10001 Description = Error - 2010-12-02 20:08:09 | Computer Name = onlymine | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2010-12-02 20:08:09 | Computer Name = onlymine | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2010-12-02 20:24:22 | Computer Name = onlymine | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2010-12-02 20:24:22 | Computer Name = onlymine | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2010-12-03 04:52:03 | Computer Name = onlymine | Source = DCOM | ID = 10001 Description = Error - 2010-12-03 15:29:55 | Computer Name = onlymine | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2010-12-03 15:29:55 | Computer Name = onlymine | Source = atikmdag | ID = 43029 Description = Display is not active < End of report > [/log] [log]Logfile of random's system information tool 1.09 (written by random/random) Run by jacec at 2012-01-02 23:00:32 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 25 GB (24%) free of 104 GB Total RAM: 3039 MB (57% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:00:38, on 2012-01-02 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\jacec\Desktop\RSIT.exe C:\Program Files\trend micro\jacec.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ÿþ127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files\Mobile Partner\Mobile Partner.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6B3B45B6-0391-490C-AC97-43CC218062C1}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\..\{74A74C83-4DE6-477B-A1CD-D62C7D0FC04F}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\..\{C2140604-F271-4019-865D-E623A344362D}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\..\{F3F5FA7B-A4B8-486C-ADA8-9998579E0232}: NameServer = 80.251.201.177 80.251.201.178 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files\Mobile Partner\UpdateDog\ouc.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 4901 bytes =========Mozilla firefox========= ProfilePath - C:\Users\jacec\AppData\Roaming\Mozilla\Firefox\Profiles\ozbth2gs.default prefs.js - "browser.search.suggest.enabled" - false prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "www.onet.pl" "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 10.1 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0] "Description"= "Path"=c:\Program Files\Sony\Media Go\npmediago.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll nsIQTScriptablePlugin.xpt C:\Program Files\Mozilla Firefox\plugins\ npdeployJava1.dll nppdf32.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll QuickTimePlugin.class WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Program Files\Mozilla Firefox\searchplugins\ allegro-pl.xml fbc-pl.xml google.xml merlin-pl.xml pwn-pl.xml wikipedia-pl.xml wp-pl.xml C:\Users\jacec\AppData\Roaming\Mozilla\Firefox\Profiles\ozbth2gs.default\extensions\ {3112ca9c-de6d-4884-a869-9855de68056c} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-14 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888] "egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-11-16 2054360] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016] "Sony Ericsson PC Companion"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2009-12-08 774144] "Mobile Partner"=C:\Program Files\Mobile Partner\Mobile Partner.exe [2011-02-09 514048] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2011-04-22 247728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast] C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=2 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "DisallowRun"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "vidc.XVID"=xvidvfw.dll "VIDC.FFDS"=ff_vfw.dll "msacm.ac3filter"=ac3filter.acm "msacm.avis"=ff_acm.acm "VIDC.YV12"=yv12vfw.dll "msacm.ac3acm"=ac3acm.acm "msacm.lameacm"=lameACM.acm ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-01-02 22:31:25 ----D---- C:\ProgramData\ESET 2012-01-02 22:20:41 ----D---- C:\_OTL 2012-01-01 21:31:52 ----D---- C:\rsit 2012-01-01 21:31:52 ----D---- C:\Program Files\trend micro 2012-01-01 20:47:35 ----D---- C:\Windows\system32\Wat 2012-01-01 20:24:00 ----D---- C:\Program Files\ESET 2012-01-01 19:13:17 ----A---- C:\Windows\system32\FntCache.dll 2012-01-01 19:13:17 ----A---- C:\Windows\system32\DWrite.dll 2012-01-01 19:13:17 ----A---- C:\Windows\system32\d2d1.dll 2012-01-01 19:13:16 ----A---- C:\Windows\system32\prevhost.exe 2011-12-27 02:33:55 ----D---- C:\Users\jacec\AppData\Roaming\vlc 2011-12-26 20:56:19 ----D---- C:\Users\jacec\AppData\Roaming\Apple Computer 2011-12-17 18:59:06 ----A---- C:\Windows\system32\mshtmled.dll 2011-12-17 18:59:06 ----A---- C:\Windows\system32\iertutil.dll 2011-12-17 18:59:05 ----A---- C:\Windows\system32\jscript9.dll 2011-12-17 18:59:05 ----A---- C:\Windows\system32\jscript.dll 2011-12-17 18:59:04 ----A---- C:\Windows\system32\wininet.dll 2011-12-17 18:59:04 ----A---- C:\Windows\system32\jsproxy.dll 2011-12-17 18:59:03 ----A---- C:\Windows\system32\url.dll 2011-12-17 18:59:03 ----A---- C:\Windows\system32\ieui.dll 2011-12-17 18:59:02 ----A---- C:\Windows\system32\urlmon.dll 2011-12-17 18:59:01 ----A---- C:\Windows\system32\mshtml.dll 2011-12-17 18:59:00 ----A---- C:\Windows\system32\ieframe.dll 2011-12-17 18:57:46 ----A---- C:\Windows\system32\tzres.dll 2011-12-17 18:57:40 ----A---- C:\Windows\system32\csrsrv.dll 2011-12-17 18:57:38 ----A---- C:\Windows\system32\win32k.sys 2011-12-17 18:57:37 ----A---- C:\Windows\system32\EncDec.dll 2011-12-17 18:56:43 ----A---- C:\Windows\system32\ntoskrnl.exe 2011-12-17 18:56:43 ----A---- C:\Windows\system32\ntkrnlpa.exe ======List of files/folders modified in the last 1 month====== 2012-01-02 23:00:34 ----D---- C:\Windows\Temp 2012-01-02 22:52:36 ----D---- C:\Windows\system32\config 2012-01-02 22:42:23 ----SHD---- C:\Windows\Installer 2012-01-02 22:42:18 ----D---- C:\Windows\Prefetch 2012-01-02 22:41:54 ----D---- C:\Program Files\Microsoft Silverlight 2012-01-02 22:41:40 ----D---- C:\Windows\winsxs 2012-01-02 22:40:44 ----SHD---- C:\System Volume Information 2012-01-02 22:31:45 ----D---- C:\Windows\system32\drivers 2012-01-02 22:31:25 ----HD---- C:\ProgramData 2012-01-02 22:21:31 ----D---- C:\Windows\system32\drivers\etc 2012-01-01 22:44:14 ----D---- C:\Windows\rescache 2012-01-01 21:31:52 ----D---- C:\Program Files 2012-01-01 20:47:54 ----D---- C:\Windows\System32 2012-01-01 20:47:54 ----A---- C:\Windows\system32\user32.dll 2012-01-01 20:47:54 ----A---- C:\Windows\system32\systemcpl.dll 2012-01-01 20:47:54 ----A---- C:\Windows\system32\slwga.dll 2012-01-01 20:47:50 ----D---- C:\Windows 2012-01-01 20:47:33 ----D---- C:\Windows\system32\catroot 2012-01-01 20:47:22 ----D---- C:\Windows\system32\catroot2 2012-01-01 20:46:40 ----D---- C:\Windows\SoftwareDistribution 2012-01-01 20:35:30 ----D---- C:\Windows\Microsoft.NET 2012-01-01 20:35:11 ----RSD---- C:\Windows\assembly 2012-01-01 19:33:05 ----D---- C:\Windows\AppPatch 2012-01-01 19:16:29 ----D---- C:\Windows\inf 2012-01-01 19:16:29 ----A---- C:\Windows\system32\PerfStringBackup.INI 2012-01-01 18:23:31 ----D---- C:\Program Files\AVAST Software 2012-01-01 18:23:23 ----A---- C:\Windows\ntbtlog.txt 2012-01-01 18:03:48 ----D---- C:\Windows\system32\Tasks 2011-12-31 04:27:32 ----D---- C:\Windows\system32\NDF 2011-12-22 08:44:41 ----HD---- C:\Program Files\InstallShield Installation Information 2011-12-22 08:44:41 ----D---- C:\Program Files\Sony Ericsson 2011-12-17 19:07:42 ----D---- C:\Windows\system32\sv-SE 2011-12-17 19:07:42 ----D---- C:\Windows\system32\pl-PL 2011-12-17 19:07:42 ----D---- C:\Windows\system32\migration 2011-12-17 19:07:42 ----D---- C:\Windows\system32\en-US 2011-12-17 19:07:42 ----D---- C:\Program Files\Internet Explorer 2011-12-17 18:59:34 ----A---- C:\Windows\system32\MRT.exe 2011-12-16 19:54:44 ----D---- C:\Users\jacec\AppData\Roaming\Skype 2011-12-16 16:07:15 ----D---- C:\Users\jacec\AppData\Roaming\skypePM 2011-12-06 17:29:34 ----D---- C:\Users\jacec\AppData\Roaming\Media Player Classic ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792] R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520] R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-11-16 95896] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560] R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816] R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696] R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416] R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-02-09 72832] R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536] R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992] R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-03 9344] R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2011-02-09 102784] S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-02-09 11136] S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2011-02-09 208896] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2011-02-09 106880] S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872] S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824] S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016] S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728] S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208] S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024] S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744] S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864] S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2009-11-19 98672] S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2009-11-19 14960] S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2009-11-19 124016] S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2009-11-19 117872] S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2009-11-19 25456] S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2009-11-19 113904] S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2009-11-19 123504] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 DCService.exe;DCService.exe; C:\ProgramData\DatacardService\DCService.exe [2010-09-29 249856] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960] R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [2011-02-09 203776] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-11-16 20680] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-01 1343400] -----------------EOF----------------- [/log]
Natsuki Kuga komentarz 3 stycznia 2012 komentarz 3 stycznia 2012 Do OTL wklej: [code] :Commands [clearallrestorepoints] [createrestorepoint] [Reboot] [/code] [b]Wykonaj skrypt.[/b] Uruchom OTL ponownie i kliknij [b]Sprzątanie.[/b] Wykonaj pełny skan [url="http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html"][b]MBAMem.[/b][/url] Pokaż raport. 1
swiatek94 komentarz 14 stycznia 2012 Autor komentarz 14 stycznia 2012 (edytowane) Witam, przepraszam, że się nie odzywałem, proszę tutaj log z MBAM [log]Malwarebytes Anti-Malware 1.60.0.1800 www.malwarebytes.org Wersja bazy: v2012.01.14.02 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 jacec :: ONLYMINE [administrator] 2012-01-14 15:31:48 mbam-log-2012-01-14 (15-31-48).txt Typ skanowania: Pełne skanowanie Zaznaczone opcje skanowania: Pamięć | Rozruch | Rejestr | System plików | Heurystyka/Dodatkowe | Heuristyka/Shuriken | PUP | PUM Odznaczone opcje skanowania: P2P Przeskanowano obiektów: 297349 Upłynęło: 1 godzin(y), 21 minut(y), 39 sekund(y) Wykrytych procesów w pamięci: 0 (Nie znaleziono zagrożeń) Wykrytych modułów w pamięci: 0 (Nie znaleziono zagrożeń) Wykrytych kluczy rejestru: 4 HKCU\SOFTWARE\JCFSE7V7Z1 (Trojan.FakeAlert) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\SMH2B46TDP (Trojan.FakeAlert) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\XML (Trojan.FakeAlert) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. Wykrytych wartości rejestru: 16 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|0 (Security.Hijack) -> Data: msseces.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|1 (Security.Hijack) -> Data: MSASCui.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|2 (Security.Hijack) -> Data: ekrn.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|3 (Security.Hijack) -> Data: egui.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|4 (Security.Hijack) -> Data: avgnt.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|5 (Security.Hijack) -> Data: avcenter.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|6 (Security.Hijack) -> Data: avscan.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|7 (Security.Hijack) -> Data: avgfrw.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|8 (Security.Hijack) -> Data: avgui.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|9 (Security.Hijack) -> Data: avgtray.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|10 (Security.Hijack) -> Data: avgscanx.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|11 (Security.Hijack) -> Data: avgcfgex.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|12 (Security.Hijack) -> Data: avgemc.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|13 (Security.Hijack) -> Data: avgchsvx.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|14 (Security.Hijack) -> Data: avgcmgr.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|15 (Security.Hijack) -> Data: avgwdsvc.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. Wykryte wpisy rejestru systemowego: 1 HKCR\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|URL (Hijack.SearchPage) -> Złe: ([url="http://findgala.com/?&uid=231&q=%7BsearchTerms%7D"]http://findgala.com/...q={searchTerms}[/url]) Dobre: ([url="http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&startIndex=%7BstartIndex?%7D&startPage=%7BstartPage%7D"]http://www.google.co...age={startPage}[/url]) -> Dodanie do kwarantanny i naprawa pliku zakończyły się powodzeniem. wykrytych folderów: 1 C:\Users\jacec\AppData\Roaming\Smart Security (Rogue.SmartSecurity) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. Wykrytych plików: 11 C:\Users\jacec\Desktop\Remove WAT 2.2.6.0\Aktywator do Windows 7 Remove WAT\Remove WAT 2.0.0.0.exe (HackTool.Wpakill) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. C:\Users\jacec\Desktop\Remove WAT 2.2.6.0\Aktywator do Windows 7 Remove WAT\Remove WAT 2.2.5.2.exe (HackTool.Wpakill) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. C:\Users\jacec\Desktop\Remove WAT 2.2.6.0\Aktywator do Windows 7 Remove WAT\RemoveWAT 2.2.6.0.exe (HackTool.Wpakill) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. C:\Users\jacec\Desktop\Remove WAT 2.2.6.0\Aktywator do Windows 7 Remove WAT\RemoveWAT_2.2.5.exe (HackTool.Wpakill) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. D:\My Recovery\Windows.7.Activator.RemoveWAT.v2.2.5.2-xPC\RemoveWAT.exe (HackTool.Wpakill) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. C:\Users\jacec\Desktop\Smart Security.lnk (Rogue.SmartSecurity) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. C:\Users\jacec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Security.lnk (Rogue.SmartSecurity) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. C:\Users\jacec\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Security.lnk (Rogue.SmartSecurity) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. C:\Users\jacec\AppData\Roaming\Microsoft\Windows\Start Menu\Smart Security.lnk (Rogue.SmartSecurity) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. C:\Users\jacec\AppData\Roaming\Smart Security\cookies.sqlite (Rogue.SmartSecurity) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. C:\Users\jacec\AppData\Roaming\Smart Security\Instructions.ini (Rogue.SmartSecurity) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem. (zakończone) [/log]
Natsuki Kuga komentarz 15 stycznia 2012 komentarz 15 stycznia 2012 Wykonaj nowy log z OTL i go zaprezentuj. 1
swiatek94 komentarz 15 stycznia 2012 Autor komentarz 15 stycznia 2012 [log]OTL logfile created on: 2012-01-15 22:27:04 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\jacec\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2,97 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 66,22% Memory free 5,93 Gb Paging File | 4,88 Gb Available in Paging File | 82,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 101,47 Gb Total Space | 22,68 Gb Free Space | 22,35% Space Free | Partition Type: NTFS Drive D: | 271,14 Gb Total Space | 36,19 Gb Free Space | 13,35% Space Free | Partition Type: NTFS Computer Name: ONLYMINE | User Name: jacec | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-01-15 22:25:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\jacec\Desktop\OTL.exe PRC - [2011-11-21 05:42:37 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-11-21 05:42:37 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011-05-04 05:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2011-04-22 13:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2011-04-22 13:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2011-03-30 05:59:06 | 000,937,920 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011-02-09 17:26:34 | 000,203,776 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe PRC - [2010-11-20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2010-11-20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2010-11-20 13:17:48 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe PRC - [2010-11-20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-20 13:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-11-20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2010-11-20 13:17:30 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe PRC - [2010-11-20 13:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2010-11-20 13:16:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010-09-29 02:33:40 | 000,249,856 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe PRC - [2010-09-29 02:33:34 | 000,228,352 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2009-12-08 14:51:52 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2009-08-18 01:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009-08-18 01:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009-07-14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 02:14:43 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2009-04-30 11:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe PRC - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-01-15 22:25:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\jacec\Desktop\OTL.exe MOD - [2012-01-01 20:47:54 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2011-11-21 05:42:37 | 015,793,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll MOD - [2011-11-21 05:42:37 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011-11-21 05:42:37 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe MOD - [2011-11-21 05:42:37 | 000,801,752 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll MOD - [2011-11-21 05:42:37 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcrt19.dll MOD - [2011-11-21 05:42:37 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcpp19.dll MOD - [2011-11-21 05:42:37 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll MOD - [2011-11-21 05:42:37 | 000,371,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll MOD - [2011-11-21 05:42:37 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll MOD - [2011-11-21 05:42:37 | 000,183,256 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll MOD - [2011-11-21 05:42:37 | 000,166,872 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll MOD - [2011-11-21 05:42:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll MOD - [2011-11-21 05:42:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll MOD - [2011-11-21 05:42:37 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll MOD - [2011-11-21 05:42:37 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll MOD - [2011-11-21 05:42:37 | 000,089,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll MOD - [2011-11-21 05:42:37 | 000,021,464 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll MOD - [2011-11-21 05:42:37 | 000,020,440 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll MOD - [2011-11-21 05:42:37 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll MOD - [2011-11-21 05:42:37 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe MOD - [2011-11-21 05:42:37 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll MOD - [2011-11-19 00:28:14 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll MOD - [2011-11-19 00:28:14 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll MOD - [2011-11-19 00:28:14 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll MOD - [2011-11-19 00:28:14 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll MOD - [2011-11-19 00:28:14 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll MOD - [2011-11-17 06:38:39 | 001,288,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2011-11-04 00:02:45 | 012,279,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll MOD - [2011-11-03 23:47:42 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll MOD - [2011-11-03 23:46:47 | 009,705,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2011-11-03 23:40:43 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2011-11-03 23:39:47 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll MOD - [2011-11-03 23:32:17 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2011-07-16 05:27:30 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2011-07-16 05:27:30 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2011-06-16 05:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2011-06-15 17:02:29 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll MOD - [2011-06-15 17:02:27 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll MOD - [2011-06-15 17:02:24 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2011-06-15 17:02:24 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011-04-22 13:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe MOD - [2011-03-30 05:59:06 | 000,937,920 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll MOD - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe MOD - [2011-02-19 07:30:51 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll MOD - [2011-02-19 07:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll MOD - [2011-01-17 06:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll MOD - [2010-11-20 13:21:39 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll MOD - [2010-11-20 13:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll MOD - [2010-11-20 13:21:39 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshbth.dll MOD - [2010-11-20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2010-11-20 13:21:38 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll MOD - [2010-11-20 13:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2010-11-20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll MOD - [2010-11-20 13:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2010-11-20 13:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2010-11-20 13:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll MOD - [2010-11-20 13:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll MOD - [2010-11-20 13:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll MOD - [2010-11-20 13:21:35 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll MOD - [2010-11-20 13:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll MOD - [2010-11-20 13:21:35 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webio.dll MOD - [2010-11-20 13:21:35 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll MOD - [2010-11-20 13:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2010-11-20 13:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-11-20 13:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2010-11-20 13:21:30 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll MOD - [2010-11-20 13:21:28 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll MOD - [2010-11-20 13:21:27 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll MOD - [2010-11-20 13:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll MOD - [2010-11-20 13:21:27 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll MOD - [2010-11-20 13:21:27 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll MOD - [2010-11-20 13:21:26 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll MOD - [2010-11-20 13:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2010-11-20 13:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll MOD - [2010-11-20 13:21:25 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll MOD - [2010-11-20 13:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2010-11-20 13:21:23 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll MOD - [2010-11-20 13:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-11-20 13:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-11-20 13:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-11-20 13:21:15 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll MOD - [2010-11-20 13:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2010-11-20 13:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2010-11-20 13:21:06 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFolder.dll MOD - [2010-11-20 13:21:04 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll MOD - [2010-11-20 13:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2010-11-20 13:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2010-11-20 13:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll MOD - [2010-11-20 13:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll MOD - [2010-11-20 13:21:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL MOD - [2010-11-20 13:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2010-11-20 13:20:57 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL MOD - [2010-11-20 13:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll MOD - [2010-11-20 13:20:56 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll MOD - [2010-11-20 13:20:55 | 001,750,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll MOD - [2010-11-20 13:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll MOD - [2010-11-20 13:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-11-20 13:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2010-11-20 13:20:46 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll MOD - [2010-11-20 13:20:46 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll MOD - [2010-11-20 13:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll MOD - [2010-11-20 13:20:29 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll MOD - [2010-11-20 13:20:29 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll MOD - [2010-11-20 13:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2010-11-20 13:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll MOD - [2010-11-20 13:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll MOD - [2010-11-20 13:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll MOD - [2010-11-20 13:19:55 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll MOD - [2010-11-20 13:19:54 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll MOD - [2010-11-20 13:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll MOD - [2010-11-20 13:19:47 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll MOD - [2010-11-20 13:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll MOD - [2010-11-20 13:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll MOD - [2010-11-20 13:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll MOD - [2010-11-20 13:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL MOD - [2010-11-20 13:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2010-11-20 13:19:21 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll MOD - [2010-11-20 13:19:21 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll MOD - [2010-11-20 13:19:10 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll MOD - [2010-11-20 13:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll MOD - [2010-11-20 13:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2010-11-20 13:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL MOD - [2010-11-20 13:19:03 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll MOD - [2010-11-20 13:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll MOD - [2010-11-20 13:18:38 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll MOD - [2010-11-20 13:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll MOD - [2010-11-20 13:18:36 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll MOD - [2010-11-20 13:18:35 | 001,371,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll MOD - [2010-11-20 13:18:35 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll MOD - [2010-11-20 13:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll MOD - [2010-11-20 13:18:26 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll MOD - [2010-11-20 13:18:25 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll MOD - [2010-11-20 13:18:25 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll MOD - [2010-11-20 13:18:25 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll MOD - [2010-11-20 13:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll MOD - [2010-11-20 13:18:25 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll MOD - [2010-11-20 13:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2010-11-20 13:18:25 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll MOD - [2010-11-20 13:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll MOD - [2010-11-20 13:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll MOD - [2010-11-20 13:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-20 13:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2010-11-20 13:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2010-11-20 13:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll MOD - [2010-11-20 13:18:06 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll MOD - [2010-11-20 13:18:05 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll MOD - [2010-11-20 13:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll MOD - [2010-11-20 13:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2010-11-20 13:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2010-11-20 13:18:01 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll MOD - [2010-11-20 13:18:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2010-11-20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe MOD - [2010-11-20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe MOD - [2010-11-20 13:16:50 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl MOD - [2010-11-20 13:16:50 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl MOD - [2010-11-20 13:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2010-11-20 13:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv MOD - [2010-11-20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-20 12:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll MOD - [2010-09-29 02:33:34 | 000,228,352 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe MOD - [2010-08-17 13:36:04 | 005,969,360 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2009-12-08 14:51:52 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe MOD - [2009-12-04 12:52:14 | 000,327,680 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\ModemWiz.dll MOD - [2009-11-24 16:31:32 | 000,549,888 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\NewUI.dll MOD - [2009-11-16 09:20:20 | 000,291,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll MOD - [2009-11-16 09:16:42 | 000,097,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll MOD - [2009-11-16 09:08:48 | 000,307,480 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll MOD - [2009-11-16 09:06:32 | 000,904,880 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll MOD - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe MOD - [2009-11-16 09:02:04 | 000,109,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll MOD - [2009-11-16 09:00:14 | 000,101,480 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll MOD - [2009-11-16 08:57:16 | 000,142,680 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll MOD - [2009-08-18 01:31:32 | 002,469,888 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll MOD - [2009-07-14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcryptprimitives.dll MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009-07-14 02:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll MOD - [2009-07-14 02:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll MOD - [2009-07-14 02:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll MOD - [2009-07-14 02:16:20 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL MOD - [2009-07-14 02:16:19 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\wlsrvc.dll MOD - [2009-07-14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll MOD - [2009-07-14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll MOD - [2009-07-14 02:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll MOD - [2009-07-14 02:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-07-14 02:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 02:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 02:16:16 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll MOD - [2009-07-14 02:16:15 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapi32.dll MOD - [2009-07-14 02:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll MOD - [2009-07-14 02:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll MOD - [2009-07-14 02:16:13 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensorsApi.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll MOD - [2009-07-14 02:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll MOD - [2009-07-14 02:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PeerDist.dll MOD - [2009-07-14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll MOD - [2009-07-14 02:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll MOD - [2009-07-14 02:16:03 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll MOD - [2009-07-14 02:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 02:15:50 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll MOD - [2009-07-14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll MOD - [2009-07-14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll MOD - [2009-07-14 02:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 02:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-07-14 02:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpOAV.dll MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll MOD - [2009-07-14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\LocationApi.dll MOD - [2009-07-14 02:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll MOD - [2009-07-14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll MOD - [2009-07-14 02:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll MOD - [2009-07-14 02:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll MOD - [2009-07-14 02:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll MOD - [2009-07-14 02:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll MOD - [2009-07-14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll MOD - [2009-07-14 02:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll MOD - [2009-07-14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll MOD - [2009-07-14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-07-14 02:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 02:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsrole.dll MOD - [2009-07-14 02:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drprov.dll MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll MOD - [2009-07-14 02:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll MOD - [2009-07-14 02:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll MOD - [2009-07-14 02:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll MOD - [2009-07-14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll MOD - [2009-07-14 02:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddrawex.dll MOD - [2009-07-14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll MOD - [2009-07-14 02:15:08 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll MOD - [2009-07-14 02:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davhlpr.dll MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll MOD - [2009-07-14 02:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 02:14:59 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll MOD - [2009-07-14 02:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 02:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll MOD - [2009-07-14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 02:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm MOD - [2009-07-14 02:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll MOD - [2009-07-14 02:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll MOD - [2009-06-24 09:32:20 | 000,262,144 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\bvrpctln.dll MOD - [2009-06-17 12:09:12 | 000,356,352 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\RasCnxMngr.dll MOD - [2009-06-17 09:28:04 | 000,317,440 | ---- | M] (BVRP Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\MExplorer.dll MOD - [2009-05-15 16:14:34 | 000,114,688 | ---- | M] (BVRP Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\WUNPACLN.dll MOD - [2009-04-02 14:57:42 | 000,278,528 | ---- | M] (BVRP Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\WFP1N.dll MOD - [2009-02-05 13:25:38 | 000,049,152 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\bvrpnac.dll MOD - [2008-12-05 15:05:56 | 000,073,728 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\Comm.dll MOD - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe MOD - [2007-09-02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll MOD - [2007-02-07 14:31:36 | 000,036,864 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\ModExch.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-01-01 20:47:34 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011-04-22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2011-02-09 17:26:34 | 000,203,776 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc) SRV - [2010-09-29 02:33:40 | 000,249,856 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe) SRV - [2009-11-16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2009-08-18 01:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-04-30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-09 17:26:36 | 000,208,896 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2011-02-09 17:26:36 | 000,106,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2011-02-09 17:26:36 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2011-02-09 17:26:36 | 000,072,832 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2011-02-09 17:26:36 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV - [2010-11-20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-11-19 14:06:48 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM) DRV - [2009-11-19 14:06:48 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS) DRV - [2009-11-19 14:06:46 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2009-11-19 14:06:46 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM) DRV - [2009-11-19 14:06:46 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM) DRV - [2009-11-19 14:06:46 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex) DRV - [2009-11-19 14:06:46 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2009-11-16 09:06:52 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2009-11-16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-11-16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon) DRV - [2009-08-18 02:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009-07-13 23:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009-07-13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R) DRV - [2009-03-25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm) DRV - [2009-03-25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) DRV - [2009-03-25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) DRV - [2009-03-25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex) DRV - [2009-03-25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM) DRV - [2009-03-25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) DRV - [2009-03-25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2008-05-06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2007-08-03 04:36:10 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = IE - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "" FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.onet.pl" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-11-30 09:33:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-12-22 08:44:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-01-02 22:31:25 | 000,000,000 | ---D | M] [2011-04-11 20:11:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jacec\AppData\Roaming\mozilla\Extensions [2011-04-11 20:11:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jacec\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012-01-01 18:04:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions [2011-06-11 22:11:46 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\jacec\AppData\Roaming\mozilla\Firefox\Profiles\ozbth2gs.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-11-30 09:33:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-11-21 05:42:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010-08-14 01:32:47 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-11-21 02:31:40 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-11-21 02:31:40 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-11-21 02:31:40 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-11-21 02:31:40 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-11-21 02:31:40 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-11-21 02:31:40 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2012-01-02 22:21:31 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [Mobile Partner] C:\Program Files\Mobile Partner\Mobile Partner.exe () O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB) O4 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2 O7 - HKU\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1 O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.1.13 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B3B45B6-0391-490C-AC97-43CC218062C1}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74A74C83-4DE6-477B-A1CD-D62C7D0FC04F}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{854D390F-C082-4532-AF8E-BAF7DEE3F948}: DhcpNameServer = 172.22.1.13 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{914CD710-D399-492E-9B0E-A0C8867069BC}: DhcpNameServer = 83.255.245.11 193.150.193.150 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2140604-F271-4019-865D-E623A344362D}: NameServer = 80.251.201.177 80.251.201.178 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3F5FA7B-A4B8-486C-ADA8-9998579E0232}: NameServer = 80.251.201.177 80.251.201.178 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{22ae3d62-2bc9-11e0-86a6-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{22ae3d62-2bc9-11e0-86a6-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2a39ab88-a9c8-11df-ae52-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{2a39ab88-a9c8-11df-ae52-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2a39ab98-a9c8-11df-ae52-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{2a39ab98-a9c8-11df-ae52-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2ec4b55d-d61a-11e0-9c09-8d3c7fbb2f92}\Shell - "" = AutoRun O33 - MountPoints2\{2ec4b55d-d61a-11e0-9c09-8d3c7fbb2f92}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{488f11bc-a20e-11e0-a3b8-8555dca48493}\Shell - "" = AutoRun O33 - MountPoints2\{488f11bc-a20e-11e0-a3b8-8555dca48493}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{4fd2e168-45bb-11e0-8910-fc218274819a}\Shell - "" = AutoRun O33 - MountPoints2\{4fd2e168-45bb-11e0-8910-fc218274819a}\Shell\AutoRun\command - "" = I:\Startme.exe O33 - MountPoints2\{5f3371f9-f9b3-11e0-91e5-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{5f3371f9-f9b3-11e0-91e5-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{5f850b90-3b61-11e0-8d25-001dbaad9030}\Shell - "" = AutoRun O33 - MountPoints2\{5f850b90-3b61-11e0-8d25-001dbaad9030}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{6d89b563-80a4-11e0-9b4f-9e27d4cbe2a7}\Shell - "" = AutoRun O33 - MountPoints2\{6d89b563-80a4-11e0-9b4f-9e27d4cbe2a7}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{85eea45d-2b0f-11e0-bec9-001dbaad9030}\Shell - "" = AutoRun O33 - MountPoints2\{85eea45d-2b0f-11e0-bec9-001dbaad9030}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{ad0c364a-0159-11df-a922-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{ad0c364a-0159-11df-a922-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{ad0c3681-0159-11df-a922-001dbaad9030}\Shell - "" = AutoRun O33 - MountPoints2\{ad0c3681-0159-11df-a922-001dbaad9030}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c30f6daf-3305-11e0-8832-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{c30f6daf-3305-11e0-8832-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c30f6dbb-3305-11e0-8832-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{c30f6dbb-3305-11e0-8832-00214fbc7df6}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{f0bbaeeb-2ad4-11e0-8758-001dbaad9030}\Shell - "" = AutoRun O33 - MountPoints2\{f0bbaeeb-2ad4-11e0-8758-001dbaad9030}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f0bbaef9-2ad4-11e0-8758-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{f0bbaef9-2ad4-11e0-8758-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f7f761db-a965-11df-aaa9-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{f7f761db-a965-11df-aaa9-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f7f761f6-a965-11df-aaa9-00214fbc7df6}\Shell - "" = AutoRun O33 - MountPoints2\{f7f761f6-a965-11df-aaa9-00214fbc7df6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]avast[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-01-15 22:24:47 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\jacec\Desktop\OTL.exe [2012-01-14 15:30:30 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Roaming\Malwarebytes [2012-01-14 15:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-01-14 15:30:20 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012-01-14 15:30:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-01-14 15:30:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-01-14 15:24:00 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\jacec\Desktop\mbam-setup-1.60.0.1800.exe [2012-01-02 22:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2012-01-02 22:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2012-01-01 21:31:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2012-01-01 20:47:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat [2012-01-01 20:40:54 | 000,000,000 | ---D | C] -- C:\Users\jacec\Desktop\Remove WAT 2.2.6.0 [2012-01-01 20:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-01-01 18:25:34 | 000,000,000 | ---D | C] -- C:\Users\jacec\Desktop\ESET.NOD32.Antivirus.4.0.474.0 [2011-12-27 02:33:55 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Roaming\vlc [2011-12-26 20:56:45 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Local\Apple Computer [2011-12-26 20:56:19 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Roaming\Apple Computer [2011-12-22 08:45:00 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Local\Sony Ericsson [2011-12-02 22:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2011-12-02 22:23:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011-12-02 21:31:15 | 000,000,000 | ---D | C] -- C:\Users\jacec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011-12-02 21:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011-03-03 19:27:34 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe5FDC.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-01-15 22:25:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\jacec\Desktop\OTL.exe [2012-01-15 22:21:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-01-15 22:21:37 | 2389,995,520 | -HS- | M] () -- C:\hiberfil.sys [2012-01-14 22:05:33 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-01-14 22:05:33 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-01-14 15:30:21 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-01-14 15:28:57 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\jacec\Desktop\mbam-setup-1.60.0.1800.exe [2012-01-02 22:21:31 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2012-01-01 20:28:36 | 012,118,573 | ---- | M] () -- C:\Users\jacec\Desktop\Remove WAT 2.2.6.0.rar [2012-01-01 19:16:29 | 000,697,896 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-01-01 19:16:29 | 000,625,738 | ---- | M] () -- C:\Windows\System32\perfh01D.dat [2012-01-01 19:16:29 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-01-01 19:16:29 | 000,134,974 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-01-01 19:16:29 | 000,123,874 | ---- | M] () -- C:\Windows\System32\perfc01D.dat [2012-01-01 19:16:29 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-01-01 18:23:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2011-12-27 02:33:47 | 000,000,610 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011-12-22 08:44:53 | 000,002,176 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk [2011-12-22 08:44:01 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011-12-20 20:14:36 | 000,115,200 | ---- | M] () -- C:\Users\jacec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-12-17 19:09:40 | 000,289,576 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-12-10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011-12-02 21:30:14 | 001,525,928 | ---- | M] () -- C:\Users\jacec\Desktop\wrar401pl.exe [2011-11-30 09:33:05 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011-11-30 02:57:25 | 000,000,104 | ---- | M] () -- C:\Users\jacec\Documents\Playlista.m3u [2011-11-28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011-11-19 02:37:36 | 000,001,381 | ---- | M] () -- C:\Users\jacec\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011-11-19 00:28:14 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-01-14 15:30:21 | 000,001,033 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-01-01 20:40:46 | 012,118,573 | ---- | C] () -- C:\Users\jacec\Desktop\Remove WAT 2.2.6.0.rar [2011-12-22 08:44:53 | 000,002,176 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk [2011-12-02 21:30:08 | 001,525,928 | ---- | C] () -- C:\Users\jacec\Desktop\wrar401pl.exe [2011-11-30 09:33:05 | 000,001,074 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011-11-30 09:33:05 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011-11-30 02:57:25 | 000,000,104 | ---- | C] () -- C:\Users\jacec\Documents\Playlista.m3u [2011-11-19 02:37:36 | 000,001,387 | ---- | C] () -- C:\Users\jacec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011-11-19 00:28:14 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-09-12 10:49:13 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-09-12 10:47:22 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2010-08-22 10:16:25 | 000,033,134 | ---- | C] () -- C:\Users\jacec\AppData\Roaming\UserTile.png [2010-08-18 06:24:01 | 000,115,200 | ---- | C] () -- C:\Users\jacec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-17 19:37:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-08-17 09:06:48 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-08-14 02:24:52 | 000,697,896 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2010-08-14 02:24:52 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2010-08-14 02:24:52 | 000,134,974 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2010-08-14 02:24:52 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2010-08-14 02:03:24 | 000,625,738 | ---- | C] () -- C:\Windows\System32\perfh01D.dat [2010-08-14 02:03:24 | 000,294,764 | ---- | C] () -- C:\Windows\System32\perfi01D.dat [2010-08-14 02:03:24 | 000,123,874 | ---- | C] () -- C:\Windows\System32\perfc01D.dat [2010-08-14 02:03:24 | 000,037,052 | ---- | C] () -- C:\Windows\System32\perfd01D.dat [2010-07-26 09:13:40 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-06-23 11:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-06-23 11:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010-01-14 22:03:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009-08-16 09:08:36 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009-07-14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 05:33:53 | 000,289,576 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009-07-14 03:05:48 | 000,624,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009-07-14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009-07-14 03:05:48 | 000,106,522 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009-07-14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009-07-14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009-07-14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009-07-14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009-06-18 18:29:04 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2007-02-05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [color=#E56717]========== LOP Check ==========[/color] [2010-08-17 08:31:01 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Ashampoo [2010-08-17 09:01:24 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\OpenOffice.org [2011-03-03 19:28:39 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Sony [2011-03-03 19:17:12 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Sony Setup [2011-04-11 20:11:49 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\TomTom [2010-08-17 08:23:55 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Uniblue [2011-06-18 17:39:47 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\uTorrent [2010-08-14 01:56:18 | 000,000,000 | ---D | M] -- C:\Users\jacec\AppData\Roaming\Win7codecs [2011-12-14 21:11:24 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010-11-20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2010-01-14 22:00:08 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2009-06-10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2012-01-15 22:21:37 | 2389,995,520 | -HS- | M] () -- C:\hiberfil.sys [2012-01-15 22:21:40 | 3186,663,424 | -HS- | M] () -- C:\pagefile.sys [2010-01-14 22:12:50 | 000,171,136 | RHS- | M] () -- C:\w7ldr [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009-07-14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [2010-11-20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010-11-20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010-11-20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [2010-11-20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010-11-20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-10-28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009-10-28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010-11-20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010-11-20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009-07-14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [2011-12-24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < End of report > [/log][log]OTL Extras logfile created on: 2012-01-15 22:27:04 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\jacec\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2,97 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 66,22% Memory free 5,93 Gb Paging File | 4,88 Gb Available in Paging File | 82,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 101,47 Gb Total Space | 22,68 Gb Free Space | 22,35% Space Free | Partition Type: NTFS Drive D: | 271,14 Gb Total Space | 36,19 Gb Free Space | 13,35% Space Free | Partition Type: NTFS Computer Name: ONLYMINE | User Name: jacec | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-666643132-1411173658-3390636905-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "D:\programy\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "D:\programy\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store "{1871FE54-36AA-478F-B374-A46BA54474CC}" = ESET NOD32 Antivirus "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21 "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime "{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{8727531E-6C58-4852-A90B-39CF45E269A9}" = OpenOffice.org 3.2 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.7 - Polish "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader "{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5 "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.13 "{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ares" = Ares 2.1.6 "CCleaner" = CCleaner "KLiteCodecPack_is1" = K-Lite Codec Pack 6.4.0 (Full) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.0.1800 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mobile Partner" = Mobile Partner "Mozilla Firefox 8.0.1 (x86 pl)" = Mozilla Firefox 8.0.1 (x86 pl) "RocketDock_is1" = RocketDock 1.3.5 "TomTom HOME" = TomTom HOME 2.8.2.2264 "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.4 "WinRAR archiver" = WinRAR 4.01 (32-bitowy) [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-11-13 14:00:03 | Computer Name = onlymine | Source = Windows Backup | ID = 4103 Description = Error - 2011-11-14 19:51:02 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc suite\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-14 19:51:09 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-17 02:00:53 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc suite\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-17 02:01:02 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-18 22:46:37 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc suite\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-18 22:46:44 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-20 14:00:02 | Computer Name = onlymine | Source = Windows Backup | ID = 4103 Description = Error - 2011-11-21 06:40:16 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc suite\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. Error - 2011-11-21 06:40:24 | Computer Name = onlymine | Source = SideBySide | ID = 16842785 Description = Nie mozna wygenerowac kontekstu aktywacji dla "c:\program files\sony ericsson\sony ericsson pc companion\Drivers\DPInst64.exe". Nie mozna odnalezc zestawu zaleznego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Uzyj narzedzia sxstrace.exe, aby uzyskac szczególowa diagnoze. [ System Events ] Error - 2012-01-14 11:12:40 | Computer Name = onlymine | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2012-01-14 16:40:50 | Computer Name = onlymine | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2012-01-14 16:40:50 | Computer Name = onlymine | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2012-01-14 16:40:59 | Computer Name = onlymine | Source = Service Control Manager | ID = 7009 Description = Uplynal limit czasu (30000 ms) podczas oczekiwania na polaczenie sie z usluga Mobile Partner. OUC. Error - 2012-01-14 16:40:59 | Computer Name = onlymine | Source = Service Control Manager | ID = 7000 Description = Nie mozna uruchomic uslugi Mobile Partner. OUC z powodu nastepujacego bledu: %%1053 Error - 2012-01-15 17:21:43 | Computer Name = onlymine | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2012-01-15 17:21:43 | Computer Name = onlymine | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2012-01-15 17:21:51 | Computer Name = onlymine | Source = Service Control Manager | ID = 7009 Description = Uplynal limit czasu (30000 ms) podczas oczekiwania na polaczenie sie z usluga Mobile Partner. OUC. Error - 2012-01-15 17:21:51 | Computer Name = onlymine | Source = Service Control Manager | ID = 7000 Description = Nie mozna uruchomic uslugi Mobile Partner. OUC z powodu nastepujacego bledu: %%1053 Error - 2012-01-15 17:22:22 | Computer Name = onlymine | Source = DCOM | ID = 10001 Description = < End of report > [/log] 1
Natsuki Kuga komentarz 18 stycznia 2012 komentarz 18 stycznia 2012 Jest ok. Ostatnie kroki: Do OTL wklej: [code] :Commands [emptytemp] [clearallrestorepoints] [createrestorepoint] [Reboot] [/code] [b]Wykonaj skrypt.[/b] Uruchom OTL ponownie i kliknij [b]Sprzątanie[/b] - to usunie go wraz z jego kwarantanną. Inne narzędzia użyte w temacie też możesz usunąć. 1
swiatek94 komentarz 24 stycznia 2012 Autor komentarz 24 stycznia 2012 Dobrze, Dziękuje Ci bardzo za pomoc !
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.