Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

please help me with my hijackthis log


  • This topic is locked This topic is locked
20 replies to this topic

#1 fzltrk

fzltrk

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 17 January 2011 - 12:56 PM

logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:13, on 17.01.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\TOSHIBA Yakınlaştırma Yardımcı Programı\SmoothView.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\tr-tr\msnappau.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\AirTies\ADSL Hizmet Programı\AirTies_util3.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\DigitalPeers\CamTrack\camtrack.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:25579
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 66.232.102.95 www.google.com
O1 - Hosts: 66.232.102.95 google.com
O1 - Hosts: 66.232.102.95 google.com.au
O1 - Hosts: 66.232.102.95 www.google.com.au
O1 - Hosts: 66.232.102.95 google.be
O1 - Hosts: 66.232.102.95 www.google.be
O1 - Hosts: 66.232.102.95 google.com.br
O1 - Hosts: 66.232.102.95 www.google.com.br
O1 - Hosts: 66.232.102.95 google.ca
O1 - Hosts: 66.232.102.95 www.google.ca
O1 - Hosts: 66.232.102.95 google.ch
O1 - Hosts: 66.232.102.95 www.google.ch
O1 - Hosts: 66.232.102.95 google.de
O1 - Hosts: 66.232.102.95 www.google.de
O1 - Hosts: 66.232.102.95 google.dk
O1 - Hosts: 66.232.102.95 www.google.dk
O1 - Hosts: 66.232.102.95 google.fr
O1 - Hosts: 66.232.102.95 www.google.fr
O1 - Hosts: 66.232.102.95 google.ie
O1 - Hosts: 66.232.102.95 www.google.ie
O1 - Hosts: 66.232.102.95 google.it
O1 - Hosts: 66.232.102.95 www.google.it
O1 - Hosts: 66.232.102.95 google.co.jp
O1 - Hosts: 66.232.102.95 www.google.co.jp
O1 - Hosts: 66.232.102.95 google.nl
O1 - Hosts: 66.232.102.95 www.google.nl
O1 - Hosts: 66.232.102.95 google.no
O1 - Hosts: 66.232.102.95 www.google.no
O1 - Hosts: 66.232.102.95 google.co.nz
O1 - Hosts: 66.232.102.95 www.google.co.nz
O1 - Hosts: 66.232.102.95 google.pl
O1 - Hosts: 66.232.102.95 www.google.pl
O1 - Hosts: 66.232.102.95 google.se
O1 - Hosts: 66.232.102.95 www.google.se
O1 - Hosts: 66.232.102.95 google.co.uk
O1 - Hosts: 66.232.102.95 www.google.co.uk
O1 - Hosts: 66.232.102.95 google.co.za
O1 - Hosts: 66.232.102.95 www.google.co.za
O1 - Hosts: 66.232.102.95 www.google-analytics.com
O1 - Hosts: 66.232.102.95 www.bing.com
O1 - Hosts: 66.232.102.95 search.yahoo.com
O1 - Hosts: 66.232.102.95 www.search.yahoo.com
O1 - Hosts: 66.232.102.95 uk.search.yahoo.com
O1 - Hosts: 66.232.102.95 ca.search.yahoo.com
O1 - Hosts: 66.232.102.95 de.search.yahoo.com
O1 - Hosts: 66.232.102.95 fr.search.yahoo.com
O1 - Hosts: 66.232.102.95 au.search.yahoo.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\tr-tr\msntb.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\tr-tr\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang TR
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Yakınlaştırma Yardımcı Programı\SmoothView.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\tr-tr\msnappau.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\PC Tools Security\pctsGui.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
O4 - .DEFAULT User Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
O4 - Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: AirTies ADSL Hizmet Programı.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Bunu Bloga Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Windows Live Writer içinde &Bunu Web Günlüğüne Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://elfguven.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{07B49086-2F45-4AE3-837E-5CC785AC6647}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{07B49086-2F45-4AE3-837E-5CC785AC6647}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (file missing)
O22 - SharedTaskScheduler: Browseui önceden yükleyicisi - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Bileşen Katergorileri önbellek daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe (file missing)
O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTsvcCDA.EXE (file missing)
O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 13788 bytes

BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 18 January 2011 - 11:57 PM

HijackThis is totally outdated and we don't use it anymore for analyzing.. In addition, we would very appreciate if you can tell us more about the symptom to the computer..

Lets do a scan with another scanner first..


Download DDS by sUBs and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your Desktop and post them in your next reply



We need to scan for Rootkits with GMER
  • Please download GMER from one of the following locations, and save it to your desktop:
    • Main Mirror
      This version will download a randomly named file (Recommended)
    • Zip Mirror
      This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Close any and all open programs, as this process may crash your computer.
  • Double click Posted Image or Posted Image on your desktop.
  • Allow the gmer.sys driver to load if asked.
  • You may see this window. If you do, click No.
    Posted Image
  • Click on Posted Image and wait for the scan to finish.
  • If you see a rootkit warning window, click OK.
  • Push Posted Image and save the logfile to your desktop.
  • Copy and Paste the contents of that file in your next post.

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 fzltrk

fzltrk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 19 January 2011 - 03:23 PM

A programme named "personal security sentinel" appeared on my computer, blocked all other antivirus programmes and gived fake warnings about trojans and viruses. I guess I delete it but I still can't use any antivirus programme. And now some pop-up's opens on my web browser-google chrome.

DDS.txt:


DDS (Ver_10-12-12.02) - NTFSx86
Run by elif at 22:14:32,25 on 19.01.2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Home Edition 5.1.2600.3.1254.90.1055.18.1262.647 [GMT 2:00]

AV: Personal Security Sentinel *Enabled/Updated* {9920488C-9654-4C59-B1D9-EFC05A434E99}
FW: Personal Security Sentinel *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
svchost.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\TOSHIBA Yakınlaştırma Yardımcı Programı\SmoothView.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\tr-tr\msnappau.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\AirTies\ADSL Hizmet Programı\AirTies_util3.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\elif\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.tr/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = http=127.0.0.1:25579
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0 ce\reader\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live Oturum Açma Yardım Aracı: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: ST: {9394ede7-c8b5-483e-8773-474bf36af6e4} - c:\program files\msn apps\st\01.03.0000.1005\en-xu\stmain.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: MSNToolBandBHO: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.5000.1021\tr-tr\msntb.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.5000.1021\tr-tr\msntb.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Toshiba Hotkey Utility] "c:\program files\toshiba\windows utilities\Hotkey.exe" /lang TR
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba yakınlaştırma yardımcı programı\SmoothView.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [msnappau] "c:\program files\msn apps\updater\01.02.3000.1001\tr-tr\msnappau.exe"
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [FixCamera] c:\windows\FixCamera.exe
mRun: [tsnp325] c:\windows\tsnp325.exe
mRun: [snp325] c:\windows\vsnp325.exe
mRun: [ISTray] "c:\program files\pc tools security\pctsGui.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
StartupFolder: c:\docume~1\elif\startm~1\progra~1\balang~1\camtrack.lnk - c:\program files\digitalpeers\camtrack\camtrack.exe
StartupFolder: c:\docume~1\elif\startm~1\progra~1\balang~1\micros~1.lnk - c:\program files\microsoft office\office11\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\progra~1\balang~1\airtie~1.lnk - c:\program files\airties\adsl hizmet programı\AirTies_util3.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\progra~1\balang~1\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
uPolicies-explorer: DisallowRun = 1 (0x1)
uPolicies-disallowrun: 0 = msseces.exe
uPolicies-disallowrun: 1 = MSASCui.exe
uPolicies-disallowrun: 2 = ekrn.exe
uPolicies-disallowrun: 3 = egui.exe
uPolicies-disallowrun: 4 = avgnt.exe
uPolicies-disallowrun: 5 = avcenter.exe
uPolicies-disallowrun: 6 = avscan.exe
uPolicies-disallowrun: 7 = avgfrw.exe
uPolicies-disallowrun: 8 = avgui.exe
uPolicies-disallowrun: 9 = avgtray.exe
uPolicies-disallowrun: 10 = avgscanx.exe
uPolicies-disallowrun: 11 = avgcfgex.exe
uPolicies-disallowrun: 12 = avgemc.exe
uPolicies-disallowrun: 13 = avgchsvx.exe
uPolicies-disallowrun: 14 = avgcmgr.exe
uPolicies-disallowrun: 15 = avgwdsvc.exe
IE: Microsoft Excel'e Gö&nder - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://spaces.msn.com//PhotoUpload/MsnPUpld.cab
DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://elfguven.spaces.live.com/PhotoUpload/MsnPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: {07B49086-2F45-4AE3-837E-5CC785AC6647} = 208.67.222.222,208.67.220.220
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
IFEO: image file execution options - svchost.exe
IFEO: a.exe - svchost.exe
IFEO: aAvgApi.exe - svchost.exe
IFEO: AAWTray.exe - svchost.exe
IFEO: About.exe - svchost.exe

Note: multiple IFEO entries found. Please refer to Attach.txt
Hosts: 74.125.45.100 4-open-davinci.com
Hosts: 74.125.45.100 securitysoftwarepayments.com
Hosts: 74.125.45.100 privatesecuredpayments.com
Hosts: 74.125.45.100 secure.privatesecuredpayments.com
Hosts: 74.125.45.100 getantivirusplusnow.com

Note: multiple HOSTS entries found. Please refer to Attach.txt

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\elif\applic~1\mozilla\firefox\profiles\lege21gy.default\
FF - prefs.js: browser.search.selectedEngine - search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.tr/
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\dealio toolbar\ff\components\dealioToolbarFF.dll
FF - component: c:\program files\dealio toolbar\ssff\components\SearchSettingsFF.dll
FF - plugin: c:\documents and settings\elif\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJPI150_10.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPOJI610.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: United States English Dictionary: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2011-1-12 239168]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2011-1-12 338880]
R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2011-1-12 656320]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-1-17 11608]
R1 SMBHC;Microsoft SM Yolu Ana Denetleyici Sürücüsü;c:\windows\system32\drivers\smbhc.sys [2004-11-29 6784]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-1-17 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-1-17 267944]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-1-17 61960]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-10-30 54752]
R3 SMBBATT;Microsoft Akıllı Pil Sürücüsü;c:\windows\system32\drivers\smbbatt.sys [2004-11-29 16000]
S2 AVGIDSAgent;AVGIDSAgent;"c:\program files\avg\avg10\identity protection\agent\bin\avgidsagent.exe" --> c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [?]
S2 gupdate;Google Güncelleme Hizmeti (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-19 135664]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\toolbarbroker.exe --> c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [?]
S3 IPN2220;INPROCOMM IPN2220 Wireless LAN Card Driver;c:\windows\system32\drivers\i2220ntx.sys [2004-12-6 155392]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [2010-12-16 10253056]
S4 ApacheImpartia;ApacheImpartia;"d:\system\apache\apache.exe" --ntservice --> d:\system\apache\Apache.exe [?]
S4 fsssvc;Windows Live Aile Koruması Hizmeti;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]

=============== Created Last 30 ================

2011-01-17 17:12:42 512992 -c--a-w- c:\program files\sdsetup.exe
2011-01-17 16:42:29 61960 -c--a-w- c:\windows\system32\drivers\avgntflt.sys
2011-01-17 16:42:28 -------- dc----w- c:\program files\Avira
2011-01-17 16:42:28 -------- dc----w- c:\docume~1\alluse~1\applic~1\Avira
2011-01-17 16:31:51 59325912 -c--a-w- c:\program files\avira_antivir_personal_en (2).exe
2011-01-12 00:13:23 656320 -c--a-w- c:\windows\system32\drivers\pctEFA.sys
2011-01-12 00:13:23 338880 -c--a-w- c:\windows\system32\drivers\pctDS.sys
2011-01-12 00:13:22 249616 -c--a-w- c:\windows\system32\drivers\pctgntdi.sys
2011-01-12 00:13:20 239168 -c--a-w- c:\windows\system32\drivers\PCTCore.sys
2011-01-12 00:13:20 160448 -c--a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2011-01-12 00:13:13 70536 -c--a-w- c:\windows\system32\drivers\pctplsg.sys
2011-01-12 00:12:51 -------- dc----w- c:\program files\PC Tools Security
2011-01-12 00:12:51 -------- dc----w- c:\program files\common files\PC Tools
2011-01-12 00:12:51 -------- dc----w- c:\docume~1\elif\applic~1\PC Tools
2011-01-11 23:24:23 -------- dc----w- c:\docume~1\alluse~1\applic~1\PC Tools
2011-01-11 23:04:51 -------- dc----w- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar
2011-01-11 21:49:06 388096 -c--a-r- c:\docume~1\elif\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-01-11 21:49:03 -------- dc----w- c:\program files\Trend Micro
2011-01-10 17:35:47 -------- dc-h--w- c:\docume~1\alluse~1\applic~1\Common Files
2011-01-10 17:32:25 -------- dc----w- c:\docume~1\alluse~1\applic~1\AVG10
2011-01-10 17:31:37 -------- dc----w- c:\windows\pss
2011-01-08 22:22:18 -------- dc----w- c:\docume~1\alluse~1\applic~1\MFAData
2011-01-08 21:50:09 -------- dcsh--w- c:\docume~1\elif\applic~1\Personal Security Sentinel
2011-01-08 21:50:08 -------- dcsh--w- c:\docume~1\alluse~1\applic~1\PSBWS
2011-01-08 21:48:20 -------- dcsh--w- c:\docume~1\alluse~1\applic~1\1fe22a
2011-01-06 21:02:15 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2011-01-06 21:02:15 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-01-06 21:02:15 472808 -c--a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-01-06 20:53:25 883488 -c--a-w- c:\program files\chromeinstall-6u23.exe
2011-01-04 18:56:33 1286504 -c--a-w- c:\program files\wlsetup-web.exe
2011-01-04 18:27:17 54272 -c--a-w- c:\windows\system32\vfwwdm32.dll
2011-01-04 18:27:17 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-12-23 17:36:49 83933544 -c--a-w- c:\program files\common files\windows live\.cache\wlc25B.tmp

==================== Find3M ====================

2010-11-18 18:12:45 81920 -c--a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:30 249856 -c--a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:21:17 916480 -c--a-w- c:\windows\system32\wininet.dll
2010-11-06 00:21:15 43520 -c--a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:21:15 1469440 -c--a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:27:25 385024 -c--a-w- c:\windows\system32\html.iec
2010-10-28 13:13:33 290048 -c--a-w- c:\windows\system32\atmfd.dll
2010-10-26 14:07:03 1853312 -c--a-w- c:\windows\system32\win32k.sys
2010-09-28 21:35:20 35809360 -c--a-w- c:\program files\Nokia_PC_Suite_tur_web.exe
2010-08-11 20:39:39 3955824 -c--a-w- c:\program files\SilentUpdate.exe
2006-10-25 19:50:26 5137736 -c--a-w- c:\program files\Firefox Setup 1.5.0.7.exe
2006-10-23 15:34:36 15366440 -c--a-w- c:\program files\Install_Messenger.exe
2006-08-08 18:28:53 8661936 -c--a-w- c:\program files\winamp524_full_bundle_emusic-7plus.exe
2006-01-23 20:50:12 3745834 -c--a-w- c:\program files\SweetImSetup.exe

============= FINISH: 22:14:57,44 ===============


attach.txt:


DDS (Ver_10-12-12.02)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 02.09.2005 12:21:32
System Uptime: 19.01.2011 16:38:48 (6 hours ago)

Motherboard: TOSHIBA | | Satellite L10
Processor: Intel® Pentium® M processor 1.70GHz | uFCPGA2 | 1694/400mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 37 GiB total, 6,443 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP360: 22.10.2010 20:25:41 - Sistem Denetleme Noktası
RP361: 27.10.2010 21:42:19 - Avg Update
RP362: 31.10.2010 14:47:01 - Sistem Denetleme Noktası
RP363: 01.11.2010 23:15:31 - Removed Dealio Toolbar v4.0.2.
RP364: 01.11.2010 23:18:36 - Removed Samsung Samples Installer
RP365: 02.11.2010 20:43:37 - Removed Samsung PC Studio 3 USB Driver Installer
RP366: 10.11.2010 22:41:08 - Avg Update
RP367: 10.11.2010 22:41:52 - Avg Update
RP368: 14.11.2010 23:48:42 - Installed Windows XP Wudf01000.
RP369: 15.11.2010 00:26:41 - Software Distribution Service 3.0
RP370: 19.11.2010 00:16:42 - Software Distribution Service 3.0
RP371: 29.11.2010 00:25:07 - Avg Update
RP372: 29.11.2010 00:26:45 - Avg Update
RP373: 13.12.2010 00:12:35 - Sistem Denetleme Noktası
RP374: 14.12.2010 22:06:30 - Sistem Denetleme Noktası
RP375: 16.12.2010 23:51:31 - Installed Shiny SH-5552 Plus Camera
RP376: 16.12.2010 23:52:48 - Installed Video Power
RP377: 17.12.2010 00:12:06 - Configured Shiny SH-5552 Plus Camera
RP378: 17.12.2010 00:12:43 - Configured Shiny SH-5552 Plus Camera
RP379: 17.12.2010 01:01:48 - Software Distribution Service 3.0
RP380: 23.12.2010 19:45:19 - Installed DirectX
RP381: 24.12.2010 21:34:46 - Software Distribution Service 3.0
RP382: 04.01.2011 20:27:09 - İmzasız sürücü yüklemesi
RP383: 06.01.2011 23:01:41 - Installed Java™ 6 Update 23
RP384: 09.01.2011 01:20:52 - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP385: 09.01.2011 01:21:12 - Yüklenen AVG 2011
RP386: 09.01.2011 01:23:46 - Removed AVG Free 9.0
RP387: 09.01.2011 01:26:17 - Kaldırılan AVG 2011
RP388: 10.01.2011 19:30:25 - Yüklenen AVG 2011
RP389: 10.01.2011 19:37:06 - Yüklenen AVG 2011
RP390: 10.01.2011 19:37:20 - Kaldırılan AVG 2011
RP391: 11.01.2011 23:49:02 - Installed HiJackThis
RP392: 12.01.2011 01:01:28 - Yüklenen AVG 2011
RP393: 12.01.2011 01:06:24 - Yüklenen AVG 2011
RP394: 12.01.2011 01:06:35 - Kaldırılan AVG 2011
RP395: 12.01.2011 02:04:29 - Removed Ad-Aware
RP396: 12.01.2011 19:23:56 - Software Distribution Service 3.0
RP397: 19.01.2011 16:34:43 - Software Distribution Service 3.0

==== Image File Execution Options =============

IFEO: image file execution options - svchost.exe
IFEO: a.exe - svchost.exe
IFEO: aAvgApi.exe - svchost.exe
IFEO: AAWTray.exe - svchost.exe
IFEO: About.exe - svchost.exe
IFEO: ackwin32.exe - svchost.exe
IFEO: Ad-Aware.exe - svchost.exe
IFEO: adaware.exe - svchost.exe
IFEO: advxdwin.exe - svchost.exe
IFEO: AdwarePrj.exe - svchost.exe
IFEO: agent.exe - svchost.exe
IFEO: agentsvr.exe - svchost.exe
IFEO: agentw.exe - svchost.exe
IFEO: alertsvc.exe - svchost.exe
IFEO: alevir.exe - svchost.exe
IFEO: alogserv.exe - svchost.exe
IFEO: AlphaAV - svchost.exe
IFEO: AlphaAV.exe - svchost.exe
IFEO: AluSchedulerSvc.exe - svchost.exe
IFEO: amon9x.exe - svchost.exe
IFEO: anti-trojan.exe - svchost.exe
IFEO: Anti-Virus Professional.exe - svchost.exe
IFEO: AntispywarXP2009.exe - svchost.exe
IFEO: antivirus.exe - svchost.exe
IFEO: AntivirusPlus - svchost.exe
IFEO: AntivirusPlus.exe - svchost.exe
IFEO: AntivirusPro_2010.exe - svchost.exe
IFEO: AntivirusXP - svchost.exe
IFEO: AntivirusXP.exe - svchost.exe
IFEO: antivirusxppro2009.exe - svchost.exe
IFEO: AntiVirus_Pro.exe - svchost.exe
IFEO: ants.exe - svchost.exe
IFEO: apimonitor.exe - svchost.exe
IFEO: aplica32.exe - svchost.exe
IFEO: apvxdwin.exe - svchost.exe
IFEO: arr.exe - svchost.exe
IFEO: Arrakis3.exe - svchost.exe
IFEO: ashAvast.exe - svchost.exe
IFEO: ashBug.exe - svchost.exe
IFEO: ashChest.exe - svchost.exe
IFEO: ashCnsnt.exe - svchost.exe
IFEO: ashDisp.exe - svchost.exe
IFEO: ashLogV.exe - svchost.exe
IFEO: ashMaiSv.exe - svchost.exe
IFEO: ashPopWz.exe - svchost.exe
IFEO: ashQuick.exe - svchost.exe
IFEO: ashServ.exe - svchost.exe
IFEO: ashSimp2.exe - svchost.exe
IFEO: ashSimpl.exe - svchost.exe
IFEO: ashSkPcc.exe - svchost.exe
IFEO: ashSkPck.exe - svchost.exe
IFEO: ashUpd.exe - svchost.exe
IFEO: ashWebSv.exe - svchost.exe
IFEO: aswChLic.exe - svchost.exe
IFEO: aswRegSvr.exe - svchost.exe
IFEO: aswRunDll.exe - svchost.exe
IFEO: aswUpdSv.exe - svchost.exe
IFEO: atcon.exe - svchost.exe
IFEO: atguard.exe - svchost.exe
IFEO: atro55en.exe - svchost.exe
IFEO: atupdater.exe - svchost.exe
IFEO: atwatch.exe - svchost.exe
IFEO: au.exe - svchost.exe
IFEO: aupdate.exe - svchost.exe
IFEO: auto-protect.nav80try.exe - svchost.exe
IFEO: autodown.exe - svchost.exe
IFEO: autotrace.exe - svchost.exe
IFEO: autoupdate.exe - svchost.exe
IFEO: av360.exe - svchost.exe
IFEO: avadmin.exe - svchost.exe
IFEO: AVCare.exe - svchost.exe
IFEO: avcenter.exe - svchost.exe
IFEO: avciman.exe - svchost.exe
IFEO: avconfig.exe - svchost.exe
IFEO: avconsol.exe - svchost.exe
IFEO: ave32.exe - svchost.exe
IFEO: AVENGINE.EXE - svchost.exe
IFEO: avgcc32.exe - svchost.exe
IFEO: avgchk.exe - svchost.exe
IFEO: avgcmgr.exe - svchost.exe
IFEO: avgcsrvx.exe - svchost.exe
IFEO: avgctrl.exe - svchost.exe
IFEO: avgdumpx.exe - svchost.exe
IFEO: avgemc.exe - svchost.exe
IFEO: avgiproxy.exe - svchost.exe
IFEO: avgnsx.exe - svchost.exe
IFEO: avgnt.exe - svchost.exe
IFEO: avgrsx.exe - svchost.exe
IFEO: avgscanx.exe - svchost.exe
IFEO: avgserv.exe - svchost.exe
IFEO: avgserv9.exe - svchost.exe
IFEO: avgsrmax.exe - svchost.exe
IFEO: avgtray.exe - svchost.exe
IFEO: avgui.exe - svchost.exe
IFEO: avgupd.exe - svchost.exe
IFEO: avgw.exe - svchost.exe
IFEO: avgwdsvc.exe - svchost.exe
IFEO: avkpop.exe - svchost.exe
IFEO: avkserv.exe - svchost.exe
IFEO: avkservice.exe - svchost.exe
IFEO: avkwctl9.exe - svchost.exe
IFEO: avltmain.exe - svchost.exe
IFEO: avmailc.exe - svchost.exe
IFEO: avmcdlg.exe - svchost.exe
IFEO: avnotify.exe - svchost.exe
IFEO: avnt.exe - svchost.exe
IFEO: avp32.exe - svchost.exe
IFEO: avpcc.exe - svchost.exe
IFEO: avpdos32.exe - svchost.exe
IFEO: avpm.exe - svchost.exe
IFEO: avptc32.exe - svchost.exe
IFEO: avpupd.exe - svchost.exe
IFEO: avsched32.exe - svchost.exe
IFEO: avsynmgr.exe - svchost.exe
IFEO: avupgsvc.exe - svchost.exe
IFEO: AVWEBGRD.EXE - svchost.exe
IFEO: avwin.exe - svchost.exe
IFEO: avwin95.exe - svchost.exe
IFEO: avwinnt.exe - svchost.exe
IFEO: avwsc.exe - svchost.exe
IFEO: avwupd.exe - svchost.exe
IFEO: avwupd32.exe - svchost.exe
IFEO: avwupsrv.exe - svchost.exe
IFEO: avxmonitor9x.exe - svchost.exe
IFEO: avxmonitornt.exe - svchost.exe
IFEO: avxquar.exe - svchost.exe
IFEO: b.exe - svchost.exe
IFEO: backweb.exe - svchost.exe
IFEO: bargains.exe - svchost.exe
IFEO: bdagent.exe - svchost.exe
IFEO: bdfvcl.exe - svchost.exe
IFEO: bdfvwiz.exe - svchost.exe
IFEO: BDInProcPatch.exe - svchost.exe
IFEO: bdmcon.exe - svchost.exe
IFEO: BDMsnScan.exe - svchost.exe
IFEO: bdreinit.exe - svchost.exe
IFEO: bdsubwiz.exe - svchost.exe
IFEO: BDSurvey.exe - svchost.exe
IFEO: bdtkexec.exe - svchost.exe
IFEO: bdwizreg.exe - svchost.exe
IFEO: bd_professional.exe - svchost.exe
IFEO: beagle.exe - svchost.exe
IFEO: belt.exe - svchost.exe
IFEO: bidef.exe - svchost.exe
IFEO: bidserver.exe - svchost.exe
IFEO: bipcp.exe - svchost.exe
IFEO: bipcpevalsetup.exe - svchost.exe
IFEO: bisp.exe - svchost.exe
IFEO: blackd.exe - svchost.exe
IFEO: blackice.exe - svchost.exe
IFEO: blink.exe - svchost.exe
IFEO: blss.exe - svchost.exe
IFEO: bootconf.exe - svchost.exe
IFEO: bootwarn.exe - svchost.exe
IFEO: borg2.exe - svchost.exe
IFEO: bpc.exe - svchost.exe
IFEO: brasil.exe - svchost.exe
IFEO: brastk.exe - svchost.exe
IFEO: brw.exe - svchost.exe
IFEO: bs120.exe - svchost.exe
IFEO: bspatch.exe - svchost.exe
IFEO: bundle.exe - svchost.exe
IFEO: bvt.exe - svchost.exe
IFEO: c.exe - svchost.exe
IFEO: cavscan.exe - svchost.exe
IFEO: ccapp.exe - svchost.exe
IFEO: ccevtmgr.exe - svchost.exe
IFEO: ccpxysvc.exe - svchost.exe
IFEO: ccSvcHst.exe - svchost.exe
IFEO: cdp.exe - svchost.exe
IFEO: cfd.exe - svchost.exe
IFEO: cfgwiz.exe - svchost.exe
IFEO: cfiadmin.exe - svchost.exe
IFEO: cfiaudit.exe - svchost.exe
IFEO: cfinet.exe - svchost.exe
IFEO: cfinet32.exe - svchost.exe
IFEO: cfp.exe - svchost.exe
IFEO: cfpconfg.exe - svchost.exe
IFEO: cfplogvw.exe - svchost.exe
IFEO: cfpupdat.exe - svchost.exe
IFEO: Cl.exe - svchost.exe
IFEO: claw95.exe - svchost.exe
IFEO: claw95cf.exe - svchost.exe
IFEO: clean.exe - svchost.exe
IFEO: cleaner.exe - svchost.exe
IFEO: cleaner3.exe - svchost.exe
IFEO: cleanIELow.exe - svchost.exe
IFEO: cleanpc.exe - svchost.exe
IFEO: click.exe - svchost.exe
IFEO: cmd32.exe - svchost.exe
IFEO: cmdagent.exe - svchost.exe
IFEO: cmesys.exe - svchost.exe
IFEO: cmgrdian.exe - svchost.exe
IFEO: cmon016.exe - svchost.exe
IFEO: connectionmonitor.exe - svchost.exe
IFEO: control - svchost.exe
IFEO: cpd.exe - svchost.exe
IFEO: cpf9x206.exe - svchost.exe
IFEO: cpfnt206.exe - svchost.exe
IFEO: crashrep.exe - svchost.exe
IFEO: csc.exe - svchost.exe
IFEO: cssconfg.exe - svchost.exe
IFEO: cssupdat.exe - svchost.exe
IFEO: cssurf.exe - svchost.exe
IFEO: ctrl.exe - svchost.exe
IFEO: cv.exe - svchost.exe
IFEO: cwnb181.exe - svchost.exe
IFEO: cwntdwmo.exe - svchost.exe
IFEO: d.exe - svchost.exe
IFEO: datemanager.exe - svchost.exe
IFEO: dcomx.exe - svchost.exe
IFEO: defalert.exe - svchost.exe
IFEO: defscangui.exe - svchost.exe
IFEO: defwatch.exe - svchost.exe
IFEO: deloeminfs.exe - svchost.exe
IFEO: deputy.exe - svchost.exe
IFEO: divx.exe - svchost.exe
IFEO: dllcache.exe - svchost.exe
IFEO: dllreg.exe - svchost.exe
IFEO: doors.exe - svchost.exe
IFEO: dop.exe - svchost.exe
IFEO: dpf.exe - svchost.exe
IFEO: dpfsetup.exe - svchost.exe
IFEO: dpps2.exe - svchost.exe
IFEO: driverctrl.exe - svchost.exe
IFEO: drwatson.exe - svchost.exe
IFEO: drweb32.exe - svchost.exe
IFEO: drwebupw.exe - svchost.exe
IFEO: dssagent.exe - svchost.exe
IFEO: dvp95.exe - svchost.exe
IFEO: dvp95_0.exe - svchost.exe
IFEO: ecengine.exe - svchost.exe
IFEO: efpeadm.exe - svchost.exe
IFEO: egui.exe - svchost.exe
IFEO: ekrn.exe - svchost.exe
IFEO: emsw.exe - svchost.exe
IFEO: ent.exe - svchost.exe
IFEO: esafe.exe - svchost.exe
IFEO: escanhnt.exe - svchost.exe
IFEO: escanv95.exe - svchost.exe
IFEO: espwatch.exe - svchost.exe
IFEO: ethereal.exe - svchost.exe
IFEO: etrustcipe.exe - svchost.exe
IFEO: evpn.exe - svchost.exe
IFEO: exantivirus-cnet.exe - svchost.exe
IFEO: exe.avxw.exe - svchost.exe
IFEO: expert.exe - svchost.exe
IFEO: explore.exe - svchost.exe
IFEO: f-agnt95.exe - svchost.exe
IFEO: f-prot.exe - svchost.exe
IFEO: f-prot95.exe - svchost.exe
IFEO: f-stopw.exe - svchost.exe
IFEO: fact.exe - svchost.exe
IFEO: fameh32.exe - svchost.exe
IFEO: fast.exe - svchost.exe
IFEO: fch32.exe - svchost.exe
IFEO: fih32.exe - svchost.exe
IFEO: findviru.exe - svchost.exe
IFEO: firewall.exe - svchost.exe
IFEO: fixcfg.exe - svchost.exe
IFEO: fixfp.exe - svchost.exe
IFEO: fnrb32.exe - svchost.exe
IFEO: fp-win.exe - svchost.exe
IFEO: fp-win_trial.exe - svchost.exe
IFEO: fprot.exe - svchost.exe
IFEO: frmwrk32.exe - svchost.exe
IFEO: frw.exe - svchost.exe
IFEO: fsaa.exe - svchost.exe
IFEO: fsav.exe - svchost.exe
IFEO: fsav32.exe - svchost.exe
IFEO: fsav530stbyb.exe - svchost.exe
IFEO: fsav530wtbyb.exe - svchost.exe
IFEO: fsav95.exe - svchost.exe
IFEO: fsgk32.exe - svchost.exe
IFEO: fsm32.exe - svchost.exe
IFEO: fsma32.exe - svchost.exe
IFEO: fsmb32.exe - svchost.exe
IFEO: gator.exe - svchost.exe
IFEO: gav.exe - svchost.exe
IFEO: gbmenu.exe - svchost.exe
IFEO: gbn976rl.exe - svchost.exe
IFEO: gbpoll.exe - svchost.exe
IFEO: generics.exe - svchost.exe
IFEO: gmt.exe - svchost.exe
IFEO: guard.exe - svchost.exe
IFEO: guarddog.exe - svchost.exe
IFEO: guardgui.exe - svchost.exe
IFEO: hacktracersetup.exe - svchost.exe
IFEO: hbinst.exe - svchost.exe
IFEO: hbsrv.exe - svchost.exe
IFEO: History.exe - svchost.exe
IFEO: homeav2010.exe - svchost.exe
IFEO: hotactio.exe - svchost.exe
IFEO: hotpatch.exe - svchost.exe
IFEO: htlog.exe - svchost.exe
IFEO: htpatch.exe - svchost.exe
IFEO: hwpe.exe - svchost.exe
IFEO: hxdl.exe - svchost.exe
IFEO: hxiul.exe - svchost.exe
IFEO: iamapp.exe - svchost.exe
IFEO: iamserv.exe - svchost.exe
IFEO: iamstats.exe - svchost.exe
IFEO: ibmasn.exe - svchost.exe
IFEO: ibmavsp.exe - svchost.exe
IFEO: icload95.exe - svchost.exe
IFEO: icloadnt.exe - svchost.exe
IFEO: icmon.exe - svchost.exe
IFEO: icsupp95.exe - svchost.exe
IFEO: icsuppnt.exe - svchost.exe
IFEO: Identity.exe - svchost.exe
IFEO: idle.exe - svchost.exe
IFEO: iedll.exe - svchost.exe
IFEO: iedriver.exe - svchost.exe
IFEO: IEShow.exe - svchost.exe
IFEO: iface.exe - svchost.exe
IFEO: ifw2000.exe - svchost.exe
IFEO: inetlnfo.exe - svchost.exe
IFEO: infus.exe - svchost.exe
IFEO: infwin.exe - svchost.exe
IFEO: init.exe - svchost.exe
IFEO: init32.exe - svchost.exe
IFEO: install.exe - svchost.exe
IFEO: install[1].exe - svchost.exe
IFEO: install[2].exe - svchost.exe
IFEO: install[3].exe - svchost.exe
IFEO: install[4].exe - svchost.exe
IFEO: install[5].exe - svchost.exe
IFEO: intdel.exe - svchost.exe
IFEO: intren.exe - svchost.exe
IFEO: iomon98.exe - svchost.exe
IFEO: istsvc.exe - svchost.exe
IFEO: jammer.exe - svchost.exe
IFEO: jdbgmrg.exe - svchost.exe
IFEO: jedi.exe - svchost.exe
IFEO: JsRcGen.exe - svchost.exe
IFEO: kavlite40eng.exe - svchost.exe
IFEO: kavpers40eng.exe - svchost.exe
IFEO: kavpf.exe - svchost.exe
IFEO: kazza.exe - svchost.exe
IFEO: keenvalue.exe - svchost.exe
IFEO: kerio-pf-213-en-win.exe - svchost.exe
IFEO: kerio-wrl-421-en-win.exe - svchost.exe
IFEO: kerio-wrp-421-en-win.exe - svchost.exe
IFEO: killprocesssetup161.exe - svchost.exe
IFEO: ldnetmon.exe - svchost.exe
IFEO: ldpro.exe - svchost.exe
IFEO: ldpromenu.exe - svchost.exe
IFEO: ldscan.exe - svchost.exe
IFEO: licmgr.exe - svchost.exe
IFEO: livesrv.exe - svchost.exe
IFEO: lnetinfo.exe - svchost.exe
IFEO: loader.exe - svchost.exe
IFEO: localnet.exe - svchost.exe
IFEO: lockdown.exe - svchost.exe
IFEO: lockdown2000.exe - svchost.exe
IFEO: lookout.exe - svchost.exe
IFEO: lordpe.exe - svchost.exe
IFEO: lsetup.exe - svchost.exe
IFEO: luall.exe - svchost.exe
IFEO: luau.exe - svchost.exe
IFEO: lucomserver.exe - svchost.exe
IFEO: luinit.exe - svchost.exe
IFEO: luspt.exe - svchost.exe
IFEO: MalwareRemoval.exe - svchost.exe
IFEO: mapisvc32.exe - svchost.exe
IFEO: mcagent.exe - svchost.exe
IFEO: mcmnhdlr.exe - svchost.exe
IFEO: mcmscsvc.exe - svchost.exe
IFEO: mcnasvc.exe - svchost.exe
IFEO: mcproxy.exe - svchost.exe
IFEO: McSACore.exe - svchost.exe
IFEO: mcshell.exe - svchost.exe
IFEO: mcshield.exe - svchost.exe
IFEO: mcsysmon.exe - svchost.exe
IFEO: mctool.exe - svchost.exe
IFEO: mcupdate.exe - svchost.exe
IFEO: mcvsrte.exe - svchost.exe
IFEO: mcvsshld.exe - svchost.exe
IFEO: md.exe - svchost.exe
IFEO: mfin32.exe - svchost.exe
IFEO: mfw2en.exe - svchost.exe
IFEO: mfweng3.02d30.exe - svchost.exe
IFEO: mgavrtcl.exe - svchost.exe
IFEO: mgavrte.exe - svchost.exe
IFEO: mghtml.exe - svchost.exe
IFEO: mgui.exe - svchost.exe
IFEO: minilog.exe - svchost.exe
IFEO: mmod.exe - svchost.exe
IFEO: monitor.exe - svchost.exe
IFEO: moolive.exe - svchost.exe
IFEO: mostat.exe - svchost.exe
IFEO: mpfagent.exe - svchost.exe
IFEO: mpfservice.exe - svchost.exe
IFEO: MPFSrv.exe - svchost.exe
IFEO: mpftray.exe - svchost.exe
IFEO: mrflux.exe - svchost.exe
IFEO: mrt.exe - svchost.exe
IFEO: msa.exe - svchost.exe
IFEO: msapp.exe - svchost.exe
IFEO: MSASCui.exe - svchost.exe
IFEO: msbb.exe - svchost.exe
IFEO: msblast.exe - svchost.exe
IFEO: mscache.exe - svchost.exe
IFEO: msccn32.exe - svchost.exe
IFEO: mscman.exe - svchost.exe
IFEO: msconfig - svchost.exe
IFEO: msdm.exe - svchost.exe
IFEO: msdos.exe - svchost.exe
IFEO: msfwsvc.exe - svchost.exe
IFEO: msiexec16.exe - svchost.exe
IFEO: mslaugh.exe - svchost.exe
IFEO: msmgt.exe - svchost.exe
IFEO: MsMpEng.exe - svchost.exe
IFEO: msmsgri32.exe - svchost.exe
IFEO: msseces.exe - svchost.exe
IFEO: mssmmc32.exe - svchost.exe
IFEO: mssys.exe - svchost.exe
IFEO: msvxd.exe - svchost.exe
IFEO: mu0311ad.exe - svchost.exe
IFEO: mwatch.exe - svchost.exe
IFEO: n32scanw.exe - svchost.exe
IFEO: nav.exe - svchost.exe
IFEO: navap.navapsvc.exe - svchost.exe
IFEO: navapsvc.exe - svchost.exe
IFEO: navapw32.exe - svchost.exe
IFEO: navdx.exe - svchost.exe
IFEO: navlu32.exe - svchost.exe
IFEO: navnt.exe - svchost.exe
IFEO: navstub.exe - svchost.exe
IFEO: navw32.exe - svchost.exe
IFEO: navwnt.exe - svchost.exe
IFEO: nc2000.exe - svchost.exe
IFEO: ncinst4.exe - svchost.exe
IFEO: ndd32.exe - svchost.exe
IFEO: neomonitor.exe - svchost.exe
IFEO: neowatchlog.exe - svchost.exe
IFEO: netarmor.exe - svchost.exe
IFEO: netd32.exe - svchost.exe
IFEO: netinfo.exe - svchost.exe
IFEO: netmon.exe - svchost.exe
IFEO: netscanpro.exe - svchost.exe
IFEO: netspyhunter-1.2.exe - svchost.exe
IFEO: netutils.exe - svchost.exe
IFEO: nisserv.exe - svchost.exe
IFEO: nisum.exe - svchost.exe
IFEO: nmain.exe - svchost.exe
IFEO: nod32.exe - svchost.exe
IFEO: normist.exe - svchost.exe
IFEO: norton_internet_secu_3.0_407.exe - svchost.exe
IFEO: notstart.exe - svchost.exe
IFEO: npf40_tw_98_nt_me_2k.exe - svchost.exe
IFEO: npfmessenger.exe - svchost.exe
IFEO: nprotect.exe - svchost.exe
IFEO: npscheck.exe - svchost.exe
IFEO: npssvc.exe - svchost.exe
IFEO: nsched32.exe - svchost.exe
IFEO: nssys32.exe - svchost.exe
IFEO: nstask32.exe - svchost.exe
IFEO: nsupdate.exe - svchost.exe
IFEO: nt.exe - svchost.exe
IFEO: ntrtscan.exe - svchost.exe
IFEO: ntvdm.exe - svchost.exe
IFEO: ntxconfig.exe - svchost.exe
IFEO: nui.exe - svchost.exe
IFEO: nupgrade.exe - svchost.exe
IFEO: nvarch16.exe - svchost.exe
IFEO: nvc95.exe - svchost.exe
IFEO: nvsvc32.exe - svchost.exe
IFEO: nwinst4.exe - svchost.exe
IFEO: nwservice.exe - svchost.exe
IFEO: nwtool16.exe - svchost.exe
IFEO: OAcat.exe - svchost.exe
IFEO: OAhlp.exe - svchost.exe
IFEO: OAReg.exe - svchost.exe
IFEO: oasrv.exe - svchost.exe
IFEO: oaui.exe - svchost.exe
IFEO: oaview.exe - svchost.exe
IFEO: OcHealthMon.exe - svchost.exe
IFEO: ODSW.exe - svchost.exe
IFEO: ollydbg.exe - svchost.exe
IFEO: onsrvr.exe - svchost.exe
IFEO: optimize.exe - svchost.exe
IFEO: ostronet.exe - svchost.exe
IFEO: otfix.exe - svchost.exe
IFEO: outpost.exe - svchost.exe
IFEO: outpostinstall.exe - svchost.exe
IFEO: outpostproinstall.exe - svchost.exe
IFEO: ozn695m5.exe - svchost.exe
IFEO: padmin.exe - svchost.exe
IFEO: panixk.exe - svchost.exe
IFEO: patch.exe - svchost.exe
IFEO: pav.exe - svchost.exe
IFEO: pavcl.exe - svchost.exe
IFEO: PavFnSvr.exe - svchost.exe
IFEO: pavproxy.exe - svchost.exe
IFEO: pavprsrv.exe - svchost.exe
IFEO: pavsched.exe - svchost.exe
IFEO: pavsrv51.exe - svchost.exe
IFEO: pavw.exe - svchost.exe
IFEO: pc.exe - svchost.exe
IFEO: pccwin98.exe - svchost.exe
IFEO: pcfwallicon.exe - svchost.exe
IFEO: pcip10117_0.exe - svchost.exe
IFEO: pcscan.exe - svchost.exe
IFEO: pctsAuxs.exe - svchost.exe
IFEO: pctsGui.exe - svchost.exe
IFEO: pctsSvc.exe - svchost.exe
IFEO: pctsTray.exe - svchost.exe
IFEO: PC_Antispyware2010.exe - svchost.exe
IFEO: pdfndr.exe - svchost.exe
IFEO: pdsetup.exe - svchost.exe
IFEO: PerAvir.exe - svchost.exe
IFEO: periscope.exe - svchost.exe
IFEO: persfw.exe - svchost.exe
IFEO: personalguard - svchost.exe
IFEO: personalguard.exe - svchost.exe
IFEO: perswf.exe - svchost.exe
IFEO: pf2.exe - svchost.exe
IFEO: pfwadmin.exe - svchost.exe
IFEO: pgmonitr.exe - svchost.exe
IFEO: pingscan.exe - svchost.exe
IFEO: platin.exe - svchost.exe
IFEO: pop3trap.exe - svchost.exe
IFEO: poproxy.exe - svchost.exe
IFEO: popscan.exe - svchost.exe
IFEO: portdetective.exe - svchost.exe
IFEO: portmonitor.exe - svchost.exe
IFEO: powerscan.exe - svchost.exe
IFEO: ppinupdt.exe - svchost.exe
IFEO: pptbc.exe - svchost.exe
IFEO: ppvstop.exe - svchost.exe
IFEO: prizesurfer.exe - svchost.exe
IFEO: prmt.exe - svchost.exe
IFEO: prmvr.exe - svchost.exe
IFEO: procdump.exe - svchost.exe
IFEO: processmonitor.exe - svchost.exe
IFEO: procexplorerv1.0.exe - svchost.exe
IFEO: programauditor.exe - svchost.exe
IFEO: proport.exe - svchost.exe
IFEO: protector.exe - svchost.exe
IFEO: protectx.exe - svchost.exe
IFEO: PSANCU.exe - svchost.exe
IFEO: PSANHost.exe - svchost.exe
IFEO: PSANToManager.exe - svchost.exe
IFEO: PsCtrls.exe - svchost.exe
IFEO: PsImSvc.exe - svchost.exe
IFEO: PskSvc.exe - svchost.exe
IFEO: pspf.exe - svchost.exe
IFEO: PSUNMain.exe - svchost.exe
IFEO: purge.exe - svchost.exe
IFEO: qconsole.exe - svchost.exe
IFEO: qh.exe - svchost.exe
IFEO: qserver.exe - svchost.exe
IFEO: Quick Heal.exe - svchost.exe
IFEO: QuickHealCleaner.exe - svchost.exe
IFEO: rapapp.exe - svchost.exe
IFEO: rav7.exe - svchost.exe
IFEO: rav7win.exe - svchost.exe
IFEO: rav8win32eng.exe - svchost.exe
IFEO: ray.exe - svchost.exe
IFEO: rb32.exe - svchost.exe
IFEO: rcsync.exe - svchost.exe
IFEO: realmon.exe - svchost.exe
IFEO: reged.exe - svchost.exe
IFEO: regedt32.exe - svchost.exe
IFEO: rescue.exe - svchost.exe
IFEO: rescue32.exe - svchost.exe
IFEO: rrguard.exe - svchost.exe
IFEO: rscdwld.exe - svchost.exe
IFEO: rshell.exe - svchost.exe
IFEO: rtvscan.exe - svchost.exe
IFEO: rtvscn95.exe - svchost.exe
IFEO: rulaunch.exe - svchost.exe
IFEO: rwg - svchost.exe
IFEO: rwg.exe - svchost.exe
IFEO: SafetyKeeper.exe - svchost.exe
IFEO: safeweb.exe - svchost.exe
IFEO: sahagent.exe - svchost.exe
IFEO: Save.exe - svchost.exe
IFEO: SaveArmor.exe - svchost.exe
IFEO: SaveDefense.exe - svchost.exe
IFEO: SaveKeep.exe - svchost.exe
IFEO: savenow.exe - svchost.exe
IFEO: sbserv.exe - svchost.exe
IFEO: sc.exe - svchost.exe
IFEO: scam32.exe - svchost.exe
IFEO: scan32.exe - svchost.exe
IFEO: scan95.exe - svchost.exe
IFEO: scanpm.exe - svchost.exe
IFEO: scrscan.exe - svchost.exe
IFEO: seccenter.exe - svchost.exe
IFEO: Secure Veteran.exe - svchost.exe
IFEO: secureveteran.exe - svchost.exe
IFEO: Security Center.exe - svchost.exe
IFEO: SecurityFighter.exe - svchost.exe
IFEO: securitysoldier.exe - svchost.exe
IFEO: serv95.exe - svchost.exe
IFEO: setloadorder.exe - svchost.exe
IFEO: setupvameeval.exe - svchost.exe
IFEO: setup_flowprotector_us.exe - svchost.exe
IFEO: sgssfw32.exe - svchost.exe
IFEO: sh.exe - svchost.exe
IFEO: shellspyinstall.exe - svchost.exe
IFEO: shield.exe - svchost.exe
IFEO: shn.exe - svchost.exe
IFEO: showbehind.exe - svchost.exe
IFEO: signcheck.exe - svchost.exe
IFEO: smart.exe - svchost.exe
IFEO: smartprotector.exe - svchost.exe
IFEO: smc.exe - svchost.exe
IFEO: smrtdefp.exe - svchost.exe
IFEO: sms.exe - svchost.exe
IFEO: smss32.exe - svchost.exe
IFEO: snetcfg.exe - svchost.exe
IFEO: soap.exe - svchost.exe
IFEO: sofi.exe - svchost.exe
IFEO: SoftSafeness.exe - svchost.exe
IFEO: sperm.exe - svchost.exe
IFEO: spf.exe - svchost.exe
IFEO: sphinx.exe - svchost.exe
IFEO: spoler.exe - svchost.exe
IFEO: spoolcv.exe - svchost.exe
IFEO: spoolsv32.exe - svchost.exe
IFEO: spywarexpguard.exe - svchost.exe
IFEO: spyxx.exe - svchost.exe
IFEO: srexe.exe - svchost.exe
IFEO: srng.exe - svchost.exe
IFEO: ss3edit.exe - svchost.exe
IFEO: ssgrate.exe - svchost.exe
IFEO: ssg_4104.exe - svchost.exe
IFEO: st2.exe - svchost.exe
IFEO: start.exe - svchost.exe
IFEO: stcloader.exe - svchost.exe
IFEO: supftrl.exe - svchost.exe
IFEO: support.exe - svchost.exe
IFEO: supporter5.exe - svchost.exe
IFEO: svc.exe - svchost.exe
IFEO: svchostc.exe - svchost.exe
IFEO: svchosts.exe - svchost.exe
IFEO: svshost.exe - svchost.exe
IFEO: sweep95.exe - svchost.exe
IFEO: sweepnet.sweepsrv.sys.swnetsup.exe - svchost.exe
IFEO: symlcsvc.exe - svchost.exe
IFEO: symproxysvc.exe - svchost.exe
IFEO: symtray.exe - svchost.exe
IFEO: system.exe - svchost.exe
IFEO: system32.exe - svchost.exe
IFEO: sysupd.exe - svchost.exe
IFEO: tapinstall.exe - svchost.exe
IFEO: taskmgr.exe - svchost.exe
IFEO: taumon.exe - svchost.exe
IFEO: tbscan.exe - svchost.exe
IFEO: tc.exe - svchost.exe
IFEO: tca.exe - svchost.exe
IFEO: tcm.exe - svchost.exe
IFEO: tds-3.exe - svchost.exe
IFEO: tds2-98.exe - svchost.exe
IFEO: tds2-nt.exe - svchost.exe
IFEO: teekids.exe - svchost.exe
IFEO: tfak.exe - svchost.exe
IFEO: tfak5.exe - svchost.exe
IFEO: tgbob.exe - svchost.exe
IFEO: titanin.exe - svchost.exe
IFEO: titaninxp.exe - svchost.exe
IFEO: TPSrv.exe - svchost.exe
IFEO: trickler.exe - svchost.exe
IFEO: trjscan.exe - svchost.exe
IFEO: trjsetup.exe - svchost.exe
IFEO: trojantrap3.exe - svchost.exe
IFEO: TrustWarrior.exe - svchost.exe
IFEO: tsadbot.exe - svchost.exe
IFEO: tsc.exe - svchost.exe
IFEO: tvmd.exe - svchost.exe
IFEO: tvtmd.exe - svchost.exe
IFEO: uiscan.exe - svchost.exe
IFEO: undoboot.exe - svchost.exe
IFEO: updat.exe - svchost.exe
IFEO: upgrad.exe - svchost.exe
IFEO: upgrepl.exe - svchost.exe
IFEO: utpost.exe - svchost.exe
IFEO: vbcmserv.exe - svchost.exe
IFEO: vbcons.exe - svchost.exe
IFEO: vbust.exe - svchost.exe
IFEO: vbwin9x.exe - svchost.exe
IFEO: vbwinntw.exe - svchost.exe
IFEO: vcsetup.exe - svchost.exe
IFEO: vet32.exe - svchost.exe
IFEO: vet95.exe - svchost.exe
IFEO: vettray.exe - svchost.exe
IFEO: vfsetup.exe - svchost.exe
IFEO: vir-help.exe - svchost.exe
IFEO: virusmdpersonalfirewall.exe - svchost.exe
IFEO: VisthAux.exe - svchost.exe
IFEO: VisthLic.exe - svchost.exe
IFEO: VisthUpd.exe - svchost.exe
IFEO: vnlan300.exe - svchost.exe
IFEO: vnpc3000.exe - svchost.exe
IFEO: vpc32.exe - svchost.exe
IFEO: vpc42.exe - svchost.exe
IFEO: vpfw30s.exe - svchost.exe
IFEO: vptray.exe - svchost.exe
IFEO: vscan40.exe - svchost.exe
IFEO: vscenu6.02d30.exe - svchost.exe
IFEO: vsched.exe - svchost.exe
IFEO: vsecomr.exe - svchost.exe
IFEO: vshwin32.exe - svchost.exe
IFEO: vsisetup.exe - svchost.exe
IFEO: vsmain.exe - svchost.exe
IFEO: vsmon.exe - svchost.exe
IFEO: vsserv.exe - svchost.exe
IFEO: vsstat.exe - svchost.exe
IFEO: vswin9xe.exe - svchost.exe
IFEO: vswinntse.exe - svchost.exe
IFEO: vswinperse.exe - svchost.exe
IFEO: w32dsm89.exe - svchost.exe
IFEO: W3asbas.exe - svchost.exe
IFEO: w9x.exe - svchost.exe
IFEO: watchdog.exe - svchost.exe
IFEO: webdav.exe - svchost.exe
IFEO: WebProxy.exe - svchost.exe
IFEO: webscanx.exe - svchost.exe
IFEO: webtrap.exe - svchost.exe
IFEO: wfindv32.exe - svchost.exe
IFEO: whoswatchingme.exe - svchost.exe
IFEO: wimmun32.exe - svchost.exe
IFEO: win-bugsfix.exe - svchost.exe
IFEO: win32.exe - svchost.exe
IFEO: win32us.exe - svchost.exe
IFEO: winactive.exe - svchost.exe
IFEO: winav.exe - svchost.exe
IFEO: windll32.exe - svchost.exe
IFEO: window.exe - svchost.exe
IFEO: windows Police Pro.exe - svchost.exe
IFEO: windows.exe - svchost.exe
IFEO: wininetd.exe - svchost.exe
IFEO: wininitx.exe - svchost.exe
IFEO: winlogin.exe - svchost.exe
IFEO: winmain.exe - svchost.exe
IFEO: winppr32.exe - svchost.exe
IFEO: winrecon.exe - svchost.exe
IFEO: winservn.exe - svchost.exe
IFEO: winss.exe - svchost.exe
IFEO: winssk32.exe - svchost.exe
IFEO: winssnotify.exe - svchost.exe
IFEO: WinSSUI.exe - svchost.exe
IFEO: winstart.exe - svchost.exe
IFEO: winstart001.exe - svchost.exe
IFEO: wintsk32.exe - svchost.exe
IFEO: winupdate.exe - svchost.exe
IFEO: wkufind.exe - svchost.exe
IFEO: wnad.exe - svchost.exe
IFEO: wnt.exe - svchost.exe
IFEO: wradmin.exe - svchost.exe
IFEO: wrctrl.exe - svchost.exe
IFEO: wsbgate.exe - svchost.exe
IFEO: wscfxas.exe - svchost.exe
IFEO: wscfxav.exe - svchost.exe
IFEO: wscfxfw.exe - svchost.exe
IFEO: wsctool.exe - svchost.exe
IFEO: wupdater.exe - svchost.exe
IFEO: wupdt.exe - svchost.exe
IFEO: wyvernworksfirewall.exe - svchost.exe
IFEO: xpdeluxe.exe - svchost.exe
IFEO: xpf202en.exe - svchost.exe
IFEO: xp_antispyware.exe - svchost.exe
IFEO: zapro.exe - svchost.exe
IFEO: zapsetup3001.exe - svchost.exe
IFEO: zatutor.exe - svchost.exe
IFEO: zonalm2601.exe - svchost.exe
IFEO: zonealarm.exe - svchost.exe
IFEO: _avp32.exe - svchost.exe
IFEO: _avpcc.exe - svchost.exe
IFEO: _avpm.exe - svchost.exe
IFEO: ~1.exe - svchost.exe
IFEO: ~2.exe - svchost.exe

==== Hosts File Hijack ======================

Hosts: 74.125.45.100 4-open-davinci.com
Hosts: 74.125.45.100 securitysoftwarepayments.com
Hosts: 74.125.45.100 privatesecuredpayments.com
Hosts: 74.125.45.100 secure.privatesecuredpayments.com
Hosts: 74.125.45.100 getantivirusplusnow.com
Hosts: 74.125.45.100 secure-plus-payments.com
Hosts: 74.125.45.100 www.getantivirusplusnow.com
Hosts: 74.125.45.100 www.secure-plus-payments.com
Hosts: 74.125.45.100 www.getavplusnow.com
Hosts: 74.125.45.100 safebrowsing-cache.google.com
Hosts: 74.125.45.100 urs.microsoft.com
Hosts: 74.125.45.100 www.securesoftwarebill.com
Hosts: 74.125.45.100 secure.paysecuresystem.com
Hosts: 74.125.45.100 paysoftbillsolution.com
Hosts: 74.125.45.100 protected.maxisoftwaremart.com
Hosts: 66.232.102.95 www.google.com
Hosts: 66.232.102.95 google.com
Hosts: 66.232.102.95 google.com.au
Hosts: 66.232.102.95 www.google.com.au
Hosts: 66.232.102.95 google.be
Hosts: 66.232.102.95 www.google.be
Hosts: 66.232.102.95 google.com.br
Hosts: 66.232.102.95 www.google.com.br
Hosts: 66.232.102.95 google.ca
Hosts: 66.232.102.95 www.google.ca
Hosts: 66.232.102.95 google.ch
Hosts: 66.232.102.95 www.google.ch
Hosts: 66.232.102.95 google.de
Hosts: 66.232.102.95 www.google.de
Hosts: 66.232.102.95 google.dk
Hosts: 66.232.102.95 www.google.dk
Hosts: 66.232.102.95 google.fr
Hosts: 66.232.102.95 www.google.fr
Hosts: 66.232.102.95 google.ie
Hosts: 66.232.102.95 www.google.ie
Hosts: 66.232.102.95 google.it
Hosts: 66.232.102.95 www.google.it
Hosts: 66.232.102.95 google.co.jp
Hosts: 66.232.102.95 www.google.co.jp
Hosts: 66.232.102.95 google.nl
Hosts: 66.232.102.95 www.google.nl
Hosts: 66.232.102.95 google.no
Hosts: 66.232.102.95 www.google.no
Hosts: 66.232.102.95 google.co.nz
Hosts: 66.232.102.95 www.google.co.nz
Hosts: 66.232.102.95 google.pl
Hosts: 66.232.102.95 www.google.pl
Hosts: 66.232.102.95 google.se
Hosts: 66.232.102.95 www.google.se
Hosts: 66.232.102.95 google.co.uk
Hosts: 66.232.102.95 www.google.co.uk
Hosts: 66.232.102.95 google.co.za
Hosts: 66.232.102.95 www.google.co.za
Hosts: 66.232.102.95 www.google-analytics.com
Hosts: 66.232.102.95 www.bing.com
Hosts: 66.232.102.95 search.yahoo.com
Hosts: 66.232.102.95 www.search.yahoo.com
Hosts: 66.232.102.95 uk.search.yahoo.com
Hosts: 66.232.102.95 ca.search.yahoo.com
Hosts: 66.232.102.95 de.search.yahoo.com
Hosts: 66.232.102.95 fr.search.yahoo.com
Hosts: 66.232.102.95 au.search.yahoo.com

==== Installed Programs ======================


Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 6.0.2 CE
AirTies ADSL Hizmet Programı 4.0.6.8
Apple Application Support
Apple Software Update
Ares 2.1.1
AutoUpdate
Avira AntiVir Personal - Free Antivirus
BSplayer
CamTrack
CD/DVD Sürücü Akustik Susturucu
Conexant AC-Link Audio
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
DivX
DivX Player
Google Chrome
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB954550-v5)
HP Image Zone Express
INPROCOMM Wireless LAN
Intel® Extreme Graphics 2 Driver
InterVideo WinDVD for TOSHIBA
J2SE Runtime Environment 5.0 Update 10
Java 2 Runtime Environment, SE v1.4.2_06
Java Auto Updater
Java™ 6 Update 23
Junk Mail filter update
Macromedia Flash Player
Macromedia Shockwave Player
Messenger Plus! Live
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 1.1 Turkish Language Pack
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote 2003
Microsoft Office XP Media Content
Microsoft Office XP Standard
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.0.19)
MSN Araç Çubuğu
MSVC80_x86_v2
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nokia Connectivity Cable Driver
Nokia PC Suite
PC Connectivity Solution
QuickTime
REALTEK Gigabit and Fast Ethernet NIC Driver
SA31xx Device Manager & Media Converter
SAMSUNG CDMA Modem Driver Set
Samsung PC Studio 3
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Segoe UI
Shiny SH-5552 Plus Camera
SoftV92 Data Fax Modem with SmartCP
Spyware Doctor 8.0
Synaptics Pointing Device Driver
The Weather Channel Desktop 6
TOSHIBA ConfigFree
TOSHIBA El Kitapları
Toshiba Hotkey Utility
TOSHIBA Konsolu
TOSHIBA PC Tanılama Aracı
Toshiba Touchpad Utility
Toshiba Utility
TOSHIBA Yakınlaştırma Yardımcı Programı
Touch and Launch
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Video Power
WebFldrs XP
Winamp
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 7 için Düzeltme (KB947864)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB938127)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB939653)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB942615)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB944533)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB950759)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB953838)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB956390)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB958215)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB960714)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB961260)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB963027)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB969897)
Windows Internet Explorer 8
Windows Internet Explorer 8 için Güncelleştirme (KB976662)
Windows Internet Explorer 8 için Güncelleştirme (KB976749)
Windows Internet Explorer 8 için Güncelleştirme (KB980182)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2183461)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2360131)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2416400)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB969897)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB971961)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB972260)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB974455)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB976325)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB981332)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB982381)
Windows Live Aile Koruması
Windows Live Call
Windows Live Communications Platform
Windows Live Fotoğraf Galerisi
Windows Live Karşıya Yükleme Aracı
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Oturum Açma Yardımcısı
Windows Live Sync
Windows Live Temel Parçalar
Windows Live Toolbar
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player (KB2378111) için Güvenlik Güncelleştirmesi
Windows Media Player (KB911564) için Güvenlik Güncelleştirmesi
Windows Media Player (KB952069) için Güvenlik Güncelleştirmesi
Windows Media Player (KB954155) için Güvenlik Güncelleştirmesi
Windows Media Player (KB968816) için Güvenlik Güncelleştirmesi
Windows Media Player (KB973540) için Güvenlik Güncelleştirmesi
Windows Media Player (KB975558) için Güvenlik Güncelleştirmesi
Windows Media Player (KB978695) için Güvenlik Güncelleştirmesi
Windows Media Player 10
Windows Media Player 10 (KB911565) için Güvenlik Güncelleştirmesi
Windows Media Player 10 (KB917734) için Güvenlik Güncelleştirmesi
Windows Media Player 10 (KB936782) için Güvenlik Güncelleştirmesi
Windows Media Player 6.4 (KB925398) için Güvenlik Güncelleştirmesi
Windows Sürücü Paketi - Nokia Modem (06/09/2010 4.5)
Windows Sürücü Paketi - Nokia Modem (06/09/2010 7.01.0.7)
Windows Sürücü Paketi - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows XP (KB923689) için Güvenlik Güncelleştirmesi
Windows XP (KB941569) için Güvenlik Güncelleştirmesi
Windows XP için Düzeltme (KB2158563)
Windows XP için Düzeltme (KB2443685)
Windows XP için Düzeltme (KB952287)
Windows XP için Düzeltme (KB961118)
Windows XP için Düzeltme (KB970653-v3)
Windows XP için Düzeltme (KB976098-v2)
Windows XP için Düzeltme (KB979306)
Windows XP için Düzeltme (KB981793)
Windows XP için Güncelleştirme (KB2141007)
Windows XP için Güncelleştirme (KB2345886)
Windows XP için Güncelleştirme (KB2467659)
Windows XP için Güncelleştirme (KB951072-v2)
Windows XP için Güncelleştirme (KB951978)
Windows XP için Güncelleştirme (KB955759)
Windows XP için Güncelleştirme (KB955839)
Windows XP için Güncelleştirme (KB961503)
Windows XP için Güncelleştirme (KB967715)
Windows XP için Güncelleştirme (KB968389)
Windows XP için Güncelleştirme (KB971737)
Windows XP için Güncelleştirme (KB973687)
Windows XP için Güncelleştirme (KB973815)
Windows XP için Güvenlik Güncelleştirmesi (KB2079403)
Windows XP için Güvenlik Güncelleştirmesi (KB2115168)
Windows XP için Güvenlik Güncelleştirmesi (KB2121546)
Windows XP için Güvenlik Güncelleştirmesi (KB2160329)
Windows XP için Güvenlik Güncelleştirmesi (KB2229593)
Windows XP için Güvenlik Güncelleştirmesi (KB2259922)
Windows XP için Güvenlik Güncelleştirmesi (KB2279986)
Windows XP için Güvenlik Güncelleştirmesi (KB2286198)
Windows XP için Güvenlik Güncelleştirmesi (KB2296011)
Windows XP için Güvenlik Güncelleştirmesi (KB2296199)
Windows XP için Güvenlik Güncelleştirmesi (KB2347290)
Windows XP için Güvenlik Güncelleştirmesi (KB2360937)
Windows XP için Güvenlik Güncelleştirmesi (KB2387149)
Windows XP için Güvenlik Güncelleştirmesi (KB2419632)
Windows XP için Güvenlik Güncelleştirmesi (KB2423089)
Windows XP için Güvenlik Güncelleştirmesi (KB2436673)
Windows XP için Güvenlik Güncelleştirmesi (KB2440591)
Windows XP için Güvenlik Güncelleştirmesi (KB2443105)
Windows XP için Güvenlik Güncelleştirmesi (KB923561)
Windows XP için Güvenlik Güncelleştirmesi (KB938464-v2)
Windows XP için Güvenlik Güncelleştirmesi (KB938464)
Windows XP için Güvenlik Güncelleştirmesi (KB946648)
Windows XP için Güvenlik Güncelleştirmesi (KB950760)
Windows XP için Güvenlik Güncelleştirmesi (KB950762)
Windows XP için Güvenlik Güncelleştirmesi (KB950974)
Windows XP için Güvenlik Güncelleştirmesi (KB951066)
Windows XP için Güvenlik Güncelleştirmesi (KB951376-v2)
Windows XP için Güvenlik Güncelleştirmesi (KB951376)
Windows XP için Güvenlik Güncelleştirmesi (KB951698)
Windows XP için Güvenlik Güncelleştirmesi (KB951748)
Windows XP için Güvenlik Güncelleştirmesi (KB952004)
Windows XP için Güvenlik Güncelleştirmesi (KB952954)
Windows XP için Güvenlik Güncelleştirmesi (KB953839)
Windows XP için Güvenlik Güncelleştirmesi (KB954211)
Windows XP için Güvenlik Güncelleştirmesi (KB954459)
Windows XP için Güvenlik Güncelleştirmesi (KB954600)
Windows XP için Güvenlik Güncelleştirmesi (KB955069)
Windows XP için Güvenlik Güncelleştirmesi (KB956391)
Windows XP için Güvenlik Güncelleştirmesi (KB956572)
Windows XP için Güvenlik Güncelleştirmesi (KB956744)
Windows XP için Güvenlik Güncelleştirmesi (KB956802)
Windows XP için Güvenlik Güncelleştirmesi (KB956803)
Windows XP için Güvenlik Güncelleştirmesi (KB956841)
Windows XP için Güvenlik Güncelleştirmesi (KB956844)
Windows XP için Güvenlik Güncelleştirmesi (KB957095)
Windows XP için Güvenlik Güncelleştirmesi (KB957097)
Windows XP için Güvenlik Güncelleştirmesi (KB958644)
Windows XP için Güvenlik Güncelleştirmesi (KB958687)
Windows XP için Güvenlik Güncelleştirmesi (KB958690)
Windows XP için Güvenlik Güncelleştirmesi (KB958869)
Windows XP için Güvenlik Güncelleştirmesi (KB959426)
Windows XP için Güvenlik Güncelleştirmesi (KB960225)
Windows XP için Güvenlik Güncelleştirmesi (KB960715)
Windows XP için Güvenlik Güncelleştirmesi (KB960803)
Windows XP için Güvenlik Güncelleştirmesi (KB960859)
Windows XP için Güvenlik Güncelleştirmesi (KB961371)
Windows XP için Güvenlik Güncelleştirmesi (KB961373)
Windows XP için Güvenlik Güncelleştirmesi (KB961501)
Windows XP için Güvenlik Güncelleştirmesi (KB968537)
Windows XP için Güvenlik Güncelleştirmesi (KB969059)
Windows XP için Güvenlik Güncelleştirmesi (KB969898)
Windows XP için Güvenlik Güncelleştirmesi (KB969947)
Windows XP için Güvenlik Güncelleştirmesi (KB970238)
Windows XP için Güvenlik Güncelleştirmesi (KB970430)
Windows XP için Güvenlik Güncelleştirmesi (KB971468)
Windows XP için Güvenlik Güncelleştirmesi (KB971486)
Windows XP için Güvenlik Güncelleştirmesi (KB971557)
Windows XP için Güvenlik Güncelleştirmesi (KB971633)
Windows XP için Güvenlik Güncelleştirmesi (KB971657)
Windows XP için Güvenlik Güncelleştirmesi (KB972270)
Windows XP için Güvenlik Güncelleştirmesi (KB973346)
Windows XP için Güvenlik Güncelleştirmesi (KB973354)
Windows XP için Güvenlik Güncelleştirmesi (KB973507)
Windows XP için Güvenlik Güncelleştirmesi (KB973525)
Windows XP için Güvenlik Güncelleştirmesi (KB973869)
Windows XP için Güvenlik Güncelleştirmesi (KB973904)
Windows XP için Güvenlik Güncelleştirmesi (KB974112)
Windows XP için Güvenlik Güncelleştirmesi (KB974318)
Windows XP için Güvenlik Güncelleştirmesi (KB974392)
Windows XP için Güvenlik Güncelleştirmesi (KB974571)
Windows XP için Güvenlik Güncelleştirmesi (KB975025)
Windows XP için Güvenlik Güncelleştirmesi (KB975467)
Windows XP için Güvenlik Güncelleştirmesi (KB975560)
Windows XP için Güvenlik Güncelleştirmesi (KB975561)
Windows XP için Güvenlik Güncelleştirmesi (KB975562)
Windows XP için Güvenlik Güncelleştirmesi (KB975713)
Windows XP için Güvenlik Güncelleştirmesi (KB977816)
Windows XP için Güvenlik Güncelleştirmesi (KB977914)
Windows XP için Güvenlik Güncelleştirmesi (KB978037)
Windows XP için Güvenlik Güncelleştirmesi (KB978262)
Windows XP için Güvenlik Güncelleştirmesi (KB978338)
Windows XP için Güvenlik Güncelleştirmesi (KB978542)
Windows XP için Güvenlik Güncelleştirmesi (KB978601)
Windows XP için Güvenlik Güncelleştirmesi (KB978706)
Windows XP için Güvenlik Güncelleştirmesi (KB979309)
Windows XP için Güvenlik Güncelleştirmesi (KB979482)
Windows XP için Güvenlik Güncelleştirmesi (KB979559)
Windows XP için Güvenlik Güncelleştirmesi (KB979683)
Windows XP için Güvenlik Güncelleştirmesi (KB979687)
Windows XP için Güvenlik Güncelleştirmesi (KB980195)
Windows XP için Güvenlik Güncelleştirmesi (KB980218)
Windows XP için Güvenlik Güncelleştirmesi (KB980232)
Windows XP için Güvenlik Güncelleştirmesi (KB980436)
Windows XP için Güvenlik Güncelleştirmesi (KB981322)
Windows XP için Güvenlik Güncelleştirmesi (KB981852)
Windows XP için Güvenlik Güncelleştirmesi (KB981957)
Windows XP için Güvenlik Güncelleştirmesi (KB981997)
Windows XP için Güvenlik Güncelleştirmesi (KB982132)
Windows XP için Güvenlik Güncelleştirmesi (KB982214)
Windows XP için Güvenlik Güncelleştirmesi (KB982665)
Windows XP için Güvenlik Güncelleştirmesi (KB982802)
Windows XP Service Pack 3
WinRAR arşiv yöneticisi

==== End Of File ===========================

GMER:


GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-01-19 21:53:29
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK4025GAS rev.KA100U
Running: gmer.exe; Driver: C:\DOCUME~1\elif\LOCALS~1\Temp\pxtdapob.sys


---- System - GMER 1.0.15 ----

SSDT AE082296 ZwCreateKey
SSDT AE08228C ZwCreateThread
SSDT AE08229B ZwDeleteKey
SSDT AE0822A5 ZwDeleteValueKey
SSDT AE0822AA ZwLoadKey
SSDT AE082278 ZwOpenProcess
SSDT AE08227D ZwOpenThread
SSDT AE0822B4 ZwReplaceKey
SSDT AE0822AF ZwRestoreKey
SSDT AE0822A0 ZwSetValueKey

---- Kernel code sections - GMER 1.0.15 ----

? C:\DOCUME~1\elif\LOCALS~1\Temp\mbr.sys Sistem belirtilen dosyayı bulamıyor. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtCreateFile + 6 7C8FD0B4 4 Bytes [28, 00, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtCreateFile + B 7C8FD0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtMapViewOfSection + 6 7C8FD524 1 Byte [28]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtMapViewOfSection + 6 7C8FD524 4 Bytes [28, 03, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtMapViewOfSection + B 7C8FD529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtOpenFile + 6 7C8FD5A4 4 Bytes [68, 00, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtOpenFile + B 7C8FD5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtOpenProcess + 6 7C8FD604 4 Bytes [A8, 01, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtOpenProcess + B 7C8FD609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtOpenProcessToken + B 7C8FD619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtOpenProcessTokenEx + 6 7C8FD624 4 Bytes [A8, 02, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtOpenProcessTokenEx + B 7C8FD629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtOpenThread + 6 7C8FD664 4 Bytes [68, 01, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtOpenThread + B 7C8FD669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtOpenThreadToken + 6 7C8FD674 4 Bytes [68, 02, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtOpenThreadToken + B 7C8FD679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtOpenThreadTokenEx + B 7C8FD689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtQueryAttributesFile + 6 7C8FD714 4 Bytes [A8, 00, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtQueryAttributesFile + B 7C8FD719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtQueryFullAttributesFile + B 7C8FD7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtSetInformationFile + 6 7C8FDC64 4 Bytes [28, 01, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtSetInformationFile + B 7C8FDC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtSetInformationThread + 6 7C8FDCB4 4 Bytes [28, 02, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtSetInformationThread + B 7C8FDCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtUnmapViewOfSection + 6 7C8FDF14 1 Byte [68]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtUnmapViewOfSection + 6 7C8FDF14 4 Bytes [68, 03, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1336] ntdll.dll!NtUnmapViewOfSection + B 7C8FDF19 1 Byte [E2]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Google\Chrome\Application\chrome.exe[1336] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)

Device \Driver\SMBHC \Device\SmbHc SMBCLASS.SYS (SMBus Class Driver/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d11d17
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0011b107a397
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0011b107a397@0016db3ee858 0x30 0x3F 0x2C 0xCF ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0011b107a397@44f459e3ac79 0xDE 0xB7 0x5A 0x08 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001060d11d17 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0011b107a397 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0011b107a397@0016db3ee858 0x30 0x3F 0x2C 0xCF ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0011b107a397@44f459e3ac79 0xDE 0xB7 0x5A 0x08 ...

---- EOF - GMER 1.0.15 ----

#4 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 19 January 2011 - 06:37 PM

Please download Malwarebytes' Anti-Malware from HERE or HERE

Note: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.


Then, re-scan with DDS and post the log here :)

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#5 fzltrk

fzltrk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 20 January 2011 - 09:39 AM

hi! I think my pc is getting better:)the antivirus programmes activated after the restart.thank you!

this is the log of MBAM:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Veritabanı sürümü: 5559

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

20.01.2011 16:18:12
mbam-log-2011-01-20 (16-18-12).txt

Tarama kipi: Derin tarama (C:\|D:\|)
Taranmış öğeler: 257532
Geçen süre: 1 saat, 39 dakika, 48 saniye

Etkilenmiş Hafıza İşlemleri: 0
Etkilenmiş Hafıza Modülleri: 0
Etkilenmiş Kayıt Anahtarları: 769
Etkilenmiş Kayıt Değerleri: 31
Etkilenmiş Veri Öğeleri: 8
Etkilenmiş Klasörler: 2
Etkilenmiş Dosyalar: 18

Etkilenmiş Hafıza İşlemleri:
(Zararlı öğe tespit edilmedi)

Etkilenmiş Hafıza Modülleri:
(Zararlı öğe tespit edilmedi)

Etkilenmiş Kayıt Anahtarları:
HKEY_CLASSES_ROOT\AppID\{127DF9B4-D75D-44A6-AF78-8C3A8CEB03DB} (Adware.WhenU) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD} (Adware.WhenU) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095} (Adware.WhenU) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086} (Adware.WhenU) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DECEAAA2-370A-49BB-9362-68C3A58DDC62} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\a.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aAvgApi.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\About.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ackwin32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ad-Aware.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adaware.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\advxdwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AdwarePrj.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentsvr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alertsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alevir.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alogserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AluSchedulerSvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\amon9x.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\anti-trojan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Anti-Virus Professional.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntispywarXP2009.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirus.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusPlus (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusPlus.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusPro_2010.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusXP (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntivirusXP.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusxppro2009.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntiVirus_Pro.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ants.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apimonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aplica32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apvxdwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\arr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashAvast.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashBug.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashChest.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashCnsnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashLogV.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashMaiSv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashPopWz.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashQuick.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashServ.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSimp2.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSimpl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSkPcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSkPck.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashUpd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashWebSv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswChLic.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswRegSvr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswRunDll.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswUpdSv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atcon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atguard.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atro55en.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atupdater.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\au.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\auto-protect.nav80try.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autodown.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autotrace.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\av360.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avadmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avciman.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ave32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgchk.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcsrvx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgctrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgdumpx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgemc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgiproxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnsx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrsx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgscanx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv9.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgsrmax.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgtray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgwdsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkpop.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkservice.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkwctl9.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avltmain.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avmailc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avmcdlg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avnotify.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpdos32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avptc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avsched32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avsynmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avupgsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWEBGRD.EXE (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwin95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwinnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwsc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupsrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitor9x.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitornt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxquar.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\b.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backweb.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bargains.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdfvcl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdfvwiz.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BDInProcPatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdmcon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BDMsnScan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BDSurvey.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bd_professional.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\beagle.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\belt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bidef.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bidserver.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bipcp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bipcpevalsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bisp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blackd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blackice.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blink.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blss.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bootconf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bootwarn.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\borg2.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brasil.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brastk.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bs120.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bspatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundle.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bvt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\c.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cavscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccapp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccevtmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccpxysvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cdp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfgwiz.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfiadmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfiaudit.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfinet.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfinet32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfpconfg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfplogvw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfpupdat.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Cl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\claw95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\claw95cf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\clean.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cleaner.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cleaner3.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cleanIELow.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cleanpc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\click.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmdagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmesys.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmgrdian.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmon016.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\connectionmonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\control (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cpd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cpf9x206.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cpfnt206.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\crashrep.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\csc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cssconfg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cssupdat.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cssurf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cwnb181.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cwntdwmo.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\d.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\datemanager.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dcomx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defalert.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defscangui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deloeminfs.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deputy.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllcache.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllreg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\doors.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dop.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dpf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dpfsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dpps2.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\driverctrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwatson.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drweb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwebupw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dssagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95_0.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ecengine.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\efpeadm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\emsw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\esafe.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\escanhnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\escanv95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\espwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ethereal.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\etrustcipe.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\evpn.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\exantivirus-cnet.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\exe.avxw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\expert.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explore.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-agnt95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-prot.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-prot95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-stopw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fact.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fameh32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fast.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fch32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fih32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\findviru.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firewall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fixcfg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fixfp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fnrb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fp-win.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fp-win_trial.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fprot.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frmwrk32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsaa.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav530stbyb.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav530wtbyb.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsgk32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsm32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsma32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsmb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gator.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gbmenu.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gbn976rl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gbpoll.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\generics.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gmt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guard.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guarddog.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardgui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hacktracersetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hbinst.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hbsrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\History.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\homeav2010.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hotactio.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hotpatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htlog.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htpatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hwpe.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hxdl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hxiul.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iamapp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iamserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iamstats.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ibmasn.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ibmavsp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icload95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icloadnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icsupp95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icsuppnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Identity.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\idle.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iedll.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iedriver.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEShow.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iface.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ifw2000.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\inetlnfo.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infus.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\init.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\init32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[1].exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[2].exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[3].exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[4].exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[5].exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\intdel.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\intren.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iomon98.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\istsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jammer.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jdbgmrg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jedi.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\JsRcGen.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavlite40eng.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavpers40eng.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavpf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kazza.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\keenvalue.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-pf-213-en-win.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-wrl-421-en-win.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-wrp-421-en-win.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\killprocesssetup161.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldnetmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldpro.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldpromenu.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\licmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lnetinfo.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\loader.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\localnet.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lockdown.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lockdown2000.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lookout.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lordpe.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luau.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lucomserver.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luinit.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luspt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MalwareRemoval.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mapisvc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcmnhdlr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcmscsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcnasvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcproxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\McSACore.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshell.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcsysmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mctool.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsrte.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsshld.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\md.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfin32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfw2en.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfweng3.02d30.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mgavrtcl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mgavrte.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mghtml.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mgui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\minilog.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmod.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\monitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\moolive.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpfagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpfservice.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MPFSrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpftray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mrflux.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mrt.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msa.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msapp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msbb.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msblast.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscache.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msccn32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscman.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msdm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msdos.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msfwsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msiexec16.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mslaugh.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmgt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmsgri32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mssmmc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mssys.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msvxd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mu0311ad.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\n32scanw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navap.navapsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapw32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navdx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navlu32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navstub.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navw32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navwnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nc2000.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ncinst4.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ndd32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neomonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neowatchlog.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netarmor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netd32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netinfo.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netscanpro.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netspyhunter-1.2.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netutils.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nisserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nisum.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nmain.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\normist.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\norton_internet_secu_3.0_407.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notstart.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npf40_tw_98_nt_me_2k.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npfmessenger.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nprotect.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npscheck.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npssvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nsched32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nssys32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nstask32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nsupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ntrtscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ntvdm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ntxconfig.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nupgrade.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvarch16.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvc95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvsvc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nwinst4.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nwservice.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nwtool16.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OAcat.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OAhlp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OAReg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oasrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oaui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oaview.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OcHealthMon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ODSW.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ollydbg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onsrvr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\optimize.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ostronet.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\otfix.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpost.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpostinstall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpostproinstall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ozn695m5.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\padmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\panixk.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\patch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavcl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PavFnSvr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavproxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavprsrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavsched.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavsrv51.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pccwin98.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcfwallicon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcip10117_0.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsAuxs.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsGui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsSvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsTray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PC_Antispyware2010.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdfndr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PerAvir.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\periscope.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\persfw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\personalguard (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\personalguard.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\perswf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pf2.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pfwadmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pgmonitr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pingscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pop3trap.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\poproxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\popscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\portdetective.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\portmonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ppinupdt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pptbc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ppvstop.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prizesurfer.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prmt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prmvr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procdump.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\processmonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexplorerv1.0.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\programauditor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\proport.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protector.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSANCU.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSANHost.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSANToManager.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PsCtrls.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PsImSvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PskSvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pspf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSUNMain.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\purge.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qconsole.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qh.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qserver.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quick Heal.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QuickHealCleaner.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rapapp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rav7.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rav7win.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rav8win32eng.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rcsync.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\realmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\reged.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rescue.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rescue32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rrguard.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rscdwld.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rshell.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rtvscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rtvscn95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rulaunch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rwg (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rwg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SafetyKeeper.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeweb.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sahagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Save.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveArmor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveDefense.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveKeep.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\savenow.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sbserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scam32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanpm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scrscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Secure Veteran.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\secureveteran.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Security Center.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SecurityFighter.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\securitysoldier.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\serv95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setloadorder.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setupvameeval.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup_flowprotector_us.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sgssfw32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sh.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shellspyinstall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shield.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shn.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\showbehind.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\signcheck.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smart.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartprotector.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smrtdefp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sms.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smss32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snetcfg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\soap.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sofi.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftSafeness.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sperm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sphinx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spoler.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spoolcv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spoolsv32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spywarexpguard.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spyxx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\srexe.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\srng.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ss3edit.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ssgrate.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ssg_4104.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\st2.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\start.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stcloader.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\supftrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\support.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\supporter5.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svchostc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svchosts.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svshost.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweep95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweepnet.sweepsrv.sys.swnetsup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symproxysvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symtray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\system.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\system32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sysupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taumon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tca.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tcm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tds-3.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tds2-98.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tds2-nt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\teekids.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tfak.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tfak5.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tgbob.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\titanin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\titaninxp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TPSrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trickler.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trjscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trjsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trojantrap3.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrustWarrior.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tsadbot.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tsc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tvmd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tvtmd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\undoboot.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\updat.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upgrad.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utpost.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbcmserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbcons.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbust.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbwin9x.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbwinntw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vcsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vet32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vet95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vettray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vfsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vir-help.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\virusmdpersonalfirewall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthAux.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthLic.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthUpd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vnlan300.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vnpc3000.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vpc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vpc42.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vpfw30s.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vptray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vscan40.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vscenu6.02d30.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsched.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsecomr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vshwin32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsisetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsmain.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsstat.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vswin9xe.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vswinntse.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vswinperse.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w32dsm89.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\W3asbas.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w9x.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\watchdog.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webdav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WebProxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webscanx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webtrap.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wfindv32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\whoswatchingme.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wimmun32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\win-bugsfix.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\win32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\win32us.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winactive.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\windll32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\window.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\windows Police Pro.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\windows.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wininetd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wininitx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winlogin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winmain.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winppr32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winrecon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winservn.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winss.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winssk32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winssnotify.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WinSSUI.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winstart.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winstart001.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintsk32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wkufind.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wnad.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wradmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wrctrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wsbgate.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscfxas.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscfxav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscfxfw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wsctool.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wupdater.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wupdt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wyvernworksfirewall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xpdeluxe.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xpf202en.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xp_antispyware.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapro.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zatutor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zonalm2601.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zonealarm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~1.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~2.exe (Security.Hijack) -> Quarantined and deleted successfully.

Etkilenmiş Kayıt Değerleri:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\0 (Security.Hijack) -> Value: 0 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\1 (Security.Hijack) -> Value: 1 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\2 (Security.Hijack) -> Value: 2 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\3 (Security.Hijack) -> Value: 3 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\4 (Security.Hijack) -> Value: 4 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\5 (Security.Hijack) -> Value: 5 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\6 (Security.Hijack) -> Value: 6 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\7 (Security.Hijack) -> Value: 7 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\8 (Security.Hijack) -> Value: 8 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\9 (Security.Hijack) -> Value: 9 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\10 (Security.Hijack) -> Value: 10 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\11 (Security.Hijack) -> Value: 11 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\12 (Security.Hijack) -> Value: 12 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\13 (Security.Hijack) -> Value: 13 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\14 (Security.Hijack) -> Value: 14 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\15 (Security.Hijack) -> Value: 15 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Arrakis3.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdAgent.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdreinit.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdsubwiz.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdtkexec.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdwizreg.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\livesrv.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\seccenter.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uiscan.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upgrepl.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsserv.exe\Debugger (Security.Hijack) -> Value: Debugger -> Quarantined and deleted successfully.

Etkilenmiş Veri Öğeleri:
HKEY_CLASSES_ROOT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=2247&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=2247&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=2247&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-19\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=2247&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=2247&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-20\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=2247&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=2247&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and deleted successfully.

Etkilenmiş Klasörler:
c:\documents and settings\elif\start menu\programlar\WhenU (Adware.WhenU) -> Quarantined and deleted successfully.
c:\documents and settings\elif\application data\personal security sentinel (Rogue.PersonalSecuritySentinel) -> Quarantined and deleted successfully.

Etkilenmiş Dosyalar:
c:\system volume information\_restore{c262d2c8-b360-48c1-983f-dacf369ca37b}\RP363\A0124487.rbf (PUP.Dealio) -> Quarantined and deleted successfully.
c:\system volume information\_restore{c262d2c8-b360-48c1-983f-dacf369ca37b}\RP363\A0124476.rbf (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{c262d2c8-b360-48c1-983f-dacf369ca37b}\RP363\A0124479.rbf (PUP.Dealio) -> Quarantined and deleted successfully.
c:\system volume information\_restore{c262d2c8-b360-48c1-983f-dacf369ca37b}\RP363\A0124480.rbf (PUP.Dealio) -> Quarantined and deleted successfully.
c:\system volume information\_restore{c262d2c8-b360-48c1-983f-dacf369ca37b}\RP363\A0124482.rbf (PUP.Dealio) -> Quarantined and deleted successfully.
c:\system volume information\_restore{c262d2c8-b360-48c1-983f-dacf369ca37b}\RP363\A0124484.rbf (PUP.Dealio) -> Quarantined and deleted successfully.
c:\system volume information\_restore{c262d2c8-b360-48c1-983f-dacf369ca37b}\RP363\A0124485.rbf (PUP.Dealio) -> Quarantined and deleted successfully.
c:\system volume information\_restore{c262d2c8-b360-48c1-983f-dacf369ca37b}\RP363\A0124488.rbf (PUP.Dealio) -> Quarantined and deleted successfully.
c:\documents and settings\elif\application data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\elif\start menu\programlar\WhenU\customer support.lnk (Adware.WhenU) -> Quarantined and deleted successfully.
c:\documents and settings\elif\start menu\programlar\WhenU\learn more about whenu save.url (Adware.WhenU) -> Quarantined and deleted successfully.
c:\documents and settings\elif\start menu\programlar\WhenU\learn more about whenu savenow.url (Adware.WhenU) -> Quarantined and deleted successfully.
c:\documents and settings\elif\start menu\programlar\WhenU\uninstall instructions.lnk (Adware.WhenU) -> Quarantined and deleted successfully.
c:\documents and settings\elif\start menu\programlar\WhenU\uninstall.lnk (Adware.WhenU) -> Quarantined and deleted successfully.
c:\documents and settings\elif\start menu\programlar\WhenU\whenu help desk.lnk (Adware.WhenU) -> Quarantined and deleted successfully.
c:\documents and settings\elif\start menu\programlar\WhenU\whenu.com website.url (Adware.WhenU) -> Quarantined and deleted successfully.
c:\documents and settings\elif\application data\personal security sentinel\cookies.sqlite (Rogue.PersonalSecuritySentinel) -> Quarantined and deleted successfully.
c:\documents and settings\elif\application data\personal security sentinel\instructions.ini (Rogue.PersonalSecuritySentinel) -> Quarantined and deleted successfully.

#6 fzltrk

fzltrk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 20 January 2011 - 09:41 AM

And this is the dds report after the restart:

DDS (Ver_10-12-12.02) - NTFSx86
Run by elif at 16:26:30,30 on 20.01.2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Home Edition 5.1.2600.3.1254.90.1055.18.1262.662 [GMT 2:00]

AV: AntiVir Desktop *Enabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Personal Security Sentinel *Enabled/Updated* {9920488C-9654-4C59-B1D9-EFC05A434E99}
FW: Personal Security Sentinel *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
svchost.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\TOSHIBA Yakınlaştırma Yardımcı Programı\SmoothView.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\tr-tr\msnappau.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\Program Files\PC Tools Security\pctsGui.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\AirTies\ADSL Hizmet Programı\AirTies_util3.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\elif\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.tr/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = http=127.0.0.1:25579
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0 ce\reader\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live Oturum Açma Yardım Aracı: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: ST: {9394ede7-c8b5-483e-8773-474bf36af6e4} - c:\program files\msn apps\st\01.03.0000.1005\en-xu\stmain.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: MSNToolBandBHO: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.5000.1021\tr-tr\msntb.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.5000.1021\tr-tr\msntb.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Toshiba Hotkey Utility] "c:\program files\toshiba\windows utilities\Hotkey.exe" /lang TR
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba yakınlaştırma yardımcı programı\SmoothView.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [msnappau] "c:\program files\msn apps\updater\01.02.3000.1001\tr-tr\msnappau.exe"
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [FixCamera] c:\windows\FixCamera.exe
mRun: [tsnp325] c:\windows\tsnp325.exe
mRun: [snp325] c:\windows\vsnp325.exe
mRun: [ISTray] "c:\program files\pc tools security\pctsGui.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
StartupFolder: c:\docume~1\elif\startm~1\progra~1\balang~1\micros~1.lnk - c:\program files\microsoft office\office11\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\progra~1\balang~1\airtie~1.lnk - c:\program files\airties\adsl hizmet programı\AirTies_util3.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\progra~1\balang~1\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
uPolicies-explorer: DisallowRun = 1 (0x1)
IE: Microsoft Excel'e Gö&nder - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://spaces.msn.com//PhotoUpload/MsnPUpld.cab
DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://elfguven.spaces.live.com/PhotoUpload/MsnPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: {07B49086-2F45-4AE3-837E-5CC785AC6647} = 208.67.222.222,208.67.220.220
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
IFEO: image file execution options - svchost.exe
Hosts: 74.125.45.100 4-open-davinci.com
Hosts: 74.125.45.100 securitysoftwarepayments.com
Hosts: 74.125.45.100 privatesecuredpayments.com
Hosts: 74.125.45.100 secure.privatesecuredpayments.com
Hosts: 74.125.45.100 getantivirusplusnow.com

Note: multiple HOSTS entries found. Please refer to Attach.txt

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\elif\applic~1\mozilla\firefox\profiles\lege21gy.default\
FF - prefs.js: browser.search.selectedEngine - search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.tr/
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\dealio toolbar\ff\components\dealioToolbarFF.dll
FF - component: c:\program files\dealio toolbar\ssff\components\SearchSettingsFF.dll
FF - plugin: c:\documents and settings\elif\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJPI150_10.dll
FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPOJI610.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: United States English Dictionary: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2011-1-12 239168]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2011-1-12 338880]
R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2011-1-12 656320]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-1-17 11608]
R1 SMBHC;Microsoft SM Yolu Ana Denetleyici Sürücüsü;c:\windows\system32\drivers\smbhc.sys [2004-11-29 6784]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-1-17 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-1-17 267944]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-1-17 61960]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-10-30 54752]
R3 SMBBATT;Microsoft Akıllı Pil Sürücüsü;c:\windows\system32\drivers\smbbatt.sys [2004-11-29 16000]
S2 AVGIDSAgent;AVGIDSAgent;"c:\program files\avg\avg10\identity protection\agent\bin\avgidsagent.exe" --> c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [?]
S2 gupdate;Google Güncelleme Hizmeti (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-19 135664]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\toolbarbroker.exe --> c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [?]
S3 IPN2220;INPROCOMM IPN2220 Wireless LAN Card Driver;c:\windows\system32\drivers\i2220ntx.sys [2004-12-6 155392]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-1-20 38224]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [2010-12-16 10253056]
S4 ApacheImpartia;ApacheImpartia;"d:\system\apache\apache.exe" --ntservice --> d:\system\apache\Apache.exe [?]
S4 fsssvc;Windows Live Aile Koruması Hizmeti;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]

=============== Created Last 30 ================

2011-01-20 12:26:05 -------- dc----w- c:\docume~1\elif\applic~1\Malwarebytes
2011-01-20 12:25:58 38224 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-20 12:25:56 -------- dc----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-01-20 12:25:53 20952 -c--a-w- c:\windows\system32\drivers\mbam.sys
2011-01-20 12:25:52 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-17 17:12:42 512992 -c--a-w- c:\program files\sdsetup.exe
2011-01-17 16:42:29 61960 -c--a-w- c:\windows\system32\drivers\avgntflt.sys
2011-01-17 16:42:28 -------- dc----w- c:\program files\Avira
2011-01-17 16:42:28 -------- dc----w- c:\docume~1\alluse~1\applic~1\Avira
2011-01-17 16:31:51 59325912 -c--a-w- c:\program files\avira_antivir_personal_en (2).exe
2011-01-12 00:13:23 656320 -c--a-w- c:\windows\system32\drivers\pctEFA.sys
2011-01-12 00:13:23 338880 -c--a-w- c:\windows\system32\drivers\pctDS.sys
2011-01-12 00:13:22 249616 -c--a-w- c:\windows\system32\drivers\pctgntdi.sys
2011-01-12 00:13:20 239168 -c--a-w- c:\windows\system32\drivers\PCTCore.sys
2011-01-12 00:13:20 160448 -c--a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2011-01-12 00:13:13 70536 -c--a-w- c:\windows\system32\drivers\pctplsg.sys
2011-01-12 00:12:51 -------- dc----w- c:\program files\PC Tools Security
2011-01-12 00:12:51 -------- dc----w- c:\program files\common files\PC Tools
2011-01-12 00:12:51 -------- dc----w- c:\docume~1\elif\applic~1\PC Tools
2011-01-11 23:24:23 -------- dc----w- c:\docume~1\alluse~1\applic~1\PC Tools
2011-01-11 23:04:51 -------- dc----w- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar
2011-01-11 21:49:06 388096 -c--a-r- c:\docume~1\elif\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-01-11 21:49:03 -------- dc----w- c:\program files\Trend Micro
2011-01-10 17:35:47 -------- dc-h--w- c:\docume~1\alluse~1\applic~1\Common Files
2011-01-10 17:32:25 -------- dc----w- c:\docume~1\alluse~1\applic~1\AVG10
2011-01-10 17:31:37 -------- dc----w- c:\windows\pss
2011-01-08 22:22:18 -------- dc----w- c:\docume~1\alluse~1\applic~1\MFAData
2011-01-08 21:50:08 -------- dcsh--w- c:\docume~1\alluse~1\applic~1\PSBWS
2011-01-08 21:48:20 -------- dcsh--w- c:\docume~1\alluse~1\applic~1\1fe22a
2011-01-06 21:02:15 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2011-01-06 21:02:15 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-01-06 21:02:15 472808 -c--a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-01-06 20:53:25 883488 -c--a-w- c:\program files\chromeinstall-6u23.exe
2011-01-04 18:56:33 1286504 -c--a-w- c:\program files\wlsetup-web.exe
2011-01-04 18:27:17 54272 -c--a-w- c:\windows\system32\vfwwdm32.dll
2011-01-04 18:27:17 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-12-23 17:36:49 83933544 -c--a-w- c:\program files\common files\windows live\.cache\wlc25B.tmp

==================== Find3M ====================

2010-11-18 18:12:45 81920 -c--a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:30 249856 -c--a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:21:17 916480 -c--a-w- c:\windows\system32\wininet.dll
2010-11-06 00:21:15 43520 -c--a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:21:15 1469440 -c--a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:27:25 385024 -c--a-w- c:\windows\system32\html.iec
2010-10-28 13:13:33 290048 -c--a-w- c:\windows\system32\atmfd.dll
2010-10-26 14:07:03 1853312 -c--a-w- c:\windows\system32\win32k.sys
2010-09-28 21:35:20 35809360 -c--a-w- c:\program files\Nokia_PC_Suite_tur_web.exe
2010-08-11 20:39:39 3955824 -c--a-w- c:\program files\SilentUpdate.exe
2006-10-25 19:50:26 5137736 -c--a-w- c:\program files\Firefox Setup 1.5.0.7.exe
2006-10-23 15:34:36 15366440 -c--a-w- c:\program files\Install_Messenger.exe
2006-08-08 18:28:53 8661936 -c--a-w- c:\program files\winamp524_full_bundle_emusic-7plus.exe
2006-01-23 20:50:12 3745834 -c--a-w- c:\program files\SweetImSetup.exe

============= FINISH: 16:28:36,31 ===============

and the attach log:

DDS (Ver_10-12-12.02)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 02.09.2005 12:21:32
System Uptime: 20.01.2011 16:20:42 (0 hours ago)

Motherboard: TOSHIBA | | Satellite L10
Processor: Intel® Pentium® M processor 1.70GHz | uFCPGA2 | 1694/400mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 37 GiB total, 6,427 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP360: 22.10.2010 20:25:41 - Sistem Denetleme Noktası
RP361: 27.10.2010 21:42:19 - Avg Update
RP362: 31.10.2010 14:47:01 - Sistem Denetleme Noktası
RP363: 01.11.2010 23:15:31 - Removed Dealio Toolbar v4.0.2.
RP364: 01.11.2010 23:18:36 - Removed Samsung Samples Installer
RP365: 02.11.2010 20:43:37 - Removed Samsung PC Studio 3 USB Driver Installer
RP366: 10.11.2010 22:41:08 - Avg Update
RP367: 10.11.2010 22:41:52 - Avg Update
RP368: 14.11.2010 23:48:42 - Installed Windows XP Wudf01000.
RP369: 15.11.2010 00:26:41 - Software Distribution Service 3.0
RP370: 19.11.2010 00:16:42 - Software Distribution Service 3.0
RP371: 29.11.2010 00:25:07 - Avg Update
RP372: 29.11.2010 00:26:45 - Avg Update
RP373: 13.12.2010 00:12:35 - Sistem Denetleme Noktası
RP374: 14.12.2010 22:06:30 - Sistem Denetleme Noktası
RP375: 16.12.2010 23:51:31 - Installed Shiny SH-5552 Plus Camera
RP376: 16.12.2010 23:52:48 - Installed Video Power
RP377: 17.12.2010 00:12:06 - Configured Shiny SH-5552 Plus Camera
RP378: 17.12.2010 00:12:43 - Configured Shiny SH-5552 Plus Camera
RP379: 17.12.2010 01:01:48 - Software Distribution Service 3.0
RP380: 23.12.2010 19:45:19 - Installed DirectX
RP381: 24.12.2010 21:34:46 - Software Distribution Service 3.0
RP382: 04.01.2011 20:27:09 - İmzasız sürücü yüklemesi
RP383: 06.01.2011 23:01:41 - Installed Java™ 6 Update 23
RP384: 09.01.2011 01:20:52 - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP385: 09.01.2011 01:21:12 - Yüklenen AVG 2011
RP386: 09.01.2011 01:23:46 - Removed AVG Free 9.0
RP387: 09.01.2011 01:26:17 - Kaldırılan AVG 2011
RP388: 10.01.2011 19:30:25 - Yüklenen AVG 2011
RP389: 10.01.2011 19:37:06 - Yüklenen AVG 2011
RP390: 10.01.2011 19:37:20 - Kaldırılan AVG 2011
RP391: 11.01.2011 23:49:02 - Installed HiJackThis
RP392: 12.01.2011 01:01:28 - Yüklenen AVG 2011
RP393: 12.01.2011 01:06:24 - Yüklenen AVG 2011
RP394: 12.01.2011 01:06:35 - Kaldırılan AVG 2011
RP395: 12.01.2011 02:04:29 - Removed Ad-Aware
RP396: 12.01.2011 19:23:56 - Software Distribution Service 3.0
RP397: 19.01.2011 16:34:43 - Software Distribution Service 3.0

==== Hosts File Hijack ======================

Hosts: 74.125.45.100 4-open-davinci.com
Hosts: 74.125.45.100 securitysoftwarepayments.com
Hosts: 74.125.45.100 privatesecuredpayments.com
Hosts: 74.125.45.100 secure.privatesecuredpayments.com
Hosts: 74.125.45.100 getantivirusplusnow.com
Hosts: 74.125.45.100 secure-plus-payments.com
Hosts: 74.125.45.100 www.getantivirusplusnow.com
Hosts: 74.125.45.100 www.secure-plus-payments.com
Hosts: 74.125.45.100 www.getavplusnow.com
Hosts: 74.125.45.100 safebrowsing-cache.google.com
Hosts: 74.125.45.100 urs.microsoft.com
Hosts: 74.125.45.100 www.securesoftwarebill.com
Hosts: 74.125.45.100 secure.paysecuresystem.com
Hosts: 74.125.45.100 paysoftbillsolution.com
Hosts: 74.125.45.100 protected.maxisoftwaremart.com
Hosts: 66.232.102.95 www.google.com
Hosts: 66.232.102.95 google.com
Hosts: 66.232.102.95 google.com.au
Hosts: 66.232.102.95 www.google.com.au
Hosts: 66.232.102.95 google.be
Hosts: 66.232.102.95 www.google.be
Hosts: 66.232.102.95 google.com.br
Hosts: 66.232.102.95 www.google.com.br
Hosts: 66.232.102.95 google.ca
Hosts: 66.232.102.95 www.google.ca
Hosts: 66.232.102.95 google.ch
Hosts: 66.232.102.95 www.google.ch
Hosts: 66.232.102.95 google.de
Hosts: 66.232.102.95 www.google.de
Hosts: 66.232.102.95 google.dk
Hosts: 66.232.102.95 www.google.dk
Hosts: 66.232.102.95 google.fr
Hosts: 66.232.102.95 www.google.fr
Hosts: 66.232.102.95 google.ie
Hosts: 66.232.102.95 www.google.ie
Hosts: 66.232.102.95 google.it
Hosts: 66.232.102.95 www.google.it
Hosts: 66.232.102.95 google.co.jp
Hosts: 66.232.102.95 www.google.co.jp
Hosts: 66.232.102.95 google.nl
Hosts: 66.232.102.95 www.google.nl
Hosts: 66.232.102.95 google.no
Hosts: 66.232.102.95 www.google.no
Hosts: 66.232.102.95 google.co.nz
Hosts: 66.232.102.95 www.google.co.nz
Hosts: 66.232.102.95 google.pl
Hosts: 66.232.102.95 www.google.pl
Hosts: 66.232.102.95 google.se
Hosts: 66.232.102.95 www.google.se
Hosts: 66.232.102.95 google.co.uk
Hosts: 66.232.102.95 www.google.co.uk
Hosts: 66.232.102.95 google.co.za
Hosts: 66.232.102.95 www.google.co.za
Hosts: 66.232.102.95 www.google-analytics.com
Hosts: 66.232.102.95 www.bing.com
Hosts: 66.232.102.95 search.yahoo.com
Hosts: 66.232.102.95 www.search.yahoo.com
Hosts: 66.232.102.95 uk.search.yahoo.com
Hosts: 66.232.102.95 ca.search.yahoo.com
Hosts: 66.232.102.95 de.search.yahoo.com
Hosts: 66.232.102.95 fr.search.yahoo.com
Hosts: 66.232.102.95 au.search.yahoo.com

==== Installed Programs ======================


Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 6.0.2 CE
AirTies ADSL Hizmet Programı 4.0.6.8
Apple Application Support
Apple Software Update
Ares 2.1.1
AutoUpdate
Avira AntiVir Personal - Free Antivirus
BSplayer
CamTrack
CD/DVD Sürücü Akustik Susturucu
Conexant AC-Link Audio
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
DivX
DivX Player
Google Chrome
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB954550-v5)
HP Image Zone Express
INPROCOMM Wireless LAN
Intel® Extreme Graphics 2 Driver
InterVideo WinDVD for TOSHIBA
J2SE Runtime Environment 5.0 Update 10
Java 2 Runtime Environment, SE v1.4.2_06
Java Auto Updater
Java™ 6 Update 23
Junk Mail filter update
Macromedia Flash Player
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
Messenger Plus! Live
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 1.1 Turkish Language Pack
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote 2003
Microsoft Office XP Media Content
Microsoft Office XP Standard
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.0.19)
MSN Araç Çubuğu
MSVC80_x86_v2
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nokia Connectivity Cable Driver
Nokia PC Suite
PC Connectivity Solution
QuickTime
REALTEK Gigabit and Fast Ethernet NIC Driver
SA31xx Device Manager & Media Converter
SAMSUNG CDMA Modem Driver Set
Samsung PC Studio 3
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Segoe UI
Shiny SH-5552 Plus Camera
SoftV92 Data Fax Modem with SmartCP
Spyware Doctor 8.0
Synaptics Pointing Device Driver
The Weather Channel Desktop 6
TOSHIBA ConfigFree
TOSHIBA El Kitapları
Toshiba Hotkey Utility
TOSHIBA Konsolu
TOSHIBA PC Tanılama Aracı
Toshiba Touchpad Utility
Toshiba Utility
TOSHIBA Yakınlaştırma Yardımcı Programı
Touch and Launch
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Video Power
WebFldrs XP
Winamp
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 7 için Düzeltme (KB947864)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB938127)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB939653)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB942615)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB944533)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB950759)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB953838)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB956390)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB958215)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB960714)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB961260)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB963027)
Windows Internet Explorer 7 için Güvenlik Güncelleştirmesi (KB969897)
Windows Internet Explorer 8
Windows Internet Explorer 8 için Güncelleştirme (KB976662)
Windows Internet Explorer 8 için Güncelleştirme (KB976749)
Windows Internet Explorer 8 için Güncelleştirme (KB980182)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2183461)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2360131)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2416400)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB969897)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB971961)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB972260)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB974455)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB976325)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB981332)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB982381)
Windows Live Aile Koruması
Windows Live Call
Windows Live Communications Platform
Windows Live Fotoğraf Galerisi
Windows Live Karşıya Yükleme Aracı
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Oturum Açma Yardımcısı
Windows Live Sync
Windows Live Temel Parçalar
Windows Live Toolbar
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player (KB2378111) için Güvenlik Güncelleştirmesi
Windows Media Player (KB911564) için Güvenlik Güncelleştirmesi
Windows Media Player (KB952069) için Güvenlik Güncelleştirmesi
Windows Media Player (KB954155) için Güvenlik Güncelleştirmesi
Windows Media Player (KB968816) için Güvenlik Güncelleştirmesi
Windows Media Player (KB973540) için Güvenlik Güncelleştirmesi
Windows Media Player (KB975558) için Güvenlik Güncelleştirmesi
Windows Media Player (KB978695) için Güvenlik Güncelleştirmesi
Windows Media Player 10
Windows Media Player 10 (KB911565) için Güvenlik Güncelleştirmesi
Windows Media Player 10 (KB917734) için Güvenlik Güncelleştirmesi
Windows Media Player 10 (KB936782) için Güvenlik Güncelleştirmesi
Windows Media Player 6.4 (KB925398) için Güvenlik Güncelleştirmesi
Windows Sürücü Paketi - Nokia Modem (06/09/2010 4.5)
Windows Sürücü Paketi - Nokia Modem (06/09/2010 7.01.0.7)
Windows Sürücü Paketi - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows XP (KB923689) için Güvenlik Güncelleştirmesi
Windows XP (KB941569) için Güvenlik Güncelleştirmesi
Windows XP için Düzeltme (KB2158563)
Windows XP için Düzeltme (KB2443685)
Windows XP için Düzeltme (KB952287)
Windows XP için Düzeltme (KB961118)
Windows XP için Düzeltme (KB970653-v3)
Windows XP için Düzeltme (KB976098-v2)
Windows XP için Düzeltme (KB979306)
Windows XP için Düzeltme (KB981793)
Windows XP için Güncelleştirme (KB2141007)
Windows XP için Güncelleştirme (KB2345886)
Windows XP için Güncelleştirme (KB2467659)
Windows XP için Güncelleştirme (KB951072-v2)
Windows XP için Güncelleştirme (KB951978)
Windows XP için Güncelleştirme (KB955759)
Windows XP için Güncelleştirme (KB955839)
Windows XP için Güncelleştirme (KB961503)
Windows XP için Güncelleştirme (KB967715)
Windows XP için Güncelleştirme (KB968389)
Windows XP için Güncelleştirme (KB971737)
Windows XP için Güncelleştirme (KB973687)
Windows XP için Güncelleştirme (KB973815)
Windows XP için Güvenlik Güncelleştirmesi (KB2079403)
Windows XP için Güvenlik Güncelleştirmesi (KB2115168)
Windows XP için Güvenlik Güncelleştirmesi (KB2121546)
Windows XP için Güvenlik Güncelleştirmesi (KB2160329)
Windows XP için Güvenlik Güncelleştirmesi (KB2229593)
Windows XP için Güvenlik Güncelleştirmesi (KB2259922)
Windows XP için Güvenlik Güncelleştirmesi (KB2279986)
Windows XP için Güvenlik Güncelleştirmesi (KB2286198)
Windows XP için Güvenlik Güncelleştirmesi (KB2296011)
Windows XP için Güvenlik Güncelleştirmesi (KB2296199)
Windows XP için Güvenlik Güncelleştirmesi (KB2347290)
Windows XP için Güvenlik Güncelleştirmesi (KB2360937)
Windows XP için Güvenlik Güncelleştirmesi (KB2387149)
Windows XP için Güvenlik Güncelleştirmesi (KB2419632)
Windows XP için Güvenlik Güncelleştirmesi (KB2423089)
Windows XP için Güvenlik Güncelleştirmesi (KB2436673)
Windows XP için Güvenlik Güncelleştirmesi (KB2440591)
Windows XP için Güvenlik Güncelleştirmesi (KB2443105)
Windows XP için Güvenlik Güncelleştirmesi (KB923561)
Windows XP için Güvenlik Güncelleştirmesi (KB938464-v2)
Windows XP için Güvenlik Güncelleştirmesi (KB938464)
Windows XP için Güvenlik Güncelleştirmesi (KB946648)
Windows XP için Güvenlik Güncelleştirmesi (KB950760)
Windows XP için Güvenlik Güncelleştirmesi (KB950762)
Windows XP için Güvenlik Güncelleştirmesi (KB950974)
Windows XP için Güvenlik Güncelleştirmesi (KB951066)
Windows XP için Güvenlik Güncelleştirmesi (KB951376-v2)
Windows XP için Güvenlik Güncelleştirmesi (KB951376)
Windows XP için Güvenlik Güncelleştirmesi (KB951698)
Windows XP için Güvenlik Güncelleştirmesi (KB951748)
Windows XP için Güvenlik Güncelleştirmesi (KB952004)
Windows XP için Güvenlik Güncelleştirmesi (KB952954)
Windows XP için Güvenlik Güncelleştirmesi (KB953839)
Windows XP için Güvenlik Güncelleştirmesi (KB954211)
Windows XP için Güvenlik Güncelleştirmesi (KB954459)
Windows XP için Güvenlik Güncelleştirmesi (KB954600)
Windows XP için Güvenlik Güncelleştirmesi (KB955069)
Windows XP için Güvenlik Güncelleştirmesi (KB956391)
Windows XP için Güvenlik Güncelleştirmesi (KB956572)
Windows XP için Güvenlik Güncelleştirmesi (KB956744)
Windows XP için Güvenlik Güncelleştirmesi (KB956802)
Windows XP için Güvenlik Güncelleştirmesi (KB956803)
Windows XP için Güvenlik Güncelleştirmesi (KB956841)
Windows XP için Güvenlik Güncelleştirmesi (KB956844)
Windows XP için Güvenlik Güncelleştirmesi (KB957095)
Windows XP için Güvenlik Güncelleştirmesi (KB957097)
Windows XP için Güvenlik Güncelleştirmesi (KB958644)
Windows XP için Güvenlik Güncelleştirmesi (KB958687)
Windows XP için Güvenlik Güncelleştirmesi (KB958690)
Windows XP için Güvenlik Güncelleştirmesi (KB958869)
Windows XP için Güvenlik Güncelleştirmesi (KB959426)
Windows XP için Güvenlik Güncelleştirmesi (KB960225)
Windows XP için Güvenlik Güncelleştirmesi (KB960715)
Windows XP için Güvenlik Güncelleştirmesi (KB960803)
Windows XP için Güvenlik Güncelleştirmesi (KB960859)
Windows XP için Güvenlik Güncelleştirmesi (KB961371)
Windows XP için Güvenlik Güncelleştirmesi (KB961373)
Windows XP için Güvenlik Güncelleştirmesi (KB961501)
Windows XP için Güvenlik Güncelleştirmesi (KB968537)
Windows XP için Güvenlik Güncelleştirmesi (KB969059)
Windows XP için Güvenlik Güncelleştirmesi (KB969898)
Windows XP için Güvenlik Güncelleştirmesi (KB969947)
Windows XP için Güvenlik Güncelleştirmesi (KB970238)
Windows XP için Güvenlik Güncelleştirmesi (KB970430)
Windows XP için Güvenlik Güncelleştirmesi (KB971468)
Windows XP için Güvenlik Güncelleştirmesi (KB971486)
Windows XP için Güvenlik Güncelleştirmesi (KB971557)
Windows XP için Güvenlik Güncelleştirmesi (KB971633)
Windows XP için Güvenlik Güncelleştirmesi (KB971657)
Windows XP için Güvenlik Güncelleştirmesi (KB972270)
Windows XP için Güvenlik Güncelleştirmesi (KB973346)
Windows XP için Güvenlik Güncelleştirmesi (KB973354)
Windows XP için Güvenlik Güncelleştirmesi (KB973507)
Windows XP için Güvenlik Güncelleştirmesi (KB973525)
Windows XP için Güvenlik Güncelleştirmesi (KB973869)
Windows XP için Güvenlik Güncelleştirmesi (KB973904)
Windows XP için Güvenlik Güncelleştirmesi (KB974112)
Windows XP için Güvenlik Güncelleştirmesi (KB974318)
Windows XP için Güvenlik Güncelleştirmesi (KB974392)
Windows XP için Güvenlik Güncelleştirmesi (KB974571)
Windows XP için Güvenlik Güncelleştirmesi (KB975025)
Windows XP için Güvenlik Güncelleştirmesi (KB975467)
Windows XP için Güvenlik Güncelleştirmesi (KB975560)
Windows XP için Güvenlik Güncelleştirmesi (KB975561)
Windows XP için Güvenlik Güncelleştirmesi (KB975562)
Windows XP için Güvenlik Güncelleştirmesi (KB975713)
Windows XP için Güvenlik Güncelleştirmesi (KB977816)
Windows XP için Güvenlik Güncelleştirmesi (KB977914)
Windows XP için Güvenlik Güncelleştirmesi (KB978037)
Windows XP için Güvenlik Güncelleştirmesi (KB978262)
Windows XP için Güvenlik Güncelleştirmesi (KB978338)
Windows XP için Güvenlik Güncelleştirmesi (KB978542)
Windows XP için Güvenlik Güncelleştirmesi (KB978601)
Windows XP için Güvenlik Güncelleştirmesi (KB978706)
Windows XP için Güvenlik Güncelleştirmesi (KB979309)
Windows XP için Güvenlik Güncelleştirmesi (KB979482)
Windows XP için Güvenlik Güncelleştirmesi (KB979559)
Windows XP için Güvenlik Güncelleştirmesi (KB979683)
Windows XP için Güvenlik Güncelleştirmesi (KB979687)
Windows XP için Güvenlik Güncelleştirmesi (KB980195)
Windows XP için Güvenlik Güncelleştirmesi (KB980218)
Windows XP için Güvenlik Güncelleştirmesi (KB980232)
Windows XP için Güvenlik Güncelleştirmesi (KB980436)
Windows XP için Güvenlik Güncelleştirmesi (KB981322)
Windows XP için Güvenlik Güncelleştirmesi (KB981852)
Windows XP için Güvenlik Güncelleştirmesi (KB981957)
Windows XP için Güvenlik Güncelleştirmesi (KB981997)
Windows XP için Güvenlik Güncelleştirmesi (KB982132)
Windows XP için Güvenlik Güncelleştirmesi (KB982214)
Windows XP için Güvenlik Güncelleştirmesi (KB982665)
Windows XP için Güvenlik Güncelleştirmesi (KB982802)
Windows XP Service Pack 3
WinRAR arşiv yöneticisi

==== End Of File ===========================

#7 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 20 January 2011 - 09:01 PM

Good but we're not finish yet.. I still can see some bad entries on your log.. Lets proceed with deeper scanner..



Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix.. Please visit HERE if you don't know how.. Please re-enable them back after performing all steps given..

IMPORTANT! If you're using AVG, please UNINSTALL them first

Please download ComboFix by sUBs from HERE or HERE and save it to your Desktop.

During the download, rename Combofix to Combo-Fix as follows:

Posted Image

Posted Image


It is important you rename Combofix during the download, but not after.

**NOTE: If you are using Firefox, make sure that your download settings are as follows:
  • Tools->Options->Main tab
  • Set to "Always ask me where to Save the files".


After that, double-click and run Combo-Fix. Let it finish its job and post the log here

If ComboFix asked you to install Recovery Console, please do so.. It will be your best interest..

Note: DON'T do anything with your computer while ComboFix is running.. Let ComboFix finishes its job..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#8 fzltrk

fzltrk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 21 January 2011 - 05:21 AM

I did the things you said but when I started o run combofix, it gived a warning that "personal security sentinel" is active. I searched it to deactivate or delete but can not find. the combofix warned that it may damage the computer to run it while personal security sentinel is active so I stopped to run it.what do you suggest now?

#9 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 21 January 2011 - 07:16 AM

Just run ComboFix then :)

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#10 fzltrk

fzltrk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 21 January 2011 - 07:42 AM

the combofix log:

ComboFix 11-01-20.03 - elif 21.01.2011 14:31:23.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1254.90.1055.18.1262.811 [GMT 2:00]
Running from: c:\documents and settings\elif\Desktop\Combo-Fix.exe
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Personal Security Sentinel *Enabled/Updated* {9920488C-9654-4C59-B1D9-EFC05A434E99}
FW: Personal Security Sentinel *Enabled* {B2FC5E84-4243-4FBB-BD97-7566BB22A462}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\data
c:\data\TempDl\PBTHash_41B13F74E5AF9E35049B6D3345CAA5FF957F8DC6.dat
c:\documents and settings\All Users\Application Data\1fe22a
c:\documents and settings\All Users\Application Data\1fe22a\1fe22a3d03a0c85681ecf3f97ca4d8d3.ocx
c:\documents and settings\All Users\Application Data\1fe22a\8257.mof
c:\documents and settings\All Users\Application Data\1fe22a\BackUp\AirTies ADSL Hizmet Programı.lnk
c:\documents and settings\All Users\Application Data\1fe22a\BackUp\CamTrack.lnk
c:\documents and settings\All Users\Application Data\1fe22a\BackUp\Microsoft Office OneNote 2003 Quick Launch.lnk
c:\documents and settings\All Users\Application Data\1fe22a\BackUp\Microsoft Office.lnk
c:\documents and settings\All Users\Application Data\1fe22a\kxgu8zlsdgirggldk.dll
c:\documents and settings\All Users\Application Data\1fe22a\mozcrt19.dll
c:\documents and settings\All Users\Application Data\1fe22a\PS1fe_2247.exe
c:\documents and settings\All Users\Application Data\1fe22a\PSS.ico
c:\documents and settings\All Users\Application Data\1fe22a\sqlite3.dll
c:\documents and settings\elif\Recent\ANTIGEN.dll
c:\documents and settings\elif\Recent\ANTIGEN.drv
c:\documents and settings\elif\Recent\ANTIGEN.sys
c:\documents and settings\elif\Recent\cb.dll
c:\documents and settings\elif\Recent\cb.drv
c:\documents and settings\elif\Recent\cid.exe
c:\documents and settings\elif\Recent\CLSV.dll
c:\documents and settings\elif\Recent\CLSV.drv
c:\documents and settings\elif\Recent\CLSV.sys
c:\documents and settings\elif\Recent\CLSV.tmp
c:\documents and settings\elif\Recent\DBOLE.sys
c:\documents and settings\elif\Recent\ddv.exe
c:\documents and settings\elif\Recent\ddv.sys
c:\documents and settings\elif\Recent\delfile.drv
c:\documents and settings\elif\Recent\delfile.exe
c:\documents and settings\elif\Recent\delfile.sys
c:\documents and settings\elif\Recent\dudl.dll
c:\documents and settings\elif\Recent\dudl.drv
c:\documents and settings\elif\Recent\dudl.sys
c:\documents and settings\elif\Recent\eb.dll
c:\documents and settings\elif\Recent\eb.exe
c:\documents and settings\elif\Recent\eb.sys
c:\documents and settings\elif\Recent\eb.tmp
c:\documents and settings\elif\Recent\energy.exe
c:\documents and settings\elif\Recent\energy.sys
c:\documents and settings\elif\Recent\energy.tmp
c:\documents and settings\elif\Recent\exec.dll
c:\documents and settings\elif\Recent\exec.drv
c:\documents and settings\elif\Recent\exec.sys
c:\documents and settings\elif\Recent\exec.tmp
c:\documents and settings\elif\Recent\fan.drv
c:\documents and settings\elif\Recent\fan.exe
c:\documents and settings\elif\Recent\fan.sys
c:\documents and settings\elif\Recent\FW.drv
c:\documents and settings\elif\Recent\FW.exe
c:\documents and settings\elif\Recent\FW.sys
c:\documents and settings\elif\Recent\FW.tmp
c:\documents and settings\elif\Recent\gid.dll
c:\documents and settings\elif\Recent\gid.drv
c:\documents and settings\elif\Recent\gid.sys
c:\documents and settings\elif\Recent\grid.dll
c:\documents and settings\elif\Recent\grid.drv
c:\documents and settings\elif\Recent\grid.sys
c:\documents and settings\elif\Recent\hymt.dll
c:\documents and settings\elif\Recent\hymt.exe
c:\documents and settings\elif\Recent\hymt.tmp
c:\documents and settings\elif\Recent\kernel32.dll
c:\documents and settings\elif\Recent\kernel32.drv
c:\documents and settings\elif\Recent\kernel32.exe
c:\documents and settings\elif\Recent\kernel32.sys
c:\documents and settings\elif\Recent\pal.dll
c:\documents and settings\elif\Recent\pal.exe
c:\documents and settings\elif\Recent\pal.tmp
c:\documents and settings\elif\Recent\PE.dll
c:\documents and settings\elif\Recent\PE.drv
c:\documents and settings\elif\Recent\PE.exe
c:\documents and settings\elif\Recent\PE.sys
c:\documents and settings\elif\Recent\PE.tmp
c:\documents and settings\elif\Recent\ppal.dll
c:\documents and settings\elif\Recent\ppal.tmp
c:\documents and settings\elif\Recent\runddl.dll
c:\documents and settings\elif\Recent\runddl.drv
c:\documents and settings\elif\Recent\runddl.sys
c:\documents and settings\elif\Recent\runddlkey.tmp
c:\documents and settings\elif\Recent\SICKBOY.exe
c:\documents and settings\elif\Recent\SICKBOY.sys
c:\documents and settings\elif\Recent\sld.exe
c:\documents and settings\elif\Recent\SM.exe
c:\documents and settings\elif\Recent\SM.tmp
c:\documents and settings\elif\Recent\snl2w.drv
c:\documents and settings\elif\Recent\std.sys
c:\documents and settings\elif\Recent\tempdoc.sys
c:\documents and settings\elif\Recent\tjd.dll
c:\documents and settings\elif\Recent\tjd.exe
c:\documents and settings\elif\Recent\tjd.sys
c:\documents and settings\elif\Recent\tjd.tmp
c:\windows\ST6UNST.000
c:\windows\system\ACD.CMD
c:\windows\system\ACD2.CMD
c:\windows\system32\1055\dwintl.dll
c:\windows\system32\Ijl11.dll
c:\windows\system32\ktkbdhk3.dll
c:\windows\winhelp.ini

.
((((((((((((((((((((((((( Files Created from 2010-12-21 to 2011-01-21 )))))))))))))))))))))))))))))))
.

2011-01-20 12:26 . 2011-01-20 12:26 -------- dc----w- c:\documents and settings\elif\Application Data\Malwarebytes
2011-01-20 12:25 . 2010-12-20 16:09 38224 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-20 12:25 . 2011-01-20 12:25 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-01-20 12:25 . 2010-12-20 16:08 20952 -c--a-w- c:\windows\system32\drivers\mbam.sys
2011-01-20 12:25 . 2011-01-20 12:25 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-17 16:42 . 2010-12-13 06:40 61960 -c--a-w- c:\windows\system32\drivers\avgntflt.sys
2011-01-17 16:42 . 2010-12-13 06:40 135096 -c--a-w- c:\windows\system32\drivers\avipbb.sys
2011-01-17 16:42 . 2010-06-17 12:27 45416 -c--a-w- c:\windows\system32\drivers\avgntdd.sys
2011-01-17 16:42 . 2010-06-17 12:27 22360 -c--a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-01-17 16:42 . 2011-01-17 16:42 -------- dc----w- c:\program files\Avira
2011-01-17 16:42 . 2011-01-17 16:42 -------- dc----w- c:\documents and settings\All Users\Application Data\Avira
2011-01-17 16:31 . 2011-01-17 16:41 59325912 -c--a-w- c:\program files\avira_antivir_personal_en (2).exe
2011-01-12 00:12 . 2011-01-21 09:58 -------- dc----w- c:\program files\Common Files\PC Tools
2011-01-12 00:03 . 2011-01-21 09:40 -------- dc--a-w- c:\documents and settings\All Users\Application Data\TEMP
2011-01-11 23:24 . 2011-01-21 09:37 -------- dc----w- c:\documents and settings\All Users\Application Data\PC Tools
2011-01-11 23:04 . 2011-01-11 23:04 -------- dc----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2011-01-10 17:35 . 2011-01-10 17:35 -------- dc-h--w- c:\documents and settings\All Users\Application Data\Common Files
2011-01-10 17:32 . 2011-01-11 23:06 -------- dc----w- c:\documents and settings\All Users\Application Data\AVG10
2011-01-08 22:22 . 2011-01-11 22:54 -------- dc----w- c:\documents and settings\All Users\Application Data\MFAData
2011-01-08 21:50 . 2011-01-08 21:50 -------- dcsh--w- c:\documents and settings\All Users\Application Data\PSBWS
2011-01-06 21:02 . 2011-01-06 21:01 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2011-01-06 21:02 . 2011-01-06 21:01 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-01-06 21:02 . 2011-01-06 21:01 472808 -c--a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-01-06 20:53 . 2011-01-06 20:53 883488 -c--a-w- c:\program files\chromeinstall-6u23.exe
2011-01-04 18:56 . 2011-01-04 18:57 1286504 -c--a-w- c:\program files\wlsetup-web.exe
2011-01-04 18:27 . 2008-04-14 17:00 54272 -c--a-w- c:\windows\system32\vfwwdm32.dll
2011-01-04 18:27 . 2008-04-14 17:00 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-12-23 17:36 . 2010-12-23 17:37 83933544 -c--a-w- c:\program files\Common Files\Windows Live\.cache\wlc25B.tmp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:12 . 2004-11-29 12:40 81920 -c--a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52 . 2004-11-29 13:25 249856 -c--a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:21 . 2004-11-29 13:26 916480 -c--a-w- c:\windows\system32\wininet.dll
2010-11-06 00:21 . 2004-11-29 13:25 43520 -c--a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:21 . 2004-11-29 13:25 1469440 -c--a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:27 . 2004-11-29 13:25 385024 -c--a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2004-11-29 13:25 40960 -c--a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2004-11-29 13:25 290048 -c--a-w- c:\windows\system32\atmfd.dll
2010-10-26 14:07 . 2004-11-29 13:26 1853312 -c--a-w- c:\windows\system32\win32k.sys
2010-09-28 21:35 . 2010-09-28 21:22 35809360 -c--a-w- c:\program files\Nokia_PC_Suite_tur_web.exe
2010-08-11 20:39 . 2010-08-11 20:39 3955824 -c--a-w- c:\program files\SilentUpdate.exe
2006-10-25 19:50 . 2006-10-25 19:50 5137736 -c--a-w- c:\program files\Firefox Setup 1.5.0.7.exe
2006-10-23 15:34 . 2006-10-23 15:33 15366440 -c--a-w- c:\program files\Install_Messenger.exe
2006-08-08 18:28 . 2006-08-08 18:28 8661936 -c--a-w- c:\program files\winamp524_full_bundle_emusic-7plus.exe
2006-01-23 20:50 . 2006-01-23 20:49 3745834 -c--a-w- c:\program files\SweetImSetup.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2003-09-15 65536]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2010-04-16 818288]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-10-08 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-10-08 126976]
"Toshiba Hotkey Utility"="c:\program files\Toshiba\Windows Utilities\Hotkey.exe" [2004-12-10 1089536]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-08 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-08 688218]
"PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2004-11-17 1077327]
"SmoothView"="c:\program files\TOSHIBA\TOSHIBA Yakınlaştırma Yardımcı Programı\SmoothView.exe" [2004-11-15 118784]
"NDSTray.exe"="NDSTray.exe" [BU]
"msnappau"="c:\program files\MSN Apps\Updater\01.02.3000.1001\tr-tr\msnappau.exe" [2004-08-13 86016]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]
"tsnp325"="c:\windows\tsnp325.exe" [2006-10-10 270336]
"snp325"="c:\windows\vsnp325.exe" [2006-10-10 827392]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Default User\Start Menu\Programlar\BaŸlang‡\
CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2010-12-16 407408]

c:\documents and settings\aydan\Start Menu\Programlar\BaŸlang‡\
CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2010-12-16 407408]

c:\documents and settings\Default User\Start Menu\Programlar\BaŸlang‡\
CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2010-12-16 407408]

c:\documents and settings\elif\Start Menu\Programlar\BaŸlang‡\
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-4-19 64864]

c:\documents and settings\All Users\Start Menu\Programlar\BaŸlang‡\
AirTies ADSL Hizmet Program.lnk - c:\program files\AirTies\ADSL Hizmet Program\AirTies_util3.exe [2007-1-17 2552320]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

c:\documents and settings\Default User\Start Menu\Programlar\BaŸlang‡\
CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2010-12-16 407408]

c:\documents and settings\Default User\Start Menu\Programlar\BaŸlang‡\
CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2010-12-16 407408]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ServiceLayer"=3 (0x3)
"SeaPort"=2 (0x2)
"ose"=3 (0x3)
"MDM"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"fsssvc"=3 (0x3)
"ApacheImpartia"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\AirTies\\ADSL Hizmet Programı\\AirTies_util3.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R1 SMBHC;Microsoft SM Yolu Ana Denetleyici Sürücüsü;c:\windows\system32\drivers\smbhc.sys [29.11.2004 16:36 6784]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [17.01.2011 18:42 135336]
R3 SMBBATT;Microsoft Akıllı Pil Sürücüsü;c:\windows\system32\drivers\smbbatt.sys [29.11.2004 16:36 16000]
S2 AVGIDSAgent;AVGIDSAgent;"c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe" --> c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [?]
S2 gupdate;Google Güncelleme Hizmeti (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [19.06.2010 16:44 135664]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe --> c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [?]
S3 IPN2220;INPROCOMM IPN2220 Wireless LAN Card Driver;c:\windows\system32\drivers\i2220ntx.sys [06.12.2004 10:15 155392]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [20.01.2011 14:25 38224]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [16.12.2010 23:51 10253056]
S4 ApacheImpartia;ApacheImpartia;"d:\system\apache\Apache.exe" --ntservice --> d:\system\apache\Apache.exe [?]
.
Contents of the 'Scheduled Tasks' folder

2010-05-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 09:34]

2011-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-19 14:43]

2011-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-19 14:43]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.tr/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = http=127.0.0.1:25579
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Microsoft Excel'e Gö&nder - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: {07B49086-2F45-4AE3-837E-5CC785AC6647} = 208.67.222.222,208.67.220.220
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
FF - ProfilePath - c:\documents and settings\elif\Application Data\Mozilla\Firefox\Profiles\lege21gy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.tr/
FF - Ext: United States English Dictionary: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - ORPHANS REMOVED - - - -

BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
HKU-Default-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe
MSConfigStartUp-Personal Security Sentinel - c:\documents and settings\All Users\Application Data\1fe22a\PS1fe_2247.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-21 14:36
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(644)
c:\windows\system32\igfxsrvc.dll
c:\windows\system32\hccutils.DLL
.
Completion time: 2011-01-21 14:39:35
ComboFix-quarantined-files.txt 2011-01-21 12:39

Pre-Run: 6.960.795.648 bayt boş
Post-Run: 8.023.633.920 bayt boş

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 856478A05290AB03E42BB6C4C4F0B4A3

#11 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 21 January 2011 - 09:44 PM

looks much better.. How's the computer now? :)

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#12 fzltrk

fzltrk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 23 January 2011 - 08:27 AM

thank you!rarely it gives some popups but that's all:)
can you advice any free antivirus and spyware programme?

#13 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 23 January 2011 - 10:43 AM

rarely it gives some popups but that's all:)


May I know what kind of popups please?

For free antivirus, I personally prefer either Avast or Avira.. Choose either one of them..
For antispyware, I much prefer Malwarebytes' above all others, but its real-time protection doesn't available for free version...

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#14 fzltrk

fzltrk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 23 January 2011 - 02:41 PM

they're about sports bet sites.
thank you for the help and advice:)

#15 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 23 January 2011 - 11:13 PM

Lets look if you have any TDL rootkit inside..



Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users