Упакован: может быть упакован разными упаковщиками
Размер: Исполняемый файл (winlog.exe): 19 829 байт, динамическая библиотека (winlog.dll): 15 872 байта
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"key2" = "%System%\winlog.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
"key2" = "%System%\winlog.exe"
ad.doubleclick.net
upgrade.bitdefender.com
report.bitdefender.com
ad.fastclick.net
ads.fastclick.net
ar.atwola.com
atdmt.com
avp.ch
avp.com
avp.ru
awaps.net
banner.fastclick.net
banners.fastclick.net
ca.com
www.ca.com
click.atdmt.com
clicks.atdmt.com
customer.symantec.com
dispatch.mcafee.com
download.mcafee.com
download.microsoft.com
downloads-eu1.kaspersky-labs.com
downloads-us1.kaspersky-labs.com
downloads-us2.kaspersky-labs.com
downloads-us3.kaspersky-labs.com
downloads.microsoft.com
downloads1.kaspersky-labs.com
downloads2.kaspersky-labs.com
downloads3.kaspersky-labs.com
downloads4.kaspersky-labs.com
engine.awaps.net
f-secure.com
fastclick.net
ftp.avp.ch
ftp.downloads2.kaspersky-labs.com
ftp.f-secure.com
ftp.kasperskylab.ru
ftp.sophos.com
go.microsoft.com
ids.kaspersky-labs.com
kaspersky-labs.com
kaspersky.com
liveupdate.symantec.com
liveupdate.symantecliveupdate.com
mast.mcafee.com
mcafee.com
media.fastclick.net
msdn.microsoft.com
my-etrust.com
nai.com
networkassociates.com
office.microsoft.com
phx.corporate-ir.net
rads.mcafee.com
secure.nai.com
securityresponse.symantec.com
service1.symantec.com
sophos.com
spd.atdmt.com
support.microsoft.com
symantec.com
trendmicro.com
update.symantec.com
updates.symantec.com
updates1.kaspersky-labs.com
updates2.kaspersky-labs.com
updates3.kaspersky-labs.com
updates4.kaspersky-labs.com
updates5.kaspersky-labs.com
us.mcafee.com
vil.nai.com
viruslist.com
viruslist.ru
windowsupdate.microsoft.com
www.avp.ch
www.avp.com
www.avp.ru
www.awaps.net
www.ca.com
www.f-secure.com
www.fastclick.net
www.grisoft.com
www.kaspersky-labs.com
www.kaspersky.com
www.kaspersky.ru
www.mcafee.com
www.my-etrust.com
www.nai.com
www.networkassociates.com
www.sophos.com
www.symantec.com
www.trendmicro.com
www.viruslist.com
www.viruslist.ru
www3.ca.com
avp.ch
avp.com
avp.ru
awaps.net
ca.com
ca.com
ca.com
ca.com
ca.com
ca.com
f-secure.com
fastclick.net
grisoft.com
kaspersky-labs.com
kaspersky.com
kaspersky.ru
mcafee.com
my-etrust.com
nai.com
networkassociates.com
sophos.com
symantec.com
trendmicro.com
viruslist.com
viruslist.ru
www3.ca.com
84.53.142.6
84.53.142.22
63.210.193.12
212.113.20.69
216.200.68.152
update.symantec.com
ca.com
service1.symantec.com
www.antivir.de
antivir.de
drweb.com
ca.com
www.drweb.com
drweb.ru
www.ravantivirus.com
ravantivirus.com
bitdefender.com
www.bitdefender.com
ca.com
www.clamav.net
clamav.net
pandasoftware.com
www.pandasoftware.com
ftpav.ca.com
upgrade.bitdefender.com
www.bitdefender.ru
bitdefender.ru
open.by
vba32.de
www.open.by
sm12.avast.com
sm13.avast.com
rs18.avast.com
rs08.avast.com
sm17.avast.com
sm04.avast.com
sm09.avast.com
sm16.avast.com
rs03.avast.com
rs06.avast.com
sm21.avast.com
rs02.avast.com
rs10.avast.com
rs07.avast.com
sm25.avast.com
rs11.avast.com
sm22.avast.com
rs20.avast.com
sm23.avast.com
sm19.avast.com
sm05.avast.com
rs24.avast.com
sm15.avast.com
downloadhosting.core.ignum.cz
sm01.avast.com
sm14.avast.com
rs18.avast.com
download25.avast.com
www.avast.com
avast.com
avira.com
www.avira.com
zak.avira.com
downloads.avira.com
www.clamwin.com
clamwin.com
213.219.245.4
files.referats.net
database.clamav.net
213.248.60.121
gin.ba.euroweb.sk
www2.eset.com
esetsoftware.com
msk4.drweb.com
drweb.com
www.drweb.com
62.146.66.181
www.hbedv.com
hbedv.com
www.hacksoft.com.pe
ikarus-software.at
download.ikarus.at
193.69.114.12
niutwo.norman.no
www.anti-virus.by
anti-virus.by
www.vba32.de
ftpav.ca.com
upgrade.bitdefender.com
report.bitdefender.com
ad.fastclick.net
ads.fastclick.net
ar.atwola.com
atdmt.com
avp.ch
avp.com
avp.ru
awaps.net
banner.fastclick.net
banners.fastclick.net
ca.com
www.ca.com
click.atdmt.com
clicks.atdmt.com
customer.symantec.com
dispatch.mcafee.com
download.mcafee.com
download.microsoft.com
downloads-eu1.kaspersky-labs.com
downloads-us1.kaspersky-labs.com
downloads-us2.kaspersky-labs.com
downloads-us3.kaspersky-labs.com
downloads.microsoft.com
downloads1.kaspersky-labs.com
downloads2.kaspersky-labs.com
downloads3.kaspersky-labs.com
downloads4.kaspersky-labs.com
engine.awaps.net
f-secure.com
fastclick.net
ftp.avp.ch
ftp.downloads2.kaspersky-labs.com
ftp.f-secure.com
ftp.kasperskylab.ru
ftp.sophos.com
go.microsoft.com
ids.kaspersky-labs.com
kaspersky-labs.com
kaspersky.com
liveupdate.symantec.com
liveupdate.symantecliveupdate.com
mast.mcafee.com
mcafee.com
media.fastclick.net
msdn.microsoft.com
my-etrust.com
nai.com
networkassociates.com
office.microsoft.com
phx.corporate-ir.net
rads.mcafee.com
secure.nai.com
securityresponse.symantec.com
service1.symantec.com
sophos.com
spd.atdmt.com
support.microsoft.com
symantec.com
trendmicro.com
update.symantec.com
updates.symantec.com
updates1.kaspersky-labs.com
updates2.kaspersky-labs.com
updates3.kaspersky-labs.com
updates4.kaspersky-labs.com
updates5.kaspersky-labs.com
us.mcafee.com
vil.nai.com
viruslist.com
viruslist.ru
windowsupdate.microsoft.com
www.avp.ch
www.avp.com
www.avp.ru
www.awaps.net
www.ca.com
www.f-secure.com
www.fastclick.net
www.grisoft.com
www.kaspersky-labs.com
www.kaspersky.com
www.kaspersky.ru
www.mcafee.com
www.my-etrust.com
www.nai.com
www.networkassociates.com
www.sophos.com
www.symantec.com
www.trendmicro.com
www.viruslist.com
www.viruslist.ru
www3.ca.com
avp.ch
avp.com
avp.ru
awaps.net
ca.com
ca.com
ca.com
ca.com
ca.com
ca.com
f-secure.com
fastclick.net
grisoft.com
kaspersky-labs.com
kaspersky.com
kaspersky.ru
mcafee.com
my-etrust.com
nai.com
networkassociates.com
sophos.com
symantec.com
trendmicro.com
viruslist.com
viruslist.ru
www3.ca.com
84.53.142.6
84.53.142.22
63.210.193.12
212.113.20.69
216.200.68.152
update.symantec.com
ca.com
service1.symantec.com
www.antivir.de
antivir.de
drweb.com
ca.com
www.drweb.com
drweb.ru
www.ravantivirus.com
ravantivirus.com
bitdefender.com
www.bitdefender.com
ca.com
www.clamav.net
clamav.net
pandasoftware.com
www.pandasoftware.com
ftpav.ca.com
upgrade.bitdefender.com
www.bitdefender.ru
bitdefender.ru
open.by
vba32.de
www.open.by
sm12.avast.com
sm13.avast.com
rs18.avast.com
rs08.avast.com
sm17.avast.com
sm04.avast.com
sm09.avast.com
sm16.avast.com
rs03.avast.com
rs06.avast.com
sm21.avast.com
rs02.avast.com
rs10.avast.com
rs07.avast.com
sm25.avast.com
rs11.avast.com
sm22.avast.com
rs20.avast.com
sm23.avast.com
sm19.avast.com
sm05.avast.com
rs24.avast.com
sm15.avast.com
downloadhosting.core.ignum.cz
sm01.avast.com
sm14.avast.com
rs18.avast.com
download25.avast.com
www.avast.com
avast.com
avira.com
www.avira.com
zak.avira.com
downloads.avira.com
www.clamwin.com
clamwin.com
213.219.245.4
files.referats.net
database.clamav.net
213.248.60.121
gin.ba.euroweb.sk
www2.eset.com
esetsoftware.com
msk4.drweb.com
drweb.com
www.drweb.com
62.146.66.181
www.hbedv.com
hbedv.com
www.hacksoft.com.pe
ikarus-software.at
download.ikarus.at
193.69.114.12
niutwo.norman.no
www.anti-virus.by
anti-virus.by
www.vba32.de
ftpav.ca.com
ashAvast.exe
ashDisp.exe
ashEnhcd.exe
ashPopWz.exe
ashSimpl.exe
ashSkPck.exe
ashWebSv.exe
AUPDATE.EXE
Avconsol.exe
avgcc.exe
avgemc.exe
AVGNT.EXE
AVSCHED32.EXE
Avsynmgr.exe
AVWUPD32.EXE
bdmcon.exe
bdnews.exe
bdsubmit.exe
bdswitch.exe
cafix.exe
ccApp.exe
CCEVTMGR.EXE
CCSETMGR.EXE
ClamTray.exe
ClamWin.exe
CMGrdian.exe
drwadins.exe
drweb32w.exe
drwebscd.exe
drwebupw.exe
freshclam.exe
GUARDGUI.EXE
GuardNT.exe
INETUPD.EXE
InocIT.exe
InoUpTNG.exe
isafe.exe
KAV.exe
kavmm.exe
KAVPF.exe
LUALL.EXE
Luupdate.exe
Mcshield.exe
NAVAPSVC.EXE
nod32.exe
nod32kui.exe
NPFMNTOR.EXE
npfmsg.exe
Nvcod.exe
Nvcte.exe
Nvcut.exe
outpost.exe
pccguide.exe
PcCtlCom.exe
QHPF.EXE
Realmon.exe
regedit.exe
regedt32.exe
RuLaunch.exe
SNDSrvc.exe
SPBBCSvc.exe
spiderml.exe
symlcsvc.exe
Tmntsrv.exe
TmPfw.exe
tmproxy.exe
Up2Date.exe
upgrepl.exe
Vba32ECM.exe
Vba32ifs.exe
vba32ldr.exe
Vba32PP3.exe
Vshwin32.exe
VsStat.exe
zatutor.exe
zlclient.exe
taskmgr.exe
zonealarm.exe
ashDisp.exe
ashEnhcd.exe
ashPopWz.exe
ashSimpl.exe
ashSkPck.exe
ashWebSv.exe
AUPDATE.EXE
Avconsol.exe
avgcc.exe
avgemc.exe
AVGNT.EXE
AVSCHED32.EXE
Avsynmgr.exe
AVWUPD32.EXE
bdmcon.exe
bdnews.exe
bdsubmit.exe
bdswitch.exe
cafix.exe
ccApp.exe
CCEVTMGR.EXE
CCSETMGR.EXE
ClamTray.exe
ClamWin.exe
CMGrdian.exe
drwadins.exe
drweb32w.exe
drwebscd.exe
drwebupw.exe
freshclam.exe
GUARDGUI.EXE
GuardNT.exe
INETUPD.EXE
InocIT.exe
InoUpTNG.exe
isafe.exe
KAV.exe
kavmm.exe
KAVPF.exe
LUALL.EXE
Luupdate.exe
Mcshield.exe
NAVAPSVC.EXE
nod32.exe
nod32kui.exe
NPFMNTOR.EXE
npfmsg.exe
Nvcod.exe
Nvcte.exe
Nvcut.exe
outpost.exe
pccguide.exe
PcCtlCom.exe
QHPF.EXE
Realmon.exe
regedit.exe
regedt32.exe
RuLaunch.exe
SNDSrvc.exe
SPBBCSvc.exe
spiderml.exe
symlcsvc.exe
Tmntsrv.exe
TmPfw.exe
tmproxy.exe
Up2Date.exe
upgrepl.exe
Vba32ECM.exe
Vba32ifs.exe
vba32ldr.exe
Vba32PP3.exe
Vshwin32.exe
VsStat.exe
zatutor.exe
zlclient.exe
taskmgr.exe
zonealarm.exe
\ashAvast.exe
\ashDisp.exe
\ashEnhcd.exe
\ashPopWz.exe
\ashShA64.dll
\ashSimpl.exe
\ashSkPck.exe
\ashWebSv.exe
\AUPDATE.EXE
\Avconsol.exe
\avgcc.exe
\AVGCMSG.DLL
\avgemc.exe
\AVGNT.EXE
\AVSCHED32.DLL
\AVSCHED32.EXE
\Avsynmgr.exe
\AVWUPD32.EXE
\BCGCB59.dll
\bdmcon.exe
\bdnews.exe
\bdsubmit.exe
\bdswitch.exe
\cafix.exe
\ccApp.exe
\CCEVTMGR.EXE
\ccl30.dll
\CCSETMGR.EXE
\ccvrtrst.dll
\ClamTray.exe
\ClamWin.exe
\CMGrdian.exe
\D2htls32.dll
\drwadins.exe
\drweb32w.exe
\drwebscd.exe
\drwebupw.exe
\FFJMPWEB.DLL
\freshclam.exe
\GUARDEVT.DLL
\GUARDGUI.EXE
\GUARDMSG.DLL
\GuardNT.exe
\IksysT32.dll
\INETUPD.EXE
\InocIT.exe
\InoOEM.dll
\InoOption.dll
\InoUpTNG.exe
\isafe.exe
\KAV.exe
\kavmm.exe
\KAVPF.exe
\LUALL.EXE
\LUINSDLL.DLL
\Luupdate.exe
\Mcshield.exe
\NAVAPSVC.EXE
\nod32.exe
\nod32api.dll
\nod32kui.exe
\NPFMNTOR.EXE
\npfmsg.exe
\Nvccf0D.dll
\Nvcevlog.dll
\Nvcod.exe
\Nvcte.exe
\Nvcut.exe
\OCONNDLG.DLL
\OCOOKDLG.DLL
\outpost.exe
\pccguide.exe
\PcCtlCom.exe
\python23.dll
\QHPF.EXE
\Realmon.exe
\RuLaunch.exe
\schface.dll
\SNDSrvc.exe
\SPBBCSvc.exe
\spiderml.exe
\symlcsvc.exe
\T2w32.dll
\Tmntsrv.exe
\TmPfw.exe
\tmproxy.exe
\Up2Date.exe
\upgrepl.exe
\Vba32ECM.exe
\Vba32ifs.exe
\vba32ldr.exe
\Vba32PP3.exe
\vbaifps.dll
\vetredir.dll
\Vshwin32.exe
\VsStat.exe
\vsvault.dll
\XT1922.dll
\zatutor.exe
\zlavscan.dll
\zlclient.exe
\zonealarm.exe
\ashDisp.exe
\ashEnhcd.exe
\ashPopWz.exe
\ashShA64.dll
\ashSimpl.exe
\ashSkPck.exe
\ashWebSv.exe
\AUPDATE.EXE
\Avconsol.exe
\avgcc.exe
\AVGCMSG.DLL
\avgemc.exe
\AVGNT.EXE
\AVSCHED32.DLL
\AVSCHED32.EXE
\Avsynmgr.exe
\AVWUPD32.EXE
\BCGCB59.dll
\bdmcon.exe
\bdnews.exe
\bdsubmit.exe
\bdswitch.exe
\cafix.exe
\ccApp.exe
\CCEVTMGR.EXE
\ccl30.dll
\CCSETMGR.EXE
\ccvrtrst.dll
\ClamTray.exe
\ClamWin.exe
\CMGrdian.exe
\D2htls32.dll
\drwadins.exe
\drweb32w.exe
\drwebscd.exe
\drwebupw.exe
\FFJMPWEB.DLL
\freshclam.exe
\GUARDEVT.DLL
\GUARDGUI.EXE
\GUARDMSG.DLL
\GuardNT.exe
\IksysT32.dll
\INETUPD.EXE
\InocIT.exe
\InoOEM.dll
\InoOption.dll
\InoUpTNG.exe
\isafe.exe
\KAV.exe
\kavmm.exe
\KAVPF.exe
\LUALL.EXE
\LUINSDLL.DLL
\Luupdate.exe
\Mcshield.exe
\NAVAPSVC.EXE
\nod32.exe
\nod32api.dll
\nod32kui.exe
\NPFMNTOR.EXE
\npfmsg.exe
\Nvccf0D.dll
\Nvcevlog.dll
\Nvcod.exe
\Nvcte.exe
\Nvcut.exe
\OCONNDLG.DLL
\OCOOKDLG.DLL
\outpost.exe
\pccguide.exe
\PcCtlCom.exe
\python23.dll
\QHPF.EXE
\Realmon.exe
\RuLaunch.exe
\schface.dll
\SNDSrvc.exe
\SPBBCSvc.exe
\spiderml.exe
\symlcsvc.exe
\T2w32.dll
\Tmntsrv.exe
\TmPfw.exe
\tmproxy.exe
\Up2Date.exe
\upgrepl.exe
\Vba32ECM.exe
\Vba32ifs.exe
\vba32ldr.exe
\Vba32PP3.exe
\vbaifps.dll
\vetredir.dll
\Vshwin32.exe
\VsStat.exe
\vsvault.dll
\XT1922.dll
\zatutor.exe
\zlavscan.dll
\zlclient.exe
\zonealarm.exe
\ashAvast.exe => \1ashAvast.exe
\ashDisp.exe => \1ashDisp.exe
\ashEnhcd.exe => \1ashEnhcd.exe
\ashPopWz.exe => \1ashPopWz.exe
\ashShA64.dll => \1ashShA64.dll
\ashSimpl.exe => \1ashSimpl.exe
\ashSkPck.exe => \1ashSkPck.exe
\ashWebSv.exe => \1ashWebSv.exe
\AUPDATE.EXE => \1AUPDATE.EXE
\Avconsol.exe => \1Avconsol.exe
\avgcc.exe => \1avgcc.exe
\AVGCMSG.DLL => \1AVGCMSG.DLL
\avgemc.exe => \1avgemc.exe
\AVGNT.EXE => \1AVGNT.EXE
\AVSCHED32.DLL => \1AVSCHED32.DLL
\AVSCHED32.EXE => \1AVSCHED32.EXE
\Avsynmgr.exe => \1Avsynmgr.exe
\AVWUPD32.EXE => \1AVWUPD32.EXE
\BCGCB59.dll => \1BCGCB59.dll
\bdmcon.exe => \1bdmcon.exe
\bdnews.exe => \1bdnews.exe
\bdsubmit.exe => \1bdsubmit.exe
\bdswitch.exe => \1bdswitch.exe
\cafix.exe => \1cafix.exe
\ccApp.exe => \1ccApp.exe
\CCEVTMGR.EXE => \1CCEVTMGR.EXE
\ccl30.dll => \1ccl30.dll
\CCSETMGR.EXE => \1CCSETMGR.EXE
\ccvrtrst.dll => \1ccvrtrst.dll
\ClamTray.exe => \1ClamTray.exe
\ClamWin.exe => \1ClamWin.exe
\CMGrdian.exe => \1CMGrdian.exe
\D2htls32.dll => \1D2htls32.dll
\drwadins.exe => \1drwadins.exe
\drweb32w.exe => \1drweb32w.exe
\drwebscd.exe => \1drwebscd.exe
\drwebupw.exe => \1drwebupw.exe
\FFJMPWEB.DLL => \1FFJMPWEB.DLL
\freshclam.exe => \1freshclam.exe
\GUARDEVT.DLL => \1GUARDEVT.DLL
\GUARDGUI.EXE => \1GUARDGUI.EXE
\GUARDMSG.DLL => \1GUARDMSG.DLL
\GuardNT.exe => \1GuardNT.exe
\IksysT32.dll => \1IksysT32.dll
\INETUPD.EXE => \1INETUPD.EXE
\InocIT.exe => \1InocIT.exe
\InoOEM.dll => \1InoOEM.dll
\InoOption.dll => \1InoOption.dll
\InoUpTNG.exe => \1InoUpTNG.exe
\isafe.exe => \1isafe.exe
\KAV.exe => \1KAV.exe
\kavmm.exe => \1kavmm.exe
\KAVPF.exe => \1KAVPF.exe
\LUALL.EXE => \1LUALL.EXE
\LUINSDLL.DLL => \1LUINSDLL.DLL
\Luupdate.exe => \1Luupdate.exe
\Mcshield.exe => \1Mcshield.exe
\NAVAPSVC.EXE => \1NAVAPSVC.EXE
\nod32.exe => \1nod32.exe
\nod32api.dll => \1nod32api.dll
\nod32kui.exe => \1nod32kui.exe
\NPFMNTOR.EXE => \1NPFMNTOR.EXE
\npfmsg.exe => \1npfmsg.exe
\Nvccf0D.dll => \1Nvccf0D.dll
\Nvcevlog.dll => \1Nvcevlog.dll
\Nvcod.exe => \1Nvcod.exe
\Nvcte.exe => \1Nvcte.exe
\Nvcut.exe => \1Nvcut.exe
\OCONNDLG.DLL => \1OCONNDLG.DLL
\OCOOKDLG.DLL => \1OCOOKDLG.DLL
\outpost.exe => \1outpost.exe
\pccguide.exe => \1pccguide.exe
\PcCtlCom.exe => \1PcCtlCom.exe
\python23.dll => \1python23.dll
\QHPF.EXE => \1QHPF.EXE
\Realmon.exe => \1Realmon.exe
\RuLaunch.exe => \1RuLaunch.exe
\schface.dll => \1schface.dll
\SNDSrvc.exe => \S1NDSrvc.exe
\SPBBCSvc.exe => \S1PBBCSvc.exe
\spiderml.exe => \s1piderml.exe
\symlcsvc.exe => \s1ymlcsvc.exe
\T2w32.dll => \T12w32.dll
\Tmntsrv.exe => \T1mntsrv.exe
\TmPfw.exe => \Tm1Pfw.exe
\tmproxy.exe => \tm1proxy.exe
\Up2Date.exe => \U1p2Date.exe
\upgrepl.exe => \u1pgrepl.exe
\Vba32ECM.exe => \V1ba32ECM.exe
\Vba32ifs.exe => \V1ba32ifs.exe
\vba32ldr.exe => \v1ba32ldr.exe
\Vba32PP3.exe => \V1ba32PP3.exe
\vbaifps.dll => \vb1aifps.dll
\vetredir.dll => \v1etredir.dll
\Vshwin32.exe => \Vs1hwin32.exe
\VsStat.exe => \Vs1Stat.exe
\vsvault.dll => \vs1vault.dll
\XT1922.dll => \XT11922.dll
\zatutor.exe => \za1tutor.exe
\zlavscan.dll => \zla1vscan.dll
\zlclient.exe => \zl1client.exe
\zonealarm.exe => \zo1nealarm.exe
\ashDisp.exe => \1ashDisp.exe
\ashEnhcd.exe => \1ashEnhcd.exe
\ashPopWz.exe => \1ashPopWz.exe
\ashShA64.dll => \1ashShA64.dll
\ashSimpl.exe => \1ashSimpl.exe
\ashSkPck.exe => \1ashSkPck.exe
\ashWebSv.exe => \1ashWebSv.exe
\AUPDATE.EXE => \1AUPDATE.EXE
\Avconsol.exe => \1Avconsol.exe
\avgcc.exe => \1avgcc.exe
\AVGCMSG.DLL => \1AVGCMSG.DLL
\avgemc.exe => \1avgemc.exe
\AVGNT.EXE => \1AVGNT.EXE
\AVSCHED32.DLL => \1AVSCHED32.DLL
\AVSCHED32.EXE => \1AVSCHED32.EXE
\Avsynmgr.exe => \1Avsynmgr.exe
\AVWUPD32.EXE => \1AVWUPD32.EXE
\BCGCB59.dll => \1BCGCB59.dll
\bdmcon.exe => \1bdmcon.exe
\bdnews.exe => \1bdnews.exe
\bdsubmit.exe => \1bdsubmit.exe
\bdswitch.exe => \1bdswitch.exe
\cafix.exe => \1cafix.exe
\ccApp.exe => \1ccApp.exe
\CCEVTMGR.EXE => \1CCEVTMGR.EXE
\ccl30.dll => \1ccl30.dll
\CCSETMGR.EXE => \1CCSETMGR.EXE
\ccvrtrst.dll => \1ccvrtrst.dll
\ClamTray.exe => \1ClamTray.exe
\ClamWin.exe => \1ClamWin.exe
\CMGrdian.exe => \1CMGrdian.exe
\D2htls32.dll => \1D2htls32.dll
\drwadins.exe => \1drwadins.exe
\drweb32w.exe => \1drweb32w.exe
\drwebscd.exe => \1drwebscd.exe
\drwebupw.exe => \1drwebupw.exe
\FFJMPWEB.DLL => \1FFJMPWEB.DLL
\freshclam.exe => \1freshclam.exe
\GUARDEVT.DLL => \1GUARDEVT.DLL
\GUARDGUI.EXE => \1GUARDGUI.EXE
\GUARDMSG.DLL => \1GUARDMSG.DLL
\GuardNT.exe => \1GuardNT.exe
\IksysT32.dll => \1IksysT32.dll
\INETUPD.EXE => \1INETUPD.EXE
\InocIT.exe => \1InocIT.exe
\InoOEM.dll => \1InoOEM.dll
\InoOption.dll => \1InoOption.dll
\InoUpTNG.exe => \1InoUpTNG.exe
\isafe.exe => \1isafe.exe
\KAV.exe => \1KAV.exe
\kavmm.exe => \1kavmm.exe
\KAVPF.exe => \1KAVPF.exe
\LUALL.EXE => \1LUALL.EXE
\LUINSDLL.DLL => \1LUINSDLL.DLL
\Luupdate.exe => \1Luupdate.exe
\Mcshield.exe => \1Mcshield.exe
\NAVAPSVC.EXE => \1NAVAPSVC.EXE
\nod32.exe => \1nod32.exe
\nod32api.dll => \1nod32api.dll
\nod32kui.exe => \1nod32kui.exe
\NPFMNTOR.EXE => \1NPFMNTOR.EXE
\npfmsg.exe => \1npfmsg.exe
\Nvccf0D.dll => \1Nvccf0D.dll
\Nvcevlog.dll => \1Nvcevlog.dll
\Nvcod.exe => \1Nvcod.exe
\Nvcte.exe => \1Nvcte.exe
\Nvcut.exe => \1Nvcut.exe
\OCONNDLG.DLL => \1OCONNDLG.DLL
\OCOOKDLG.DLL => \1OCOOKDLG.DLL
\outpost.exe => \1outpost.exe
\pccguide.exe => \1pccguide.exe
\PcCtlCom.exe => \1PcCtlCom.exe
\python23.dll => \1python23.dll
\QHPF.EXE => \1QHPF.EXE
\Realmon.exe => \1Realmon.exe
\RuLaunch.exe => \1RuLaunch.exe
\schface.dll => \1schface.dll
\SNDSrvc.exe => \S1NDSrvc.exe
\SPBBCSvc.exe => \S1PBBCSvc.exe
\spiderml.exe => \s1piderml.exe
\symlcsvc.exe => \s1ymlcsvc.exe
\T2w32.dll => \T12w32.dll
\Tmntsrv.exe => \T1mntsrv.exe
\TmPfw.exe => \Tm1Pfw.exe
\tmproxy.exe => \tm1proxy.exe
\Up2Date.exe => \U1p2Date.exe
\upgrepl.exe => \u1pgrepl.exe
\Vba32ECM.exe => \V1ba32ECM.exe
\Vba32ifs.exe => \V1ba32ifs.exe
\vba32ldr.exe => \v1ba32ldr.exe
\Vba32PP3.exe => \V1ba32PP3.exe
\vbaifps.dll => \vb1aifps.dll
\vetredir.dll => \v1etredir.dll
\Vshwin32.exe => \Vs1hwin32.exe
\VsStat.exe => \Vs1Stat.exe
\vsvault.dll => \vs1vault.dll
\XT1922.dll => \XT11922.dll
\zatutor.exe => \za1tutor.exe
\zlavscan.dll => \zla1vscan.dll
\zlclient.exe => \zl1client.exe
\zonealarm.exe => \zo1nealarm.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"Symantec NetDriver Monitor"
"ccApp"
"NAV CfgWiz"
"SSC_UserPrompt"
"McAfee Guardian"
"McAfee.InstantUpdate.Monitor"
"APVXDWIN"
"KAV50"
"avg7_cc"
"avg7_emc"
"Zone Labs Client" /b>
HKLM\SOFTWARE\
Symantec
McAfee
KasperskyLab
Agnitum
Panda Software
Zone Labs
Trend Micro
Ahnlab task Scheduler
alerter
AlertManger
AntiVir Service
aswUpdSv
Ati HotKey Poller
avast! Antivirus
AVEService
AVExch32Service
avg7alrt
avg7updsvc
AvgCore
AvgFsh
AvgServ
AVIRAMailService
AVIRAService
avpcc
AVUPDService
AVWUpSrv
AvxIni
awhost32
backweb client - 4476822
BackWeb Client - 7681197
backweb client-4476822
bdss
BlackICE
CAISafe
ccEvtMgr
ccPwdSvc
ccSetMgr
ccSetMgr.exe
DefWatch
dvpapi
dvpinit
F-Secure Gatekeeper Handler Starter
fsbwsys
fsdfwd
FSMA
Guard NT
InoRpc
InoRT
InoTask
KAVMonitorService
kavsvc
KLBLMain
McAfee Firewall
McAfeeFramework
McShield
McTaskManager
mcupdmgr.exe
MCVSRte
MonSvcNT
navapsvc
Network Associates Log Service
nipsvc
NISSERV
NISUM
NOD32ControlCenter
NOD32Service
Norman NJeeves
Norman Type-R
Norman ZANDA
Norton Antivirus Server
NPFMntor
NProtectService
NSCTOP
nvcoas
NVCScheduler
nwclntc
nwclntd
nwclnte
nwclntf
nwclntg
nwclnth
NWService
Outbreak Manager
Outpost Firewall
OutpostFirewall
PASSRV
PAVFNSVR
Pavkre
PavProt
PavPrSrv
PAVSRV
PCCPFW
PersFW
PREVSRV
PSIMSVC
ravmon8
SAVFMSE
SAVScan
SBService
schscnt
SharedAccess
SmcService
SNDSrvc
SPBBCSvc
SpiderNT
SweepNet
SWEEPSRV.SYS
Symantec AntiVirus Client
Symantec Core LC
Tmntsrv
V3MonNT
V3MonSvc
Vba32ECM
Vba32ifs
Vba32Ldr
Vba32PP3
VexiraAntivirus
VisNetic AntiVirus Plug-in
vsmon
vsserv
wuauserv
xcomm
alerter
AlertManger
AntiVir Service
aswUpdSv
Ati HotKey Poller
avast! Antivirus
AVEService
AVExch32Service
avg7alrt
avg7updsvc
AvgCore
AvgFsh
AvgServ
AVIRAMailService
AVIRAService
avpcc
AVUPDService
AVWUpSrv
AvxIni
awhost32
backweb client - 4476822
BackWeb Client - 7681197
backweb client-4476822
bdss
BlackICE
CAISafe
ccEvtMgr
ccPwdSvc
ccSetMgr
ccSetMgr.exe
DefWatch
dvpapi
dvpinit
F-Secure Gatekeeper Handler Starter
fsbwsys
fsdfwd
FSMA
Guard NT
InoRpc
InoRT
InoTask
KAVMonitorService
kavsvc
KLBLMain
McAfee Firewall
McAfeeFramework
McShield
McTaskManager
mcupdmgr.exe
MCVSRte
MonSvcNT
navapsvc
Network Associates Log Service
nipsvc
NISSERV
NISUM
NOD32ControlCenter
NOD32Service
Norman NJeeves
Norman Type-R
Norman ZANDA
Norton Antivirus Server
NPFMntor
NProtectService
NSCTOP
nvcoas
NVCScheduler
nwclntc
nwclntd
nwclnte
nwclntf
nwclntg
nwclnth
NWService
Outbreak Manager
Outpost Firewall
OutpostFirewall
PASSRV
PAVFNSVR
Pavkre
PavProt
PavPrSrv
PAVSRV
PCCPFW
PersFW
PREVSRV
PSIMSVC
ravmon8
SAVFMSE
SAVScan
SBService
schscnt
SharedAccess
SmcService
SNDSrvc
SPBBCSvc
SpiderNT
SweepNet
SWEEPSRV.SYS
Symantec AntiVirus Client
Symantec Core LC
Tmntsrv
V3MonNT
V3MonSvc
Vba32ECM
Vba32ifs
Vba32Ldr
Vba32PP3
VexiraAntivirus
VisNetic AntiVirus Plug-in
vsmon
vsserv
wuauserv
xcomm
1. Загрузить ОС Windows в Безопасном режиме (Safe Mode).
2. Воспользоваться дисковым сканером Dr.Web® либо бесплатной утилитой Dr.Web® CureIT! для сканирования локальных дисков компьютера. Для всех найденных инфицированных файлов необходимо применить действие "Лечить".
3. Восстановить реестр из резервной копии.
4. Переустановить соответствующие приложения.
