Scribd Logo
Upload

Welcome to Scribd!

  • 59 views

    RR 2 Log

    Uploaded by

    Betopiris

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    RR 2 Log

    Uploaded by

    Betopiris
    59 views13 pages

    Original Title

    rr2log

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    59 views13 pages

    RR 2 Log

    Uploaded by

    Betopiris

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    of 13

    RegRun Reanimator - Scan for Viruses... Start check 17.08.2011 at:10:42:52 a.m. Prohibited:1 Suspicious:20 Warnings:3 Prohibited:Drivers pci.sys=C:\Windows\SYSTEM32\DRIVERS\PCI.

    SYS Enumerador PCI Plug and Play de NT Microsoft Corporation Sistema operativo Micro soft Windows 6.1.7600.16385 ****************************** Suspicious:Browser Helper Objects {FCBCCB87-9224-4B8D-B117-F56D924BEB18}=C:\PROGRAM FILES (X86)\VIDEO2DOWN DB TOOL BAR\TBCORE3.DLL IE Toolbar Engine IE Toolbar 4, 2, 0, 7 ****************************** Suspicious:URLSearchHook {CA3EB689-8F09-4026-AA10-B9534C691CE0}=C:\PROGRAM FILES (X86)\VIDEO2DOWN DB TOOL BAR\TBHELPER.DLL IE Toolbar Helper Module IE Toolbar 4, 2, 0, 7 ****************************** Suspicious:Toolbars {338B4DFE-2E2C-4338-9E41-E176D497299E}=C:\PROGRAM FILES (X86)\VIDEO2DOWN DB TOOL BAR\TBCORE3.DLL IE Toolbar Engine IE Toolbar 4, 2, 0, 7 ****************************** Suspicious:Svchost DLLs QWAVE=%windir%\system32\qwave.dll File is deleted or hidden by rootkit or could not be located. ****************************** Suspicious:Svchost DLLs HPSLPSVC=C:\PROGRAM FILES (X86)\HP\DIGITAL IMAGING\BIN\HPSLPSVC64.DLL HP Network Devices Support Hewlett-Packard Co. HP Digital Imaging 130.000.999.00 0 ****************************** Suspicious:Svchost DLLs Net Driver HPZ12=C:\Windows\system32\HPZinw12.dll Dot4Net Module Hewlett-Packard Bidi User Mode 12,2,3,21 File is deleted or hidde n by rootkit or could not be located. ****************************** Suspicious:Svchost DLLs Pml Driver HPZ12=C:\Windows\system32\HPZipm12.dll PmlDrv Module Hewlett-Packard Bidi User Mode 12,2,3,21 File is deleted or hidden by rootkit or could not be located. ****************************** Suspicious:Svchost DLLs seclogon=%windir%\system32\seclogon.dll File is deleted or hidden by rootkit or could not be located. ****************************** Suspicious:Svchost DLLs UxTuneUp=%SystemRoot%\System32\uxtuneup.dll File is deleted or hidden by rootkit or could not be located. ****************************** Suspicious:Auto Services Oasis2Service="C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" Internal Name: Oasis2Service. Status: service running. Actual File: "C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" * DDNI Oasis 2 Services Oa sis2Service Oasis2Service 1.0.1.0 ****************************** Suspicious:Auto Services SampleCollector="C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" " /sstates" "/sampleinterval=2000" "/procinterval=5" "/dllinterval=120" "/counter= \Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/s ec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Proces

    sor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle T ime:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\ % C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Process or(*)\% Processor Time:1" "/directory=inteldata" Internal Name: SampleCollector. Status: service running. Actual File: "C:\Progra m Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval =2000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Proce ssor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network I nterface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Process or Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Pr ocessor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcount er=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=inteldata" * Checks the systems performance for VAIO Care. VAIO Care Performance Service Sony Corporation VAIO Care Performance Service 3, 0, 0, 523 ****************************** Suspicious:Auto Services SamSs=C:\Windows\system32\lsass.exe Internal Name: SamSs. Status: service running. Actual File: C:\Windows\system32\ lsass.exe * El inicio de este servicio indica a otros servicios que el Administr ador de cuentas de seguridad (SAM) est listo para aceptar solicitudes. Si deshabi lita este servicio, impedir que se notifique a otros servicios del sistema cundo e st listo SAM, lo que a su vez puede provocar un error de inicio de dichos servici os. No debe deshabilitar este servicio. Local Security Authority Process Microso ft Corporation Microsoft Windows Operating System 6.1.7600.16385 ****************************** Suspicious:Auto Services Schedule=C:\Windows\system32\lsass.exe Internal Name: SamSs. Status: service running. Actual File: C:\Windows\system32\ lsass.exe * El inicio de este servicio indica a otros servicios que el Administr ador de cuentas de seguridad (SAM) est listo para aceptar solicitudes. Si deshabi lita este servicio, impedir que se notifique a otros servicios del sistema cundo e st listo SAM, lo que a su vez puede provocar un error de inicio de dichos servici os. No debe deshabilitar este servicio. Local Security Authority Process Microso ft Corporation Microsoft Windows Operating System 6.1.7600.16385 ****************************** Suspicious:Auto Services Spooler=C:\Windows\System32\spoolsv.exe Internal Name: Spooler. Status: service running. Actual File: C:\Windows\System3 2\spoolsv.exe * Carga archivos en la memoria para imprimirlos ms tarde. Aplicacin de subsistema de cola Microsoft Corporation Sistema operativo Microsoft Windows 6. 1.7600.16385 ****************************** Suspicious:Auto Services sppsvc=C:\Windows\system32\sppsvc.exe Internal Name: sppsvc. Status: service stopped. Actual File: C:\Windows\system32 \sppsvc.exe * Habilita la descarga, instalacin y aplicacin de licencias digitales para Windows y aplicaciones para Windows. Si el servicio est deshabilitado, es po sible que el sistema operativo y las aplicaciones bajo licencia se ejecuten en m odo de notificacin. Es muy recomendable no deshabilitar el servicio de proteccin d e software. Servicio de plataforma de proteccin de software de Microsoft Microsof t Corporation Sistema operativo Microsoft Windows 6.1.7600.16385 ****************************** Suspicious:Auto Services VSNService="C:\Program Files\Sony\VAIO Smart Network\VSNService.exe" Internal Name: VSNService. Status: service running. Actual File: "C:\Program Fil es\Sony\VAIO Smart Network\VSNService.exe" * VAIO Smart Network Service Sony Co rporation VSNService.exe 3.3.0.06080 ****************************** Suspicious:Auto Services

    WiMAXAppSrv="C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe" Internal Name: WiMAXAppSrv. Status: service running. Actual File: "C:\Program Fi les\Intel\WiMAX\Bin\AppSrv.exe" * WiMAX SDK Service for Intel PROSet/Wireless WiM AX Software WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software Intel( R) Corporation Intel(R) PROSet/Wireless WiMAX Service 5, 30, 1007, 0 ****************************** Suspicious:Registry Run gStart=C:\PROGRAM FILES (X86)\GARMIN\GSTART.EXE gStart Application GARMIN Corp. gStart 2.3.1 ****************************** Suspicious:Registry Run Personal SMS Online=C:\PROGRAM FILES (X86)\PERSONAL SMS ONLINE\PERSONALSMSONLINE .EXE Telecom Personal SA Personal SMS Online 1.01.0002 ****************************** Suspicious:Registry Run ioCentre=C:\GENIUS\IOCENTRE\GTASKBAR.EXE ioCentre 1.3.0.0 ****************************** Warnings:System.ini shell=Explorer.exe ****************************** Warnings:UserInit Value UserInit=C:\Windows\SysWOW64\userinit.exe, ****************************** Warnings:Winlogon Autostart VmApplet=SystemPropertiesPerformance.exe /pagefile ****************************** ------------------------------------------------------File has been marked as as safe:C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS RegRun Reanimator - Scan for Viruses... Start check 17.08.2011 at:10:53:55 a.m. Prohibited:0 Suspicious:20 Warnings:3 Suspicious:Browser Helper Objects {FCBCCB87-9224-4B8D-B117-F56D924BEB18}=C:\PROGRAM FILES (X86)\VIDEO2DOWN DB TOOL BAR\TBCORE3.DLL IE Toolbar Engine IE Toolbar 4, 2, 0, 7 ****************************** Suspicious:URLSearchHook {CA3EB689-8F09-4026-AA10-B9534C691CE0}=C:\PROGRAM FILES (X86)\VIDEO2DOWN DB TOOL BAR\TBHELPER.DLL IE Toolbar Helper Module IE Toolbar 4, 2, 0, 7 ****************************** Suspicious:Toolbars {338B4DFE-2E2C-4338-9E41-E176D497299E}=C:\PROGRAM FILES (X86)\VIDEO2DOWN DB TOOL BAR\TBCORE3.DLL IE Toolbar Engine IE Toolbar 4, 2, 0, 7 ****************************** Suspicious:Svchost DLLs QWAVE=%windir%\system32\qwave.dll File is deleted or hidden by rootkit or could not be located. ****************************** Suspicious:Svchost DLLs HPSLPSVC=C:\PROGRAM FILES (X86)\HP\DIGITAL IMAGING\BIN\HPSLPSVC64.DLL HP Network Devices Support Hewlett-Packard Co. HP Digital Imaging 130.000.999.00 0 ****************************** Suspicious:Svchost DLLs Net Driver HPZ12=C:\Windows\system32\HPZinw12.dll Dot4Net Module Hewlett-Packard Bidi User Mode 12,2,3,21 File is deleted or hidde n by rootkit or could not be located.

    ****************************** Suspicious:Svchost DLLs Pml Driver HPZ12=C:\Windows\system32\HPZipm12.dll PmlDrv Module Hewlett-Packard Bidi User Mode 12,2,3,21 File is deleted or hidden by rootkit or could not be located. ****************************** Suspicious:Svchost DLLs seclogon=%windir%\system32\seclogon.dll File is deleted or hidden by rootkit or could not be located. ****************************** Suspicious:Svchost DLLs UxTuneUp=%SystemRoot%\System32\uxtuneup.dll File is deleted or hidden by rootkit or could not be located. ****************************** Suspicious:Auto Services Oasis2Service="C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" Internal Name: Oasis2Service. Status: service running. Actual File: "C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" * DDNI Oasis 2 Services Oa sis2Service Oasis2Service 1.0.1.0 ****************************** Suspicious:Auto Services SampleCollector="C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" " /sstates" "/sampleinterval=2000" "/procinterval=5" "/dllinterval=120" "/counter= \Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/s ec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Proces sor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle T ime:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\ % C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Process or(*)\% Processor Time:1" "/directory=inteldata" Internal Name: SampleCollector. Status: service running. Actual File: "C:\Progra m Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval =2000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Proce ssor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network I nterface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Process or Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Pr ocessor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcount er=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=inteldata" * Checks the systems performance for VAIO Care. VAIO Care Performance Service Sony Corporation VAIO Care Performance Service 3, 0, 0, 523 ****************************** Suspicious:Auto Services SamSs=C:\Windows\system32\lsass.exe Internal Name: SamSs. Status: service running. Actual File: C:\Windows\system32\ lsass.exe * El inicio de este servicio indica a otros servicios que el Administr ador de cuentas de seguridad (SAM) est listo para aceptar solicitudes. Si deshabi lita este servicio, impedir que se notifique a otros servicios del sistema cundo e st listo SAM, lo que a su vez puede provocar un error de inicio de dichos servici os. No debe deshabilitar este servicio. Local Security Authority Process Microso ft Corporation Microsoft Windows Operating System 6.1.7600.16385 ****************************** Suspicious:Auto Services Schedule=C:\Windows\system32\lsass.exe Internal Name: SamSs. Status: service running. Actual File: C:\Windows\system32\ lsass.exe * El inicio de este servicio indica a otros servicios que el Administr ador de cuentas de seguridad (SAM) est listo para aceptar solicitudes. Si deshabi lita este servicio, impedir que se notifique a otros servicios del sistema cundo e st listo SAM, lo que a su vez puede provocar un error de inicio de dichos servici os. No debe deshabilitar este servicio. Local Security Authority Process Microso ft Corporation Microsoft Windows Operating System 6.1.7600.16385

    ****************************** Suspicious:Auto Services Spooler=C:\Windows\System32\spoolsv.exe Internal Name: Spooler. Status: service running. Actual File: C:\Windows\System3 2\spoolsv.exe * Carga archivos en la memoria para imprimirlos ms tarde. Aplicacin de subsistema de cola Microsoft Corporation Sistema operativo Microsoft Windows 6. 1.7600.16385 ****************************** Suspicious:Auto Services sppsvc=C:\Windows\system32\sppsvc.exe Internal Name: sppsvc. Status: service stopped. Actual File: C:\Windows\system32 \sppsvc.exe * Habilita la descarga, instalacin y aplicacin de licencias digitales para Windows y aplicaciones para Windows. Si el servicio est deshabilitado, es po sible que el sistema operativo y las aplicaciones bajo licencia se ejecuten en m odo de notificacin. Es muy recomendable no deshabilitar el servicio de proteccin d e software. Servicio de plataforma de proteccin de software de Microsoft Microsof t Corporation Sistema operativo Microsoft Windows 6.1.7600.16385 ****************************** Suspicious:Auto Services VSNService="C:\Program Files\Sony\VAIO Smart Network\VSNService.exe" Internal Name: VSNService. Status: service running. Actual File: "C:\Program Fil es\Sony\VAIO Smart Network\VSNService.exe" * VAIO Smart Network Service Sony Co rporation VSNService.exe 3.3.0.06080 ****************************** Suspicious:Auto Services WiMAXAppSrv="C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe" Internal Name: WiMAXAppSrv. Status: service running. Actual File: "C:\Program Fi les\Intel\WiMAX\Bin\AppSrv.exe" * WiMAX SDK Service for Intel PROSet/Wireless WiM AX Software WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software Intel( R) Corporation Intel(R) PROSet/Wireless WiMAX Service 5, 30, 1007, 0 ****************************** Suspicious:Registry Run gStart=C:\PROGRAM FILES (X86)\GARMIN\GSTART.EXE gStart Application GARMIN Corp. gStart 2.3.1 ****************************** Suspicious:Registry Run Personal SMS Online=C:\PROGRAM FILES (X86)\PERSONAL SMS ONLINE\PERSONALSMSONLINE .EXE Telecom Personal SA Personal SMS Online 1.01.0002 ****************************** Suspicious:Registry Run ioCentre=C:\GENIUS\IOCENTRE\GTASKBAR.EXE ioCentre 1.3.0.0 ****************************** Warnings:System.ini shell=Explorer.exe ****************************** Warnings:UserInit Value UserInit=C:\Windows\SysWOW64\userinit.exe, ****************************** Warnings:Winlogon Autostart VmApplet=SystemPropertiesPerformance.exe /pagefile ****************************** ------------------------------------------------------RegRun Reanimator - Scan for Viruses... Start check 17.08.2011 at:11:00:07 a.m. Prohibited:0 Suspicious:20 Warnings:3 Suspicious:Browser Helper Objects {FCBCCB87-9224-4B8D-B117-F56D924BEB18}=C:\PROGRAM FILES (X86)\VIDEO2DOWN DB TOOL BAR\TBCORE3.DLL IE Toolbar Engine IE Toolbar 4, 2, 0, 7

    ****************************** Suspicious:URLSearchHook {CA3EB689-8F09-4026-AA10-B9534C691CE0}=C:\PROGRAM FILES (X86)\VIDEO2DOWN DB TOOL BAR\TBHELPER.DLL IE Toolbar Helper Module IE Toolbar 4, 2, 0, 7 ****************************** Suspicious:Toolbars {338B4DFE-2E2C-4338-9E41-E176D497299E}=C:\PROGRAM FILES (X86)\VIDEO2DOWN DB TOOL BAR\TBCORE3.DLL IE Toolbar Engine IE Toolbar 4, 2, 0, 7 ****************************** Suspicious:Svchost DLLs QWAVE=%windir%\system32\qwave.dll File is deleted or hidden by rootkit or could not be located. ****************************** Suspicious:Svchost DLLs HPSLPSVC=C:\PROGRAM FILES (X86)\HP\DIGITAL IMAGING\BIN\HPSLPSVC64.DLL HP Network Devices Support Hewlett-Packard Co. HP Digital Imaging 130.000.999.00 0 ****************************** Suspicious:Svchost DLLs Net Driver HPZ12=C:\Windows\system32\HPZinw12.dll Dot4Net Module Hewlett-Packard Bidi User Mode 12,2,3,21 File is deleted or hidde n by rootkit or could not be located. ****************************** Suspicious:Svchost DLLs Pml Driver HPZ12=C:\Windows\system32\HPZipm12.dll PmlDrv Module Hewlett-Packard Bidi User Mode 12,2,3,21 File is deleted or hidden by rootkit or could not be located. ****************************** Suspicious:Svchost DLLs seclogon=%windir%\system32\seclogon.dll File is deleted or hidden by rootkit or could not be located. ****************************** Suspicious:Svchost DLLs UxTuneUp=%SystemRoot%\System32\uxtuneup.dll File is deleted or hidden by rootkit or could not be located. ****************************** Suspicious:Auto Services Oasis2Service="C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" Internal Name: Oasis2Service. Status: service running. Actual File: "C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" * DDNI Oasis 2 Services Oa sis2Service Oasis2Service 1.0.1.0 ****************************** Suspicious:Auto Services SampleCollector="C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" " /sstates" "/sampleinterval=2000" "/procinterval=5" "/dllinterval=120" "/counter= \Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/s ec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Proces sor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle T ime:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\ % C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Process or(*)\% Processor Time:1" "/directory=inteldata" Internal Name: SampleCollector. Status: service stopped. Actual File: "C:\Progra m Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval =2000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Proce ssor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network I nterface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Process or Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Pr ocessor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcount

    er=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=inteldata" * Checks the systems performance for VAIO Care. VAIO Care Performance Service Sony Corporation VAIO Care Performance Service 3, 0, 0, 523 ****************************** Suspicious:Auto Services SamSs=C:\Windows\system32\lsass.exe Internal Name: SamSs. Status: service running. Actual File: C:\Windows\system32\ lsass.exe * El inicio de este servicio indica a otros servicios que el Administr ador de cuentas de seguridad (SAM) est listo para aceptar solicitudes. Si deshabi lita este servicio, impedir que se notifique a otros servicios del sistema cundo e st listo SAM, lo que a su vez puede provocar un error de inicio de dichos servici os. No debe deshabilitar este servicio. Local Security Authority Process Microso ft Corporation Microsoft Windows Operating System 6.1.7600.16385 ****************************** Suspicious:Auto Services Schedule=C:\Windows\system32\lsass.exe Internal Name: SamSs. Status: service running. Actual File: C:\Windows\system32\ lsass.exe * El inicio de este servicio indica a otros servicios que el Administr ador de cuentas de seguridad (SAM) est listo para aceptar solicitudes. Si deshabi lita este servicio, impedir que se notifique a otros servicios del sistema cundo e st listo SAM, lo que a su vez puede provocar un error de inicio de dichos servici os. No debe deshabilitar este servicio. Local Security Authority Process Microso ft Corporation Microsoft Windows Operating System 6.1.7600.16385 ****************************** Suspicious:Auto Services Spooler=C:\Windows\System32\spoolsv.exe Internal Name: Spooler. Status: service running. Actual File: C:\Windows\System3 2\spoolsv.exe * Carga archivos en la memoria para imprimirlos ms tarde. Aplicacin de subsistema de cola Microsoft Corporation Sistema operativo Microsoft Windows 6. 1.7600.16385 ****************************** Suspicious:Auto Services sppsvc=C:\Windows\system32\sppsvc.exe Internal Name: sppsvc. Status: service stopped. Actual File: C:\Windows\system32 \sppsvc.exe * Habilita la descarga, instalacin y aplicacin de licencias digitales para Windows y aplicaciones para Windows. Si el servicio est deshabilitado, es po sible que el sistema operativo y las aplicaciones bajo licencia se ejecuten en m odo de notificacin. Es muy recomendable no deshabilitar el servicio de proteccin d e software. Servicio de plataforma de proteccin de software de Microsoft Microsof t Corporation Sistema operativo Microsoft Windows 6.1.7600.16385 ****************************** Suspicious:Auto Services VSNService="C:\Program Files\Sony\VAIO Smart Network\VSNService.exe" Internal Name: VSNService. Status: service running. Actual File: "C:\Program Fil es\Sony\VAIO Smart Network\VSNService.exe" * VAIO Smart Network Service Sony Co rporation VSNService.exe 3.3.0.06080 ****************************** Suspicious:Auto Services WiMAXAppSrv="C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe" Internal Name: WiMAXAppSrv. Status: service running. Actual File: "C:\Program Fi les\Intel\WiMAX\Bin\AppSrv.exe" * WiMAX SDK Service for Intel PROSet/Wireless WiM AX Software WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software Intel( R) Corporation Intel(R) PROSet/Wireless WiMAX Service 5, 30, 1007, 0 ****************************** Suspicious:Registry Run gStart=C:\PROGRAM FILES (X86)\GARMIN\GSTART.EXE gStart Application GARMIN Corp. gStart 2.3.1 ****************************** Suspicious:Registry Run

    Personal SMS Online=C:\PROGRAM FILES (X86)\PERSONAL SMS ONLINE\PERSONALSMSONLINE .EXE Telecom Personal SA Personal SMS Online 1.01.0002 ****************************** Suspicious:Registry Run ioCentre=C:\GENIUS\IOCENTRE\GTASKBAR.EXE ioCentre 1.3.0.0 ****************************** Warnings:System.ini shell=Explorer.exe ****************************** Warnings:UserInit Value UserInit=C:\Windows\SysWOW64\userinit.exe, ****************************** Warnings:Winlogon Autostart VmApplet=SystemPropertiesPerformance.exe /pagefile ****************************** ------------------------------------------------------Delete Marked Items Internet Explorer->Browser Helper Objects. {FCBCCB87-9224-4B 8D-B117-F56D924BEB18}=C:\PROGRAM FILES (X86)\VIDEO2DOWN DB TOOLBAR\TBCORE3.DLL Delete Marked Items Internet Explorer->URLSearchHook. {CA3EB689-8F09-4026-AA10-B 9534C691CE0}=C:\PROGRAM FILES (X86)\VIDEO2DOWN DB TOOLBAR\TBHELPER.DLL Delete Marked Items Internet Explorer->Toolbars. {338B4DFE-2E2C-4338-9E41-E176D4 97299E}=C:\PROGRAM FILES (X86)\VIDEO2DOWN DB TOOLBAR\TBCORE3.DLL Delete Marked Items Kernel Auto Boot->Svchost DLLs. QWAVE=%windir%\system32\qwav e.dll Delete File:%WINDIR%\SYSTEM32\QWAVE.DLL. You must restart your computer to fully delete this file. ------------------------------------------------------17.08.2011 11:08:04 a.m. Approved File Replacement Delete: %WINDIR%\SYSTEM32\QWAVE.DLL The service has been marked for deletion->Partizan:QWAVE Delete Marked Items Kernel Auto Boot->Svchost DLLs. HPSLPSVC=C:\PROGRAM FILES (X 86)\HP\DIGITAL IMAGING\BIN\HPSLPSVC64.DLL Delete File:C:\PROGRAM FILES (X86)\HP\DIGITAL IMAGING\BIN\HPSLPSVC64.DLL. You mu st restart your computer to fully delete this file. ------------------------------------------------------17.08.2011 11:08:12 a.m. Approved File Replacement Delete: \??\C:\Windows\SysWOW64\%WINDIR%\SYSTEM32\QWAVE.DLL Delete: C:\PROGRA~2\HP\DIGITA~1\BIN\HPSLPS~1.DLL The service has been marked for deletion->Partizan:HPSLPSVC Delete Marked Items Kernel Auto Boot->Svchost DLLs. Net Driver HPZ12=C:\Windows\ system32\HPZinw12.dll Delete File:C:\WINDOWS\SYSTEM32\HPZINW12.DLL. You must restart your computer to fully delete this file. ------------------------------------------------------17.08.2011 11:08:21 a.m. Approved File Replacement Delete: \??\C:\Windows\SysWOW64\%WINDIR%\SYSTEM32\QWAVE.DLL Delete: \??\C:\PROGRA~2\HP\DIGITA~1\BIN\HPSLPS~1.DLL Delete: C:\WINDOWS\SYSTEM32\HPZINW12.DLL The service has been marked for deletion->Partizan:Net Driver HPZ12 Delete Marked Items Kernel Auto Boot->Svchost DLLs. Pml Driver HPZ12=C:\Windows\ system32\HPZipm12.dll Delete File:C:\WINDOWS\SYSTEM32\HPZIPM12.DLL. You must restart your computer to fully delete this file. ------------------------------------------------------17.08.2011 11:08:29 a.m. Approved File Replacement Delete: \??\C:\Windows\SysWOW64\%WINDIR%\SYSTEM32\QWAVE.DLL Delete: \??\C:\PROGRA~2\HP\DIGITA~1\BIN\HPSLPS~1.DLL Delete: \??\C:\WINDOWS\SysWOW64\HPZINW12.DLL

    Delete: C:\WINDOWS\SYSTEM32\HPZIPM12.DLL The service has been marked for deletion->Partizan:Pml Driver HPZ12 Delete Marked Items Kernel Auto Boot->Svchost DLLs. seclogon=%windir%\system32\s eclogon.dll Delete File:%WINDIR%\SYSTEM32\SECLOGON.DLL. You must restart your computer to fu lly delete this file. ------------------------------------------------------17.08.2011 11:08:37 a.m. Approved File Replacement Delete: \??\C:\Windows\SysWOW64\%WINDIR%\SYSTEM32\QWAVE.DLL Delete: \??\C:\PROGRA~2\HP\DIGITA~1\BIN\HPSLPS~1.DLL Delete: \??\C:\WINDOWS\SysWOW64\HPZINW12.DLL Delete: \??\C:\WINDOWS\SysWOW64\HPZIPM12.DLL Delete: %WINDIR%\SYSTEM32\SECLOGON.DLL The service has been marked for deletion->Partizan:seclogon RegRun Reanimator - Scan for Viruses... Start check 17.08.2011 at:11:24:54 a.m. Prohibited:0 Suspicious:12 Warnings:3 Suspicious:Svchost DLLs UxTuneUp=%SystemRoot%\System32\uxtuneup.dll File is deleted or hidden by rootkit or could not be located. ****************************** Suspicious:Auto Services Oasis2Service="C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" Internal Name: Oasis2Service. Status: service running. Actual File: "C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" * DDNI Oasis 2 Services Oa sis2Service Oasis2Service 1.0.1.0 ****************************** Suspicious:Auto Services SampleCollector="C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" " /sstates" "/sampleinterval=2000" "/procinterval=5" "/dllinterval=120" "/counter= \Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/s ec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Proces sor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle T ime:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\ % C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Process or(*)\% Processor Time:1" "/directory=inteldata" Internal Name: SampleCollector. Status: service stopped. Actual File: "C:\Progra m Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval =2000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Proce ssor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network I nterface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Process or Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Pr ocessor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcount er=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=inteldata" * Checks the systems performance for VAIO Care. VAIO Care Performance Service Sony Corporation VAIO Care Performance Service 3, 0, 0, 523 ****************************** Suspicious:Auto Services SamSs=C:\Windows\system32\lsass.exe Internal Name: SamSs. Status: service running. Actual File: C:\Windows\system32\ lsass.exe * El inicio de este servicio indica a otros servicios que el Administr ador de cuentas de seguridad (SAM) est listo para aceptar solicitudes. Si deshabi lita este servicio, impedir que se notifique a otros servicios del sistema cundo e st listo SAM, lo que a su vez puede provocar un error de inicio de dichos servici os. No debe deshabilitar este servicio. Local Security Authority Process Microso ft Corporation Microsoft Windows Operating System 6.1.7600.16385 ****************************** Suspicious:Auto Services Schedule=C:\Windows\system32\lsass.exe Internal Name: SamSs. Status: service running. Actual File: C:\Windows\system32\

    lsass.exe * El inicio de este servicio indica a otros servicios que el Administr ador de cuentas de seguridad (SAM) est listo para aceptar solicitudes. Si deshabi lita este servicio, impedir que se notifique a otros servicios del sistema cundo e st listo SAM, lo que a su vez puede provocar un error de inicio de dichos servici os. No debe deshabilitar este servicio. Local Security Authority Process Microso ft Corporation Microsoft Windows Operating System 6.1.7600.16385 ****************************** Suspicious:Auto Services Spooler=C:\Windows\System32\spoolsv.exe Internal Name: Spooler. Status: service running. Actual File: C:\Windows\System3 2\spoolsv.exe * Carga archivos en la memoria para imprimirlos ms tarde. Aplicacin de subsistema de cola Microsoft Corporation Sistema operativo Microsoft Windows 6. 1.7600.16385 ****************************** Suspicious:Auto Services sppsvc=C:\Windows\system32\sppsvc.exe Internal Name: sppsvc. Status: service stopped. Actual File: C:\Windows\system32 \sppsvc.exe * Habilita la descarga, instalacin y aplicacin de licencias digitales para Windows y aplicaciones para Windows. Si el servicio est deshabilitado, es po sible que el sistema operativo y las aplicaciones bajo licencia se ejecuten en m odo de notificacin. Es muy recomendable no deshabilitar el servicio de proteccin d e software. Servicio de plataforma de proteccin de software de Microsoft Microsof t Corporation Sistema operativo Microsoft Windows 6.1.7600.16385 ****************************** Suspicious:Auto Services VSNService="C:\Program Files\Sony\VAIO Smart Network\VSNService.exe" Internal Name: VSNService. Status: service running. Actual File: "C:\Program Fil es\Sony\VAIO Smart Network\VSNService.exe" * VAIO Smart Network Service Sony Co rporation VSNService.exe 3.3.0.06080 ****************************** Suspicious:Auto Services WiMAXAppSrv="C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe" Internal Name: WiMAXAppSrv. Status: service running. Actual File: "C:\Program Fi les\Intel\WiMAX\Bin\AppSrv.exe" * WiMAX SDK Service for Intel PROSet/Wireless WiM AX Software WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software Intel( R) Corporation Intel(R) PROSet/Wireless WiMAX Service 5, 30, 1007, 0 ****************************** Suspicious:Registry Run gStart=C:\PROGRAM FILES (X86)\GARMIN\GSTART.EXE gStart Application GARMIN Corp. gStart 2.3.1 ****************************** Suspicious:Registry Run Personal SMS Online=C:\PROGRAM FILES (X86)\PERSONAL SMS ONLINE\PERSONALSMSONLINE .EXE Telecom Personal SA Personal SMS Online 1.01.0002 ****************************** Suspicious:Registry Run ioCentre=C:\GENIUS\IOCENTRE\GTASKBAR.EXE ioCentre 1.3.0.0 ****************************** Warnings:System.ini shell=Explorer.exe ****************************** Warnings:UserInit Value UserInit=C:\Windows\SysWOW64\userinit.exe, ****************************** Warnings:Winlogon Autostart VmApplet=SystemPropertiesPerformance.exe /pagefile ****************************** -------------------------------------------------------

    Delete Marked Items Kernel Auto Boot->Svchost DLLs. UxTuneUp=%SystemRoot%\System 32\uxtuneup.dll Delete File:C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL. You must restart your computer to fully delete this file. Delete Marked Items Kernel Auto Boot->Svchost DLLs. UxTuneUp=%SystemRoot%\System 32\uxtuneup.dll Delete File:C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL. You must restart your computer to fully delete this file. Delete Marked Items Kernel Auto Boot->Svchost DLLs. UxTuneUp=%SystemRoot%\System 32\uxtuneup.dll Delete File:C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL. You must restart your computer to fully delete this file. ------------------------------------------------------17.08.2011 11:26:01 a.m. Approved File Replacement Delete: C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL The service has been marked for deletion->Partizan:UxTuneUp ------------------------------------------------------17.08.2011 11:26:08 a.m. Approved File Replacement Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL ------------------------------------------------------17.08.2011 11:26:13 a.m. Approved File Replacement Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete Marked Items Kernel Auto Boot->Auto Services. Oasis2Service="C:\Program F iles (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" Delete File:C:\PROGRAM FILES (X86)\DDNI\OASIS2SERVICE 1.0\OASIS2SERVICE.EXE. You must restart your computer to fully delete this file. ------------------------------------------------------17.08.2011 11:26:19 a.m. Approved File Replacement Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete Marked Items Kernel Auto Boot->Auto Services. Oasis2Service="C:\Program F iles (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" Delete File:C:\PROGRAM FILES (X86)\DDNI\OASIS2SERVICE 1.0\OASIS2SERVICE.EXE. You must restart your computer to fully delete this file. ------------------------------------------------------17.08.2011 11:26:22 a.m. Approved File Replacement Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete: C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete Marked Items Kernel Auto Boot->Auto Services. SampleCollector="C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval= 2000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Proces sor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network In terface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processo r Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Pro cessor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounte r=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" " /directory=inteldata" Delete File:C:\PROGRAM FILES\SONY\VAIO CARE\VCPERFSERVICE.EXE. You must restart your computer to fully delete this file. ------------------------------------------------------17.08.2011 11:26:39 a.m. Approved File Replacement Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL

    Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete: \??\C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete: C:\PROGRA~1\SONY\VAIOCA~1\VCPERF~1.EXE Delete Marked Items Kernel Auto Boot->Auto Services. SamSs=C:\Windows\system32\l sass.exe Delete File:C:\Windows\system32\lsass.exe. You must restart your computer to ful ly delete this file. ------------------------------------------------------17.08.2011 11:26:51 a.m. Approved File Replacement Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete: \??\C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete: \??\C:\PROGRA~1\SONY\VAIOCA~1\VCPERF~1.EXE Delete: C:\Windows\system32\lsass.exe Delete Marked Items Kernel Auto Boot->Auto Services. Spooler=C:\Windows\System32 \spoolsv.exe Delete File:C:\Windows\System32\spoolsv.exe. You must restart your computer to f ully delete this file. ------------------------------------------------------17.08.2011 11:27:01 a.m. Approved File Replacement Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete: \??\C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete: \??\C:\PROGRA~1\SONY\VAIOCA~1\VCPERF~1.EXE Delete: \??\C:\Windows\SysWOW64\lsass.exe Delete: C:\Windows\System32\spoolsv.exe Delete Marked Items Kernel Auto Boot->Auto Services. sppsvc=C:\Windows\system32\ sppsvc.exe Delete File:C:\Windows\system32\sppsvc.exe. You must restart your computer to fu lly delete this file. ------------------------------------------------------17.08.2011 11:27:09 a.m. Approved File Replacement Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete: \??\C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete: \??\C:\PROGRA~1\SONY\VAIOCA~1\VCPERF~1.EXE Delete: \??\C:\Windows\SysWOW64\lsass.exe Delete: \??\C:\Windows\SysWOW64\spoolsv.exe Delete: C:\Windows\system32\sppsvc.exe Delete Marked Items Kernel Auto Boot->Auto Services. VSNService="C:\Program File s\Sony\VAIO Smart Network\VSNService.exe" Delete File:C:\PROGRAM FILES\SONY\VAIO SMART NETWORK\VSNSERVICE.EXE. You must re start your computer to fully delete this file. ------------------------------------------------------17.08.2011 11:27:17 a.m. Approved File Replacement Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete: \??\C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete: \??\C:\PROGRA~1\SONY\VAIOCA~1\VCPERF~1.EXE Delete: \??\C:\Windows\SysWOW64\lsass.exe

    Delete: \??\C:\Windows\SysWOW64\spoolsv.exe Delete: \??\C:\Windows\SysWOW64\sppsvc.exe Delete: C:\PROGRA~1\SONY\VAIOSM~1\VSNSER~1.EXE Delete Marked Items Kernel Auto Boot->Auto Services. WiMAXAppSrv="C:\Program Fil es\Intel\WiMAX\Bin\AppSrv.exe" Delete File:C:\PROGRAM FILES\INTEL\WIMAX\BIN\APPSRV.EXE. You must restart your c omputer to fully delete this file. ------------------------------------------------------17.08.2011 11:37:29 a.m. Approved File Replacement Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\WINDOWS\SYSTEMNATIVE\UXTUNEUP.DLL Delete: \??\C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete: \??\C:\PROGRA~2\DDNI\OASIS2~1.0\OASIS2~1.EXE Delete: \??\C:\PROGRA~1\SONY\VAIOCA~1\VCPERF~1.EXE Delete: \??\C:\Windows\SysWOW64\lsass.exe Delete: \??\C:\Windows\SysWOW64\spoolsv.exe Delete: \??\C:\Windows\SysWOW64\sppsvc.exe Delete: \??\C:\PROGRA~1\SONY\VAIOSM~1\VSNSER~1.EXE Delete: C:\PROGRA~1\INTEL\WIMAX\BIN\APPSRV.EXE Delete Marked Items Auto Start Apps->Registry Run. gStart=C:\PROGRAM FILES (X86) \GARMIN\GSTART.EXE Delete Marked Items Auto Start Apps->Registry Run. Personal SMS Online=C:\PROGRA M FILES (X86)\PERSONAL SMS ONLINE\PERSONALSMSONLINE.EXE Delete Marked Items Auto Start Apps->Registry Run. ioCentre=C:\GENIUS\IOCENTRE\G TASKBAR.EXE File has been marked as as safe:C:\Windows\SysWOW64\EXPLORER.EXE Delete Marked Items Kernel Auto Boot->Winlogon Autostart. VmApplet=SystemPropert iesPerformance.exe /pagefile File has been marked as as safe:C:\WINDOWS\SYSWOW64\USERINIT.EXE Delete Marked Items Kernel Auto Boot->Winlogon Autostart. VmApplet= Delete Marked Items Kernel Auto Boot->Winlogon Autostart. VmApplet= Delete Marked Items Kernel Auto Boot->Winlogon Autostart. VmApplet= File has been marked as as safe:

    You might also like