I'm not permitted to upload htm files apparently? Here it is copy and pasted: and the other three are attached.
<!-- saved from url=(0014)about:internet -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<META http-equiv=Content-Type content="text/html; charset=windows-1251">
<META http-equiv="nocache">
</HEAD>
</HEAD>
<script language="JavaScript">
function add_scr_line (s, InsMode) {
var szStr, szOldStr;
var InsPoz;
szStr = document.forms.ScriptForm.CureScript.value;
szOldStr = szStr;
if (!(szStr.length > 5))
szStr = "begin\nend.";
if (szStr.substr(0, 5).toLowerCase() != "begin")
szStr = "begin\n" + szStr;
InsPoz = szStr.lastIndexOf("end.");
if (InsPoz < 5) {
szStr = szStr + "\nend.";
InsPoz = szStr.length-4;
}
if (InsMode == 1)
InsPoz = 5;
if (!(szStr.indexOf(s) >= 5)) {
var szStr1, szStr2;
szStr1 = szStr.substr(0, InsPoz);
szStr2 = szStr.substr(InsPoz);
if (InsMode == 0)
szStr2 = "\n" + szStr2;
else
szStr1 = szStr1 + "\n";
szStr = szStr1 + s + szStr2;
}
if (szStr != szOldStr)
document.forms.ScriptForm.CureScript.value = szStr;
}
function add_f_line (s) {
var szStr;
szStr = document.forms.FilesForm.FileList.value;
if (szStr.length > 0)
szStr = szStr + "\n";
if (szStr.indexOf(s) == -1)
document.forms.FilesForm.FileList.value = szStr + s;
}
function add_scr_d (s, s1) {
if (s1 == void 0)
add_scr_line(" DeleteFile('"+s+"');", 0);
else
add_scr_line(" DeleteFile('"+s+"','"+s1+"');", 0);
}
function add_scr_drk (s1, s2, s3) {
add_scr_line(" RegKeyParamDel('"+s1+"','"+s2+"','"+s3+"');", 0);
}
function add_scr_bho (s) {
add_scr_line(" DelBHO('"+s+"');", 1);
}
function add_scr_clsid (s) {
add_scr_line(" DelCLSID('"+s+"');", 1);
}
function add_scr_dpf (s) {
add_scr_line(" RegKeyDel('HKLM','SOFTWARE\\Microsoft\\Code Store Database\\Distribution Units\\"+s+"');", 1);
}
function add_scr_s1 (s) {
add_scr_line(" StopService('"+s+"');", 1);
}
function add_scr_s2 (s) {
add_scr_line(" DeleteService('"+s+"');", 1);
}
function add_scr_s3 (s) {
add_scr_line(" SetServiceStart('"+s+"', 4);", 1);
}
function add_scr_s4 (s) {
add_scr_line(" BC_DeleteSvc('"+s+"');", 0);
}
function add_scr_db (s) {
add_scr_line(" BC_DeleteFile('"+s+"');", 0);
}
function add_scr_k (s) {
add_scr_line(" QuarantineFile('"+s+"','');",1);
add_f_line(s);
}
function add_scr_t (s) {
add_scr_line(" TerminateProcessByName('"+s+"');",1);
add_f_line(s);
}
function add_scr_line_q (s, InsMode) {
add_scr_line(unescape(s),InsMode);
}
</script>
<BODY bgColor="#ffdfb7">
<H1 align=center>Results of system analysis</H1>
<H2 align=center>Process List</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>PID<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Copyright<TD align=center><b><font color=White>MD5<TD align=center><b><font color=White>Information
<TR bgColor="#ffc06d"><TD><a name="proc_1808"></a>C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareService.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareService.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareService.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareService.exe")'>Terminate</a><TD>1808<TD> <TD> <TD>8E1F77A904BD51D74FDBC0F7EB8D86A9<TD>703.87 kb, rsAh,<br>created: 10.03.2015 18:47:16,<br>modified: 10.03.2015 18:47:16<br>Command line:
<TR bgColor="#ffc06d"><TD><a name="proc_3160"></a>C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareTray.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareTray.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareTray.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareTray.exe")'>Terminate</a><TD>3160<TD> <TD> <TD>86C85BF57962EBA9F4B88FD954B2EB79<TD>9341.98 kb, rsAh,<br>created: 10.03.2015 18:50:46,<br>modified: 10.03.2015 18:50:46<br>Command line:
<TR bgColor="#00CC66"><TD><a name="proc_3960"></a>c:\program files (x86)\google\chrome\application\chrome.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\program files (x86)\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\program files (x86)\\google\\chrome\\application\\chrome.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\program files (x86)\\google\\chrome\\application\\chrome.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("c:\\program files (x86)\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>3960<TD>Google Chrome<TD>Copyright 2012 Google Inc. All rights reserved.<TD>F217EF2EA31D8F73504B1CD2F9787D9D<TD>790.32 kb, rsAh,<br>created: 15.05.2014 21:34:46,<br>modified: 14.03.2015 06:12:39<br>Command line: <BR>"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
<TR bgColor="#00CC66"><TD><a name="proc_4064"></a>c:\program files (x86)\bluestacks\hd-agent.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\program files (x86)\\bluestacks\\hd-agent.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\program files (x86)\\bluestacks\\hd-agent.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\program files (x86)\\bluestacks\\hd-agent.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("c:\\program files (x86)\\bluestacks\\hd-agent.exe")'>Terminate</a><TD>4064<TD>BlueStacks Agent<TD>Copyright 2011 BlueStack Systems, Inc. All Rights Reserved.<TD>548EE4F7C7F39111048B7A708C2DC245<TD>823.71 kb, rsAh,<br>created: 07.10.2014 15:35:06,<br>modified: 07.10.2014 15:35:06<br>Command line: <BR>"C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
<TR bgColor="#ffc06d"><TD><a name="proc_3084"></a>c:\program files\my lockbox\mylbx.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\program files\\my lockbox\\mylbx.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\program files\\my lockbox\\mylbx.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\program files\\my lockbox\\mylbx.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("c:\\program files\\my lockbox\\mylbx.exe")'>Terminate</a><TD>3084<TD>My Lockbox<TD>Copyright © 2006-2014 FSPro Labs<TD>606F08CEF10DBBF70057C8EEB28486F7<TD>2254.76 kb, rsAh,<br>created: 15.05.2014 21:52:26,<br>modified: 14.04.2014 20:39:56<br>Command line: <BR>"C:\Program Files\My Lockbox\mylbx.exe" /a
<TR bgColor="#00CC66"><TD colspan=6>Detected:75, recognized as trusted 72
</TABLE>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Module name<TD align=center><b><font color=White>Handle<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Copyright<TD align=center><b><font color=White>MD5<TD align=center><b><font color=White>Used by processes
<TR bgColor="#ffc06d"><TD><a href="" title="670.50 kb, rsAh, created: 17.02.2015 09:33:10, modified: 17.02.2015 09:33:10">C:\Program Files (x86)\Google\Chrome\Application\GoogleUpdate.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\Google\\Chrome\\Application\\GoogleUpdate.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\Google\\Chrome\\Application\\GoogleUpdate.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\Google\\Chrome\\Application\\GoogleUpdate.dll")'>Delete via BC</a><TD>1857683456<TD>Google Chrome Update<TD>Copyright 2012 Google Inc. All rights reserved.<TD>633A98427371836A0D9699E70E51E513<TD><a href="#proc_3960">3960</a>
<TR bgColor="#ffc06d"><TD><a href="" title="1413.00 kb, rsAh, created: 27.10.2014 23:03:09, modified: 27.10.2014 23:03:10">C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\d93099e1faaa28fc715b4fc64e010238\HD-Agent.ni.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\assembly\\NativeImages_v2.0.50727_32\\HD-Agent\\d93099e1faaa28fc715b4fc64e010238\\HD-Agent.ni.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\assembly\\NativeImages_v2.0.50727_32\\HD-Agent\\d93099e1faaa28fc715b4fc64e010238\\HD-Agent.ni.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\assembly\\NativeImages_v2.0.50727_32\\HD-Agent\\d93099e1faaa28fc715b4fc64e010238\\HD-Agent.ni.exe")'>Delete via BC</a><TD>1949171712<TD>BlueStacks Agent<TD>Copyright 2011 BlueStack Systems, Inc. All Rights Reserved.<TD>6B1FF08CE4FE6B1C511404B544E82C9C<TD><a href="#proc_4064">4064</a>
<TR bgColor="#ffc06d"><TD><a href="" title="151.50 kb, rsAh, created: 27.10.2014 23:03:22, modified: 27.10.2014 23:03:22">C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\ed9302abc94cce786710d77fd1410886\JSON.ni.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\assembly\\NativeImages_v2.0.50727_32\\JSON\\ed9302abc94cce786710d77fd1410886\\JSON.ni.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\assembly\\NativeImages_v2.0.50727_32\\JSON\\ed9302abc94cce786710d77fd1410886\\JSON.ni.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\assembly\\NativeImages_v2.0.50727_32\\JSON\\ed9302abc94cce786710d77fd1410886\\JSON.ni.dll")'>Delete via BC</a><TD>1947533312<TD> <TD>Copyright © 2010 Pawe³ Hofman, CodeTitans<TD>D78AADCB4FD2E668CDD203DA8DB3BAF7<TD><a href="#proc_4064">4064</a>
<TR bgColor="#00CC66"><TD colspan=6>Modules found:285, recognized as trusted 282
</TABLE>
<H2 align=center>Kernel Space Modules Viewer</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Module<TD align=center><b><font color=White>Base address<TD align=center><b><font color=White>Size in memory<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer
<TR bgColor="#ffc06d"><TD><a title="error getting file info" href="">C:\Windows\System32\Drivers\dump_dumpata.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\Drivers\\dump_dumpata.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\Drivers\\dump_dumpata.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\Drivers\\dump_dumpata.sys")'>Delete via BC</a><TD>DF4000<TD>00C000 (49152)<TD><TD>
<TR bgColor="#ffc06d"><TD><a title="error getting file info" href="">C:\Windows\System32\Drivers\dump_dumpfve.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\Drivers\\dump_dumpfve.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\Drivers\\dump_dumpfve.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\Drivers\\dump_dumpfve.sys")'>Delete via BC</a><TD>84BE000<TD>013000 (77824)<TD><TD>
<TR bgColor="#ffc06d"><TD><a title="error getting file info" href="">C:\Windows\System32\Drivers\dump_msahci.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\Drivers\\dump_msahci.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\Drivers\\dump_msahci.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\Drivers\\dump_msahci.sys")'>Delete via BC</a><TD>C5C000<TD>00B000 (45056)<TD><TD>
<TR bgColor="#00CC66"><TD colspan=5>Modules found - 158, recognized as trusted - 155
</TABLE>
<H2 align=center>Services</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Service<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Status<TD align=center><b><font color=White>File<TD align=center><b><font color=White>Group<TD align=center><b><font color=White>Dependencies
<TR bgColor="#ffc06d"><TD>LavasoftAdAwareService11<br><font size=-2>Service: <a href='Javascript:add_scr_s1("LavasoftAdAwareService11")'>Stop</a>, <a href='Javascript:add_scr_s2("LavasoftAdAwareService11")'>Delete</a>, <a href='Javascript:add_scr_s3("LavasoftAdAwareService11")'>Disable</a>, <a href='Javascript:add_scr_s4("LavasoftAdAwareService11")'>Delete via BC</a><TD>Ad-Aware Service 11<TD>Running<TD><a title="703.87 kb, rsAh, created: 10.03.2015 18:47:16, modified: 10.03.2015 18:47:16" href="">C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareService.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareService.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareService.exe")'>Delete via BC</a><TD> <TD>
<TR bgColor="#ffc06d"><TD>Origin Client Service<br><font size=-2>Service: <a href='Javascript:add_scr_s1("Origin Client Service")'>Stop</a>, <a href='Javascript:add_scr_s2("Origin Client Service")'>Delete</a>, <a href='Javascript:add_scr_s3("Origin Client Service")'>Disable</a>, <a href='Javascript:add_scr_s4("Origin Client Service")'>Delete via BC</a><TD>Origin Client Service<TD>Not started<TD><a title="1865.86 kb, rsAh, created: 15.03.2015 15:36:32, modified: 15.03.2015 15:36:32" href="">C:\Program Files (x86)\Origin\OriginClientService.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\Origin\\OriginClientService.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\Origin\\OriginClientService.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\Origin\\OriginClientService.exe")'>Delete via BC</a><TD> <TD>
<TR bgColor="#ffc06d"><TD>SwitchBoard<br><font size=-2>Service: <a href='Javascript:add_scr_s1("SwitchBoard")'>Stop</a>, <a href='Javascript:add_scr_s2("SwitchBoard")'>Delete</a>, <a href='Javascript:add_scr_s3("SwitchBoard")'>Disable</a>, <a href='Javascript:add_scr_s4("SwitchBoard")'>Delete via BC</a><TD>Adobe SwitchBoard<TD>Not started<TD><a title="error getting file info" href="">C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe")'>Delete via BC</a><TD> <TD>
<TR bgColor="#00CC66"><TD colspan=7>Detected - 170, recognized as trusted - 167
</TABLE>
<H2 align=center>Drivers</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Service<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Status<TD align=center><b><font color=White>File<TD align=center><b><font color=White>Group<TD align=center><b><font color=White>Dependencies
<TR bgColor="#ffc06d"><TD>EagleX64<br><font size=-2>Driver: <a href='Javascript:add_scr_s1("EagleX64")'>Unload</a>, <a href='Javascript:add_scr_s2("EagleX64")'>Delete</a>, <a href='Javascript:add_scr_s3("EagleX64")'>Disable</a>, <a href='Javascript:add_scr_s4("EagleX64")'>Delete via BC</a><TD>EagleX64<TD>Not started<TD><a title="error getting file info" href="">C:\Windows\system32\drivers\EagleX64.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\drivers\\EagleX64.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\drivers\\EagleX64.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\drivers\\EagleX64.sys")'>Delete via BC</a><TD> <TD>
<TR bgColor="#00CC66"><TD colspan=7>Detected - 260, recognized as trusted - 259
</TABLE>
<H2 align=center>Autoruns</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Status<TD align=center><b><font color=White>Startup method<TD align=center><b><font color=White>Description
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\EventMessages.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\DWA\\resources\\libraries\\EventMessages.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\DWA\\resources\\libraries\\EventMessages.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\DWA\\resources\\libraries\\EventMessages.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Adobe Setup, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\IPSEventLogMsg.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\IPSEventLogMsg.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\IPSEventLogMsg.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\IPSEventLogMsg.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Handwriting Recognition, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Program Files (x86)\DVD</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\DVD")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\DVD","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\DVD")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Dvd Maker, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="468.49 kb, rsAh, created: 30.10.2014 17:33:16, modified: 30.10.2014 17:33:16">C:\Program Files (x86)\FrostWire\FrostWire.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\FrostWire\\FrostWire.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\FrostWire\\FrostWire.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\FrostWire\\FrostWire.exe")'>Delete via BC</a><TD>Active<TD>Shortcut in Startup folder<TD>C:\Users\testy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\, C:\Users\testy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FrostWire 6.lnk,
<TR bgColor="#ffc06d"><TD><a href="" title="261.09 kb, rsAh, created: 16.05.2014 18:54:45, modified: 17.05.2014 00:56:50">C:\Program Files (x86)\WinRAR\rarext.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\WinRAR\\rarext.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\WinRAR\\rarext.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\WinRAR\\rarext.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {B41DB860-8EE4-11D2-9906-E49FADC173CA}<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved","{B41DB860-8EE4-11D2-9906-E49FADC173CA}")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Program Files (x86)\Windows Defender\MpEvMsg.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\Windows Defender\\MpEvMsg.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\Windows Defender\\MpEvMsg.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\Windows Defender\\MpEvMsg.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\WinDefend, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="9341.98 kb, rsAh, created: 10.03.2015 18:50:46, modified: 10.03.2015 18:50:46">C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareTray.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareTray.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.6.306.7947\\AdAwareTray.exe")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, AdAwareTray<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","Software\\Microsoft\\Windows\\CurrentVersion\\Run","AdAwareTray")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="2254.76 kb, rsAh, created: 15.05.2014 21:52:26, modified: 14.04.2014 20:39:56">C:\Program Files\My Lockbox\mylbx.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files\\My Lockbox\\mylbx.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files\\My Lockbox\\mylbx.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files\\My Lockbox\\mylbx.exe")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, mylbx<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","Software\\Microsoft\\Windows\\CurrentVersion\\Run","mylbx")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\Audiosrv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\Audiosrv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\Audiosrv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\Audiosrv.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\AudioEndpointBuilder\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\AudioEndpointBuilder\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\Audiosrv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\Audiosrv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\Audiosrv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\Audiosrv.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\AudioSrv\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\AudioSrv\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\AxInstSV.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\AxInstSV.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\AxInstSV.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\AxInstSV.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\AxInstSV\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\AxInstSV\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\AxInstSv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\AxInstSv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\AxInstSv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\AxInstSv.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-AxInstallService, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\DFDTS.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\DFDTS.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\DFDTS.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\DFDTS.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Windows Disk Diagnostic, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\DispCI.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\DispCI.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\DispCI.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\DispCI.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Display, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\Drivers\L1C62x64.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\Drivers\\L1C62x64.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\Drivers\\L1C62x64.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\Drivers\\L1C62x64.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\L1C, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\Drivers\Pcmcia.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\Drivers\\Pcmcia.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\Drivers\\Pcmcia.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\Drivers\\Pcmcia.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\pcmcia, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\Drivers\VolSnap.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\Drivers\\VolSnap.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\Drivers\\VolSnap.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\Drivers\\VolSnap.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Volsnap, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\Drivers\acpi.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\Drivers\\acpi.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\Drivers\\acpi.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\Drivers\\acpi.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\ACPI, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\Drivers\hidbth.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\Drivers\\hidbth.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\Drivers\\hidbth.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\Drivers\\hidbth.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\HidBth, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\MsSpellCheckingFacility.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\MsSpellCheckingFacility.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\MsSpellCheckingFacility.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\MsSpellCheckingFacility.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-Spell-Checking, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\MsSpellCheckingFacility.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\MsSpellCheckingFacility.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\MsSpellCheckingFacility.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\MsSpellCheckingFacility.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-SpellChecker, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\MsSpellCheckingFacility.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\MsSpellCheckingFacility.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\MsSpellCheckingFacility.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\MsSpellCheckingFacility.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Spell-Checking, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\MsSpellCheckingFacility.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\MsSpellCheckingFacility.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\MsSpellCheckingFacility.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\MsSpellCheckingFacility.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-SpellChecker, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\RdpGroupPolicyExtension.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\RdpGroupPolicyExtension.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\RdpGroupPolicyExtension.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\RdpGroupPolicyExtension.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{6cfb9c5c-138e-4bb3-8a3d-d5383e910e57}, DLLName<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\GPExtensions\\{6cfb9c5c-138e-4bb3-8a3d-d5383e910e57}","DLLName")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\RpcEpMap.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\RpcEpMap.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\RpcEpMap.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\RpcEpMap.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\RpcEptMapper\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\RpcEptMapper\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\SCardSvr.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\SCardSvr.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\SCardSvr.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\SCardSvr.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\SCardSvr\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\SCardSvr\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\SDRSVC.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\SDRSVC.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\SDRSVC.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\SDRSVC.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\SDRSVC\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\SDRSVC\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\TabSvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\TabSvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\TabSvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\TabSvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\TabletInputService\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\TabletInputService\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\TsUsbRedirectionGroupPolicyExtension.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\TsUsbRedirectionGroupPolicyExtension.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\TsUsbRedirectionGroupPolicyExtension.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4bcd6cde-777b-48b6-9804-43568e23545d}, DLLName<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\GPExtensions\\{4bcd6cde-777b-48b6-9804-43568e23545d}","DLLName")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\UI0Detect.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\UI0Detect.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\UI0Detect.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\UI0Detect.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Interactive Services detection, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\VSSVC.EXE</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\VSSVC.EXE")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\VSSVC.EXE","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\VSSVC.EXE")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\VSS, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\VSSVC.EXE</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\VSSVC.EXE")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\VSSVC.EXE","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\VSSVC.EXE")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Security\VSSAudit, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\WUDFHost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\WUDFHost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\WUDFHost.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\WUDFHost.exe")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\WUDF\Services\{193a1820-d9ac-4997-8c55-be817523f6aa}, HostProcessImagePath<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","Software\\Microsoft\\Windows NT\\CurrentVersion\\WUDF\\Services\\{193a1820-d9ac-4997-8c55-be817523f6aa}","HostProcessImagePath")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\WUDFSvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\WUDFSvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\WUDFSvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\WUDFSvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\wudfsvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\wudfsvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\WerSvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\WerSvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\WerSvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\WerSvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\WerSvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\WerSvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\aelupsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\aelupsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\aelupsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\aelupsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\AeLookupSvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\AeLookupSvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\aelupsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\aelupsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\aelupsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\aelupsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\AeLookupSvc, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\appidsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\appidsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\appidsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\appidsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\AppIDSvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\AppIDSvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\appinfo.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\appinfo.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\appinfo.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\appinfo.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Appinfo\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\Appinfo\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\bdesvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\bdesvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\bdesvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\bdesvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\BDESVC\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\BDESVC\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\bfe.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\bfe.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\bfe.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\bfe.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\BFE\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\BFE\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\browser.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\browser.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\browser.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\browser.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Browser\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\Browser\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\certprop.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\certprop.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\certprop.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\certprop.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\CertPropSvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\CertPropSvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\certprop.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\certprop.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\certprop.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\certprop.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\SCPolicySvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\SCPolicySvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\cscsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\cscsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\cscsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\cscsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\CscService\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\CscService\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\defragsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\defragsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\defragsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\defragsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\defragsvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\defragsvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\dmvscres.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\dmvscres.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\dmvscres.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\dmvscres.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\dmvsc, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\dnsrslvr.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\dnsrslvr.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\dnsrslvr.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\dnsrslvr.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Dnscache\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\Dnscache\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\dot3svc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\dot3svc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\dot3svc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\dot3svc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\dot3svc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\dot3svc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\HECIx64.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\HECIx64.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\HECIx64.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\HECIx64.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\HECIx64, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\MTConfig.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\MTConfig.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\MTConfig.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\MTConfig.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\MTConfig, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\Wdf01000.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\Wdf01000.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\Wdf01000.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\Wdf01000.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\wdf01000, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\amdk8.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\amdk8.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\amdk8.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\amdk8.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\AmdK8, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\amdppm.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\amdppm.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\amdppm.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\amdppm.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\AmdPPM, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\b57nd60a.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\b57nd60a.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\b57nd60a.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\b57nd60a.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\b57nd60a, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\bxvbda.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\bxvbda.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\bxvbda.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\bxvbda.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\b06bdrv, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\evbda.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\evbda.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\evbda.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\evbda.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\ebdrv, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\fltmgr.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\fltmgr.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\fltmgr.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\fltmgr.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\FltMgr, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\i8042prt.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\i8042prt.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\i8042prt.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\i8042prt.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\i8042prt, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\iaStorV.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\iaStorV.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\iaStorV.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\iaStorV.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\iaStorV, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\intelppm.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\intelppm.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\intelppm.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\intelppm.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\intelppm, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\ipmidrv.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\ipmidrv.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\ipmidrv.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\ipmidrv.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\IPMIDRV, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\isapnp.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\isapnp.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\isapnp.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\isapnp.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\isapnp, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\kbdclass.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\kbdclass.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\kbdclass.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\kbdclass.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\kbdclass, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\kbdhid.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\kbdhid.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\kbdhid.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\kbdhid.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\kbdhid, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\mouclass.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\mouclass.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\mouclass.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\mouclass.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\mouclass, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\mouhid.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\mouhid.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\mouhid.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\mouhid.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\mouhid, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\mpio.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\mpio.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\mpio.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\mpio.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\mpio, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\nvstor.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\nvstor.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\nvstor.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\nvstor.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\nvstor, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\parport.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\parport.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\parport.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\parport.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Parport, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\processr.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\processr.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\processr.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\processr.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Processor, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\sbp2port.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\sbp2port.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\sbp2port.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\sbp2port.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\sbp2port, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\serial.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\serial.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\serial.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\serial.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Serial, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\sermouse.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\sermouse.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\sermouse.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\sermouse.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\sermouse, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\tsusbflt.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\tsusbflt.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\tsusbflt.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\tsusbflt.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\TsUsbFlt, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\vgapnp.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\vgapnp.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\vgapnp.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\vgapnp.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\vga, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\wachidrouter.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\wachidrouter.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\wachidrouter.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\wachidrouter.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\WacHidRouter, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\wacompen.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\wacompen.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\wacompen.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\wacompen.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\WacomPen, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\drivers\wd.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\drivers\\wd.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\drivers\\wd.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\drivers\\wd.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Wd, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\eapsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\eapsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\eapsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\eapsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\EapHost\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\EapHost\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\gpsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\gpsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\gpsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\gpsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\gpsvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\gpsvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\ikeext.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\ikeext.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\ikeext.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\ikeext.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\IKEEXT\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\IKEEXT\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\iphlpsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\iphlpsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\iphlpsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\iphlpsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\iphlpsvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\ipnathlp.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\ipnathlp.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\ipnathlp.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\ipnathlp.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\ipsecsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\ipsecsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\ipsecsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\ipsecsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\PolicyAgent\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\PolicyAgent\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\iscsiexe.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\iscsiexe.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\iscsiexe.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\iscsiexe.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\MSiSCSI, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\iscsilog.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\iscsilog.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\iscsilog.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\iscsilog.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\iScsiPrt, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\lltdsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\lltdsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\lltdsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\lltdsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\lltdsvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\lltdsvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\lmhsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\lmhsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\lmhsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\lmhsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\lmhosts\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\lmhosts\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\lsasrv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\lsasrv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\lsasrv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\lsasrv.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\LsaSrv, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\lsasrv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\lsasrv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\lsasrv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\lsasrv.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Schannel, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\mctadmin.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\mctadmin.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\mctadmin.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\mctadmin.exe")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_USERS, S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce, mctadmin<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_USERS","S-1-5-19\\Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce","mctadmin")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\mctadmin.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\mctadmin.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\mctadmin.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\mctadmin.exe")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_USERS, S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce, mctadmin<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_USERS","S-1-5-20\\Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce","mctadmin")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\mdsched.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\mdsched.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\mdsched.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\mdsched.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-MemoryDiagnostics-Schedule, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\netman.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\netman.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\netman.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\netman.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Netman\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\Netman\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\nlasvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\nlasvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\nlasvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\nlasvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\NlaSvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\pcasvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\pcasvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\pcasvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\pcasvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\PcaSvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\PcaSvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\profsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\profsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\profsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\profsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-User Profiles Service, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\profsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\profsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\profsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\profsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Profsvc, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\qmgr.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\qmgr.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\qmgr.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\qmgr.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\BITS\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\BITS\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\rasauto.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\rasauto.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\rasauto.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\rasauto.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\RasAuto\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\RasAuto\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\rasmans.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\rasmans.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\rasmans.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\rasmans.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\RasMan\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\RasMan\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\relpost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\relpost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\relpost.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\relpost.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-MemoryDiagnostics-Results, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\samsrv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\samsrv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\samsrv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\samsrv.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Directory-Services-SAM, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\samsrv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\samsrv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\samsrv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\samsrv.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\SAM, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\snmptrap.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\snmptrap.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\snmptrap.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\snmptrap.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\SNMPTRAP, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\ssdpsrv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\ssdpsrv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\ssdpsrv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\ssdpsrv.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\SSDPSRV\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\SSDPSRV\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\sstpsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\sstpsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\sstpsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\sstpsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-RasSstp, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\swprv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\swprv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\swprv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\swprv.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\swprv\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\swprv\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\tbssvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\tbssvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\tbssvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\tbssvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\TBS\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\TBS\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\tcpmon.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\tcpmon.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\tcpmon.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\tcpmon.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\TCPMon, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\termsrv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\termsrv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\termsrv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\termsrv.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\TermService\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\TermService\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\trkwks.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\trkwks.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\trkwks.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\trkwks.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\TrkWks\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\TrkWks\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\umpnpmgr.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\umpnpmgr.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\umpnpmgr.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\umpnpmgr.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\PlugPlayManager, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\umpo.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\umpo.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\umpo.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\umpo.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Power, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\umrdp.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\umrdp.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\umrdp.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\umrdp.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\UmRdpService\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\UmRdpService\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\umrdp.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\umrdp.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\umrdp.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\umrdp.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\UmRdpService, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\uxsms.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\uxsms.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\uxsms.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\uxsms.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\UxSms\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\UxSms\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\vds.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\vds.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\vds.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\vds.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Virtual Disk Service, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\vmbusres.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\vmbusres.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\vmbusres.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\vmbusres.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\vmbus, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\vmictimeprovider.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\vmictimeprovider.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\vmictimeprovider.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\vmictimeprovider.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\VMICTimeProvider, DllName<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\W32Time\\TimeProviders\\VMICTimeProvider","DllName")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\vmstorfltres.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\vmstorfltres.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\vmstorfltres.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\vmstorfltres.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\storflt, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wbiosrvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wbiosrvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wbiosrvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wbiosrvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\WbioSrvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\WbioSrvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wecsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wecsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wecsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wecsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\wecsvc, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wercplsupport.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wercplsupport.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wercplsupport.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wercplsupport.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\wercplsupport\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\wercplsupport\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wersvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wersvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wersvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wersvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Application Hang, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wersvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wersvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wersvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wersvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\WerSvc, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wevtsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wevtsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wevtsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wevtsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Security\Microsoft-Windows-Eventlog, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wevtsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wevtsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wevtsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wevtsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Eventlog, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wiaservc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wiaservc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wiaservc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wiaservc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\stisvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\stisvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wiaservc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wiaservc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wiaservc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wiaservc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\StillImage, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\win32k.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\win32k.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\win32k.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\win32k.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, System\CurrentControlSet\Control\Session Manager\SubSystems, Kmode
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\win32k.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\win32k.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\win32k.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\win32k.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Win32k, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\winlogon.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\winlogon.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\winlogon.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\winlogon.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Winlogon, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\winlogon.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\winlogon.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\winlogon.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\winlogon.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wlclntfy, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wkssvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wkssvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wkssvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wkssvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\LanmanWorkstation\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wlansvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wlansvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wlansvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wlansvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Wlansvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\Wlansvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wscsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wscsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wscsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wscsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\wscsvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\wscsvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wscsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wscsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wscsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wscsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\SecurityCenter, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\System32\wwansvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\wwansvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\wwansvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\wwansvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\WwanSvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\WwanSvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\BlbEvents.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\BlbEvents.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\BlbEvents.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\BlbEvents.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-Backup, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\FntCache.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\FntCache.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\FntCache.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\FntCache.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\FontCache\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\FontCache\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\ListSvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\ListSvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\ListSvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\ListSvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\HomeGroupListener\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\HomeGroupListener\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\Mcx2Svc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\Mcx2Svc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Mcx2Svc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\Mcx2Svc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Mcx2Svc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\Mcx2Svc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\WINSAT.EXE</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\WINSAT.EXE")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\WINSAT.EXE","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\WINSAT.EXE")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-WindowsSystemAssessmentTool, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\WUDFPlatform.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\WUDFPlatform.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\WUDFPlatform.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\WUDFPlatform.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-DriverFrameworks-UserMode, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\Wat\WatUX.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\Wat\\WatUX.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Wat\\WatUX.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\Wat\\WatUX.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Windows Activation Technologies, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\bthserv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\bthserv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\bthserv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\bthserv.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\bthserv\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\bthserv\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\certprop.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\certprop.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\certprop.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\certprop.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-SCPNP, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\cofiredm.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\cofiredm.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\cofiredm.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\cofiredm.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-CorruptedFileRecovery-Client, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\cofiredm.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\cofiredm.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\cofiredm.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\cofiredm.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-CorruptedFileRecovery-Server, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\cscsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\cscsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\cscsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\cscsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-OfflineFiles, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\csrsrv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\csrsrv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\csrsrv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\csrsrv.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Subsys-SMSS, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\defragsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\defragsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\defragsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\defragsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-Defrag, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\dfdts.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\dfdts.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\dfdts.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\dfdts.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-DiskDiagnostic, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\dps.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\dps.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\dps.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\dps.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\DPS\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\DPS\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\drivers\HTTP.SYS</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\drivers\\HTTP.SYS")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\drivers\\HTTP.SYS","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\drivers\\HTTP.SYS")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-HttpEvent, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\drivers\fltmgr.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\drivers\\fltmgr.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\drivers\\fltmgr.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\drivers\\fltmgr.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-FilterManager, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\drivers\fvevol.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\drivers\\fvevol.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\drivers\\fvevol.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\drivers\\fvevol.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-BitLocker-Driver, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\drivers\ntfs.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\drivers\\ntfs.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\drivers\\ntfs.sys","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\drivers\\ntfs.sys")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Ntfs, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\dwm.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\dwm.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\dwm.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\dwm.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Desktop Window Manager, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\eapsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\eapsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\eapsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\eapsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-EapHost, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\fdPHost.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\fdPHost.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\fdPHost.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\fdPHost.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\fdPHost\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\fdPHost\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\fdphost.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\fdphost.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\fdphost.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\fdphost.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-FunctionDiscoveryHost, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\fdrespub.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\fdrespub.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\fdrespub.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\fdrespub.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\FDResPub\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\FDResPub\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\fdrespub.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\fdrespub.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\fdrespub.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\fdrespub.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-ResourcePublication, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\fveapi.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\fveapi.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\fveapi.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\fveapi.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-BitLocker-API, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\fxsevent.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\fxsevent.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\fxsevent.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\fxsevent.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft Fax, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\gpsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\gpsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\gpsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\gpsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-GroupPolicy, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\hkcmd.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\hkcmd.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\hkcmd.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\hkcmd.exe")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, HotKeysCmds<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","Software\\Microsoft\\Windows\\CurrentVersion\\Run","HotKeysCmds")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\igfxpers.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\igfxpers.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\igfxpers.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\igfxpers.exe")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, Persistence<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","Software\\Microsoft\\Windows\\CurrentVersion\\Run","Persistence")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\igfxtray.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\igfxtray.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\igfxtray.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\igfxtray.exe")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, IgfxTray<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","Software\\Microsoft\\Windows\\CurrentVersion\\Run","IgfxTray")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\ipbusenum.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\ipbusenum.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\ipbusenum.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\ipbusenum.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\IPBusEnum\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\IPBusEnum\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\ipbusenum.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\ipbusenum.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\ipbusenum.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\ipbusenum.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-IPBusEnum, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\iphlpsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\iphlpsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\iphlpsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\iphlpsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Iphlpsvc, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\iscsiexe.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\iscsiexe.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\iscsiexe.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\iscsiexe.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\MSiSCSI\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\MSiSCSI\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\kmsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\kmsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\kmsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\kmsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\hkmsvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\hkmsvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\lpksetup.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\lpksetup.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\lpksetup.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\lpksetup.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-LanguagePackSetup, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\lsm.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\lsm.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\lsm.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\lsm.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\LSM, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\lsm.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\lsm.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\lsm.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\lsm.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-TerminalServices-LocalSessionManager, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\microsoft-windows-hal-events.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\microsoft-windows-hal-events.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\microsoft-windows-hal-events.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\microsoft-windows-hal-events.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-HAL, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\microsoft-windows-kernel-power-events.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\microsoft-windows-kernel-power-events.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\microsoft-windows-kernel-power-events.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\microsoft-windows-kernel-power-events.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Kernel-Power, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\microsoft-windows-kernel-processor-power-events.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\microsoft-windows-kernel-processor-power-events.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\microsoft-windows-kernel-processor-power-events.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\microsoft-windows-kernel-processor-power-events.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Kernel-Processor-Power, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\mmcss.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\mmcss.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\mmcss.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\mmcss.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\MMCSS\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\MMCSS\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\mmcss.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\mmcss.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\mmcss.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\mmcss.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\THREADORDER\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\THREADORDER\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\mpssvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\mpssvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\mpssvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\mpssvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\MpsSvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\MpsSvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\mpssvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\mpssvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\mpssvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\mpssvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Firewall, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\msdtckrm.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\msdtckrm.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\msdtckrm.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\msdtckrm.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\KtmRm\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\KtmRm\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\nsisvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\nsisvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\nsisvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\nsisvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\nsi\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\nsi\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\oobe\winsetup.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\oobe\\winsetup.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\oobe\\winsetup.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\oobe\\winsetup.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Setup, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\p2psvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\p2psvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\p2psvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\p2psvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\p2psvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\p2psvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\peerdistsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\peerdistsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\peerdistsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\peerdistsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\PeerDistSvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\PeerDistSvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\pnrpauto.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\pnrpauto.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\pnrpauto.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\pnrpauto.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\PNRPAutoReg\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\PNRPAutoReg\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\pnrpsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\pnrpsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\pnrpsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\pnrpsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\p2pimsvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\p2pimsvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\pnrpsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\pnrpsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\pnrpsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\pnrpsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\PNRPsvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\PNRPsvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\profsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\profsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\profsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\profsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\ProfSvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\ProfSvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\psxss.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\psxss.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\psxss.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\psxss.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, System\CurrentControlSet\Control\Session Manager\SubSystems, Posix
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\qagentRT.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\qagentRT.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\qagentRT.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\qagentRT.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\napagent\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\napagent\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\qmgr.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\qmgr.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\qmgr.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\qmgr.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Bits-Client, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\recovery.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\recovery.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\recovery.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\recovery.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Recovery, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\regsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\regsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\regsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\regsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\RemoteRegistry\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\rpcss.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\rpcss.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\rpcss.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\rpcss.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\DcomLaunch\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\DcomLaunch\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\rpcss.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\rpcss.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\rpcss.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\rpcss.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\RpcSs\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\RpcSs\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\schedsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\schedsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\schedsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\schedsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Schedule\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\Schedule\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\schedsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\schedsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\schedsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\schedsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-TaskScheduler, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\sdclt.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\sdclt.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\sdclt.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\sdclt.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\BackupPath,
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\sdengin2.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\sdengin2.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\sdengin2.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\sdengin2.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Windows Backup, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\seclogon.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\seclogon.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\seclogon.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\seclogon.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\seclogon\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\seclogon\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\sensrsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\sensrsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\sensrsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\sensrsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\SensrSvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\SensrSvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\services.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\services.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\services.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\services.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Service Control Manager, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\sppsvc.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\sppsvc.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\sppsvc.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\sppsvc.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Software Protection Platform Service, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\sppsvc.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\sppsvc.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\sppsvc.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\sppsvc.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Key Management Service\KmsRequests, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\sppuinotify.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\sppuinotify.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\sppuinotify.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\sppuinotify.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\sppuinotify\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\sppuinotify\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\srcore.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\srcore.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\srcore.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\srcore.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\System Restore, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\srvsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\srvsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\srvsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\srvsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\LanmanServer\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\sstpsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\sstpsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\sstpsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\sstpsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\SstpSvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\SstpSvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\sstpsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\sstpsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\sstpsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\sstpsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\RasSstp, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\storsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\storsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\storsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\storsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\StorSvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\StorSvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\sysmain.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\sysmain.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\sysmain.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\sysmain.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\SysMain\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\SysMain\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\sysmain.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\sysmain.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\sysmain.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\sysmain.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\rdyboost\Performance, Library<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\rdyboost\\Performance","Library")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\tbssvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\tbssvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\tbssvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\tbssvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-TBS, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\termsrv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\termsrv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\termsrv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\termsrv.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-TerminalServices-RemoteConnectionManager, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\termsrv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\termsrv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\termsrv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\termsrv.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\TermService, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\themeservice.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\themeservice.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\themeservice.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\themeservice.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Themes\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\Themes\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\umpnpmgr.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\umpnpmgr.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\umpnpmgr.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\umpnpmgr.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\PlugPlay\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\PlugPlay\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\umpnpmgr.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\umpnpmgr.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\umpnpmgr.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\umpnpmgr.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-UserPnp, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\umpo.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\umpo.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\umpo.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\umpo.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Power\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\Power\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\w32time.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\w32time.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\w32time.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\w32time.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\W32Time\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\W32Time\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\w32time.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\w32time.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\w32time.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\w32time.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Time-Service, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\w32time.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\w32time.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\w32time.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\w32time.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\W32Time, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\w32time.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\w32time.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\w32time.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\w32time.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient, DllName<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\W32Time\\TimeProviders\\NtpClient","DllName")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\w32time.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\w32time.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\w32time.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\w32time.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer, DllName<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\W32Time\\TimeProviders\\NtpServer","DllName")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\wbem\WMIsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\wbem\\WMIsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\wbem\\WMIsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\wbem\\WMIsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\Winmgmt\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\wecsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\wecsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\wecsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\wecsvc.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Wecsvc\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\Wecsvc\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\wecsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\wecsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\wecsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\wecsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-EventCollector, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\wecsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\wecsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\wecsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\wecsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\HardwareEvents, DisplayNameFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\wecsvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\wecsvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\wecsvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\wecsvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-EventCollector, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\winlogon.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\winlogon.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\winlogon.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\winlogon.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Winlogon, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\winsrv.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\winsrv.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\winsrv.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\winsrv.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-Winsrv, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\wlansvc.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\wlansvc.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\wlansvc.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\wlansvc.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-WLAN-AutoConfig, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\wpdbusenum.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\wpdbusenum.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\wpdbusenum.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\wpdbusenum.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\WPDBusEnum\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\WPDBusEnum\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\wsepno.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\wsepno.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\wsepno.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\wsepno.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Windows Search Service Profile Notification, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\wuaueng.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\wuaueng.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\wuaueng.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\wuaueng.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\wuauserv\Parameters, ServiceDll<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","SYSTEM\\CurrentControlSet\\Services\\wuauserv\\Parameters","ServiceDll")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\wuaueng.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\wuaueng.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\wuaueng.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\wuaueng.dll")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-WindowsUpdateClient, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\fc1624e7b5884873e3792696b7\DW\DW20.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\fc1624e7b5884873e3792696b7\\DW\\DW20.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\fc1624e7b5884873e3792696b7\\DW\\DW20.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\fc1624e7b5884873e3792696b7\\DW\\DW20.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\VSSetup, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">Maker\DVDMaker.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("Maker\\DVDMaker.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("Maker\\DVDMaker.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("Maker\\DVDMaker.exe")'>Delete via BC</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Dvd Maker, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">auditcse.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("auditcse.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("auditcse.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("auditcse.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{f3ccc681-b74c-4060-9f26-cd84525dca2a}, DLLName<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\GPExtensions\\{f3ccc681-b74c-4060-9f26-cd84525dca2a}","DLLName")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">igfxdev.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("igfxdev.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("igfxdev.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("igfxdev.dll")'>Delete via BC</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify\\igfxcui","DLLName")'>Delete</a>
<TR bgColor="#00CC66"><TD colspan=7> Autoruns items found - 742, recognized as trusted - 494
</TABLE>
<H2 align=center>Internet Explorer extension modules (BHOs, Toolbars ...)</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Type<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer<TD align=center><b><font color=White>CLSID
<TR bgColor="#00CC66"><TD colspan=7> Items found - 3, recognized as trusted - 3
</TABLE>
<H2 align=center>Windows Explorer extension modules</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Destination<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer<TD align=center><b><font color=White>CLSID
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info"></a><TD>WebCheck<TD><TD><TD>{E6FB5E20-DE35-11CF-9C87-00AA005127ED}<br><font size=-2> <a href='Javascript:add_scr_clsid("{E6FB5E20-DE35-11CF-9C87-00AA005127ED}")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="261.09 kb, rsAh, created: 16.05.2014 18:54:45, modified: 17.05.2014 00:56:50">C:\Program Files (x86)\WinRAR\rarext.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\WinRAR\\rarext.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\WinRAR\\rarext.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\WinRAR\\rarext.dll")'>Delete via BC</a><TD>WinRAR shell extension<TD>WinRAR shell extension<TD>Copyright © Alexander Roshal 1993-2014<TD>{B41DB860-8EE4-11D2-9906-E49FADC173CA}<br><font size=-2> <a href='Javascript:add_scr_clsid("{B41DB860-8EE4-11D2-9906-E49FADC173CA}")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info"></a><TD>WinRAR shell extension<TD><TD><TD>{B41DB860-64E4-11D2-9906-E49FADC173CA}<br><font size=-2> <a href='Javascript:add_scr_clsid("{B41DB860-64E4-11D2-9906-E49FADC173CA}")'>Delete</a>
<TR bgColor="#00CC66"><TD colspan=7> Items found - 17, recognized as trusted - 14
</TABLE>
<H2 align=center>Printing system extensions (print monitors, providers)</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Type<TD align=center><b><font color=White>Name<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">EP0SLM01.DLL</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("EP0SLM01.DLL")'>Quarantine</a>, <a href='Javascript:add_scr_d("EP0SLM01.DLL","32")'>Delete</a>, <a href='Javascript:add_scr_db("EP0SLM01.DLL")'>Delete via BC</a><TD>Monitor<TD>Epson Inbox Language Monitor01<TD><TD>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">localspl.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("localspl.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("localspl.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("localspl.dll")'>Delete via BC</a><TD>Monitor<TD>Local Port<TD><TD>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">FXSMON.DLL</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("FXSMON.DLL")'>Quarantine</a>, <a href='Javascript:add_scr_d("FXSMON.DLL","32")'>Delete</a>, <a href='Javascript:add_scr_db("FXSMON.DLL")'>Delete via BC</a><TD>Monitor<TD>Microsoft Shared Fax Monitor<TD><TD>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">tcpmon.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("tcpmon.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("tcpmon.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("tcpmon.dll")'>Delete via BC</a><TD>Monitor<TD>Standard TCP/IP Port<TD><TD>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">usbmon.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("usbmon.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("usbmon.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("usbmon.dll")'>Delete via BC</a><TD>Monitor<TD>USB Monitor<TD><TD>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">WSDMon.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("WSDMon.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("WSDMon.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("WSDMon.dll")'>Delete via BC</a><TD>Monitor<TD>WSD Port<TD><TD>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">inetpp.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("inetpp.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("inetpp.dll","32")'>Delete</a>, <a href='Javascript:add_scr_db("inetpp.dll")'>Delete via BC</a><TD>Provider<TD>HTTP Print Services<TD><TD>
<TR bgColor="#00CC66"><TD colspan=7> Items found - 8, recognized as trusted - 1
</TABLE>
<H2 align=center>Task Scheduler jobs</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Job name<TD align=center><b><font color=White>Job state<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer<TD align=center><b><font color=White>Path<TD align=center><b><font color=White>Command line
<TR bgColor="#ffc06d"><TD>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe")'>Delete via BC</a><TD>Adobe Acrobat Update Task<br><font size=-2>Script: <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Tasks\\Adobe Acrobat Update Task","64")'>Delete</a><TD><TD><TD><TD>C:\Windows\system32\Tasks\<TD> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
<TR bgColor="#ffc06d"><TD>C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe")'>Delete via BC</a><TD>AdobeAAMUpdater-1.0-MISA-testy<br><font size=-2>Script: <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Tasks\\AdobeAAMUpdater-1.0-MISA-testy","64")'>Delete</a><TD><TD><TD><TD>C:\Windows\system32\Tasks\<TD> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
<TR bgColor="#ffc06d"><TD>C:\Program Files\CCleaner\CCleaner.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files\\CCleaner\\CCleaner.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files\\CCleaner\\CCleaner.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files\\CCleaner\\CCleaner.exe")'>Delete via BC</a><TD>CCleanerSkipUAC<br><font size=-2>Script: <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Tasks\\CCleanerSkipUAC","64")'>Delete</a><TD><TD>CCleaner<TD>Copyright © 2005-2015 Piriform Ltd<TD>C:\Windows\system32\Tasks\<TD> "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
<TR bgColor="#ffc06d"><TD> aitagent <br><font size=-2>Script: <a href='Javascript:add_scr_k("aitagent")'>Quarantine</a>, <a href='Javascript:add_scr_d("aitagent","32")'>Delete</a>, <a href='Javascript:add_scr_db("aitagent")'>Delete via BC</a><TD>AitAgent<br><font size=-2>Script: <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Tasks\\Microsoft\\Windows\\Application Experience\\AitAgent","64")'>Delete</a><TD><TD><TD><TD>C:\Windows\system32\Tasks\Microsoft\Windows\Application Experience\<TD> aitagent
<TR bgColor="#ffc06d"><TD>C:\Windows\ehome\mcupdate<br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\ehome\\mcupdate")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\ehome\\mcupdate","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\ehome\\mcupdate")'>Delete via BC</a><TD>mcupdate<br><font size=-2>Script: <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Tasks\\Microsoft\\Windows\\Media Center\\mcupdate","64")'>Delete</a><TD><TD><TD><TD>C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\<TD> %SystemRoot%\ehome\mcupdate $(Arg0)
<TR bgColor="#ffc06d"><TD>C:\Windows\ehome\ehrec<br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\ehome\\ehrec")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\ehome\\ehrec","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\ehome\\ehrec")'>Delete via BC</a><TD>RecordingRestart<br><font size=-2>Script: <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Tasks\\Microsoft\\Windows\\Media Center\\RecordingRestart","64")'>Delete</a><TD><TD><TD><TD>C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\<TD> %SystemRoot%\ehome\ehrec /RestartRecording
<TR bgColor="#ffc06d"><TD>C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InputPersonalization.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\InputPersonalization.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\InputPersonalization.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\InputPersonalization.exe")'>Delete via BC</a><TD>InputPersonalization<br><font size=-2>Script: <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Tasks\\Microsoft\\Windows\\TabletPC\\InputPersonalization","64")'>Delete</a><TD><TD><TD><TD>C:\Windows\system32\Tasks\Microsoft\Windows\TabletPC\<TD> %CommonProgramFiles%\Microsoft Shared\Ink\InputPersonalization.exe
<TR bgColor="#ffc06d"><TD>C:\Program Files (x86)\NCH Software\ClickCharts\ClickCharts.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\NCH Software\\ClickCharts\\ClickCharts.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\NCH Software\\ClickCharts\\ClickCharts.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\NCH Software\\ClickCharts\\ClickCharts.exe")'>Delete via BC</a><TD>ClickChartsSevenDays<br><font size=-2>Script: <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Tasks\\NCH Software\\ClickChartsSevenDays","64")'>Delete</a><TD><TD>ClickCharts Diagram Flowchart Software<TD>NCH Software<TD>C:\Windows\system32\Tasks\NCH Software\<TD> C:\Program Files (x86)\NCH Software\ClickCharts\ClickCharts.exe -sevendays
<TR bgColor="#ffc06d"><TD>C:\Users\testy\AppData\Roaming\winlogon.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Users\\testy\\AppData\\Roaming\\winlogon.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Users\\testy\\AppData\\Roaming\\winlogon.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Users\\testy\\AppData\\Roaming\\winlogon.exe")'>Delete via BC</a><TD>PCI Monitor<br><font size=-2>Script: <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Tasks\\PCI Monitor","64")'>Delete</a><TD><TD><TD><TD>C:\Windows\system32\Tasks\<TD> "C:\Users\testy\AppData\Roaming\winlogon.exe" $(Arg0)
<TR bgColor="#ffc06d"><TD>C:\Program Files (x86)\PCI Monitor\pcimon.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\PCI Monitor\\pcimon.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\PCI Monitor\\pcimon.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\PCI Monitor\\pcimon.exe")'>Delete via BC</a><TD>PCI Monitor Task<br><font size=-2>Script: <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Tasks\\PCI Monitor Task","64")'>Delete</a><TD><TD><TD><TD>C:\Windows\system32\Tasks\<TD> "C:\Program Files (x86)\PCI Monitor\pcimon.exe" $(Arg0)
<TR bgColor="#ffc06d"><TD>C:\Users\testy\FrostWire\Torrent Data\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch\Sims3_1.0.632.00002_from_1.0.631.00002.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Users\\testy\\FrostWire\\Torrent Data\\The Sims 3 - Razor1911 Final MAXSPEED\\Final Version Patch\\Sims3_1.0.632.00002_from_1.0.631.00002.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Users\\testy\\FrostWire\\Torrent Data\\The Sims 3 - Razor1911 Final MAXSPEED\\Final Version Patch\\Sims3_1.0.632.00002_from_1.0.631.00002.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Users\\testy\\FrostWire\\Torrent Data\\The Sims 3 - Razor1911 Final MAXSPEED\\Final Version Patch\\Sims3_1.0.632.00002_from_1.0.631.00002.exe")'>Delete via BC</a><TD>{692944FA-6411-4ACA-9363-44DB6FED9803}<br><font size=-2>Script: <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Tasks\\{692944FA-6411-4ACA-9363-44DB6FED9803}","64")'>Delete</a><TD><TD>Setup.exe<TD>Copyright © 2008 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.<TD>C:\Windows\system32\Tasks\<TD> C:\Windows\system32\pcalua.exe -a "C:\Users\testy\FrostWire\Torrent Data\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch\Sims3_1.0.632.00002_from_1.0.631.00002.exe" -d "C:\Users\testy\FrostWire\Torrent Data\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch"
<TR bgColor="#ffc06d"><TD>C:\Users\testy\FrostWire\Torrent Data\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch<br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Users\\testy\\FrostWire\\Torrent Data\\The Sims 3 - Razor1911 Final MAXSPEED\\Final Version Patch")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Users\\testy\\FrostWire\\Torrent Data\\The Sims 3 - Razor1911 Final MAXSPEED\\Final Version Patch","32")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Users\\testy\\FrostWire\\Torrent Data\\The Sims 3 - Razor1911 Final MAXSPEED\\Final Version Patch")'>Delete via BC</a><TD>{692944FA-6411-4ACA-9363-44DB6FED9803}<br><font size=-2>Script: <a href='Javascript:add_scr_d("C:\\Windows\\system32\\Tasks\\{692944FA-6411-4ACA-9363-44DB6FED9803}","64")'>Delete</a><TD><TD><TD><TD>C:\Windows\system32\Tasks\<TD> C:\Windows\system32\pcalua.exe -a "C:\Users\testy\FrostWire\Torrent Data\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch\Sims3_1.0.632.00002_from_1.0.631.00002.exe" -d "C:\Users\testy\FrostWire\Torrent Data\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch"
<TR bgColor="#00CC66"><TD colspan=7> Items found - 72, recognized as trusted - 60
</TABLE>
<H2 align=center>SPI/LSP settings</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<B>Namespace providers (NSP)
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Manufacturer<TD align=center><b><font color=White>Status<TD align=center><b><font color=White>EXE file<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>GUID
<TR bgColor="#00CC66"><TD colspan=7>Detected - 7, recognized as trusted - 7
</TABLE>
<B>Transport protocol providers (TSP, LSP)</B>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Manufacturer<TD align=center><b><font color=White>EXE file<TD align=center><b><font color=White>Description
<TR bgColor="#00CC66"><TD colspan=7>Detected - 10, recognized as trusted - 10
</TABLE>
<B>Results of automatic SPI settings check</B>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0><pre>
LSP settings checked. No errors detected
</pre></TABLE>
<H2 align=center>TCP/UDP ports</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Port<TD align=center><b><font color=White>Status<TD align=center><b><font color=White>Remote Host<TD align=center><b><font color=White>Remote Port<TD align=center><b><font color=White>Application<TD align=center><b><font color=White>Notes
<TR bgColor="#ffc06d"><TD colspan=7><b>TCP ports
<TR bgColor="#ffc06d"><TD>139<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[4] System.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("System.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("System.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("System.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>445<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[4] System.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("System.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("System.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("System.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>554<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[3896] wmpnetwk.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("wmpnetwk.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("wmpnetwk.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("wmpnetwk.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("wmpnetwk.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>2861<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[4] System.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("System.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("System.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("System.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>2869<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[4] System.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("System.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("System.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("System.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>2869<TD>TIME_WAIT<TD>192.168.1.10<TD>59448<TD><a href="" title="error getting file info">[0] </a><TD>
<TR bgColor="#ffc06d"><TD>2869<TD>ESTABLISHED<TD>192.168.1.10<TD>59449<TD><a href="" title="error getting file info">[4] System.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("System.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("System.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("System.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>5354<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[1564] mDNSResponder.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("mDNSResponder.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("mDNSResponder.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("mDNSResponder.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("mDNSResponder.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>5354<TD>ESTABLISHED<TD>127.0.0.1<TD>49156<TD><a href="" title="error getting file info">[1564] mDNSResponder.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("mDNSResponder.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("mDNSResponder.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("mDNSResponder.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("mDNSResponder.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>5354<TD>ESTABLISHED<TD>127.0.0.1<TD>49157<TD><a href="" title="error getting file info">[1564] mDNSResponder.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("mDNSResponder.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("mDNSResponder.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("mDNSResponder.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("mDNSResponder.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>5357<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[4] System.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("System.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("System.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("System.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>10243<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[4] System.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("System.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("System.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("System.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>49154<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[520] lsass.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("lsass.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("lsass.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("lsass.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("lsass.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>49159<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[1328] spoolsv.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("spoolsv.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("spoolsv.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("spoolsv.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("spoolsv.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>49161<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[480] services.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("services.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("services.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("services.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("services.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>63280<TD>TIME_WAIT<TD>74.125.1.21<TD>443<TD><a href="" title="error getting file info">[0] </a><TD>
<TR bgColor="#ffc06d"><TD colspan=7><b>UDP ports
<TR bgColor="#ffc06d"><TD>137<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[4] System.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("System.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("System.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("System.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>138<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[4] System.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("System.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("System.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("System.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>5004<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[3896] wmpnetwk.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("wmpnetwk.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("wmpnetwk.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("wmpnetwk.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("wmpnetwk.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>5005<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[3896] wmpnetwk.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("wmpnetwk.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("wmpnetwk.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("wmpnetwk.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("wmpnetwk.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>5353<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[1564] mDNSResponder.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("mDNSResponder.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("mDNSResponder.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("mDNSResponder.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("mDNSResponder.exe")'>Terminate</a><TD>
<TR bgColor="#ffc06d"><TD>49154<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[1564] mDNSResponder.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("mDNSResponder.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("mDNSResponder.exe","32")'>Delete</a>, <a href='Javascript:add_scr_db("mDNSResponder.exe")'>Delete via BC</a>, <a href='Javascript:add_scr_t("mDNSResponder.exe")'>Terminate</a><TD>
</TABLE>
<H2 align=center>Downloaded Program Files (DPF)</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer<TD align=center><b><font color=White>CLSID<TD align=center><b><font color=White>Source URL
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info"></a><TD><TD><TD>{7530BFB8-7293-4D34-9923-61A11451AFC5}<br><font size=-2> <a href='Javascript:add_scr_dpf("{7530BFB8-7293-4D34-9923-61A11451AFC5}")'>Delete</a><TD>
http://download.eset...lineScanner.cab
<TR bgColor="#00CC66"><TD colspan=7> Items found - 4, recognized as trusted - 3
</TABLE>
<H2 align=center>Control Panel Applets (CPL)</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer
<TR bgColor="#00CC66"><TD colspan=7> Items found - 18, recognized as trusted - 18
</TABLE>
<H2 align=center>Active Setup</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer<TD align=center><b><font color=White>CLSID
<TR bgColor="#00CC66"><TD colspan=7> Items found - 8, recognized as trusted - 8
</TABLE>
<H2 align=center>HOSTS file</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Hosts file record
</TABLE>
<H2 align=center>Protocols and handlers</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Type<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer<TD align=center><b><font color=White>CLSID
<TR bgColor="#00CC66"><TD colspan=7> Items found - 10, recognized as trusted - 10
</TABLE>
<H2 align=center>Shared resources</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Network name<TD align=center><b><font color=White>Path<TD align=center><b><font color=White>Notes
<TR bgColor="#ffc06d">
<TD>ADMIN$<TD>C:\Windows<TD>Remote Admin
<TR bgColor="#ffc06d">
<TD>C$<TD>C:\<TD>Default share
<TR bgColor="#ffc06d">
<TD>Epson ESC/P-R<TD>Epson ESC/P-R,LocalsplOnly<TD>Epson ESC/P-R
<TR bgColor="#ffc06d">
<TD>IPC$<TD><TD>Remote IPC
<TR bgColor="#ffc06d">
<TD>My Apps<TD>C:\ProgramData\BlueStacks\UserData\Library\My Apps<TD>
<TR bgColor="#ffc06d">
<TD>print$<TD>C:\Windows\system32\spool\drivers<TD>Printer Drivers
<TR bgColor="#ffc06d">
<TD>Users<TD>C:\Users<TD>
</TABLE>
<H2 align=center>Suspicious objects</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Type
</TABLE>
<BR><HR></B></I>
<PRE>
AVZ Antiviral Toolkit log; AVZ version is 4.43
Scanning started at 31.03.2015 20:21:37
Database loaded: signatures - 297605, NN profile(s) - 2, malware removal microprograms - 56, signature database released 31.03.2015 16:00
Heuristic microprograms loaded: 410
PVS microprograms loaded: 9
Digital signatures of system files loaded: 729510
Heuristic analyzer mode: Medium heuristics mode
Malware removal mode: enabled
Windows version is: 6.1.7601, Service Pack 1 "Windows 7 Professional" ; AVZ is run with administrator rights
System Restore: enabled
1. Searching for Rootkits and other software intercepting API functions
1.1 Searching for user-mode API hooks
Analysis: kernel32.dll, export table found in section .text
Analysis: ntdll.dll, export table found in section .text
Analysis: user32.dll, export table found in section .text
Analysis: advapi32.dll, export table found in section .text
Analysis: ws2_32.dll, export table found in section .text
Analysis: wininet.dll, export table found in section .text
Analysis: rasapi32.dll, export table found in section .text
Analysis: urlmon.dll, export table found in section .text
Analysis: netapi32.dll, export table found in section .text
1.2 Searching for kernel-mode API hooks
Error loading driver - operation interrupted [C000036B]
1.4 Searching for masking processes and drivers
Checking not performed: extended monitoring driver (AVZPM) is not installed
1.5 Checking IRP handlers
Error loading driver - operation interrupted [C000036B]
2. Scanning RAM
Number of processes found: 21
Number of modules loaded: 282
Scanning RAM - complete
3. Scanning disks
Direct reading: C:\Users\testy\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.tmp
4. Checking Winsock Layered Service Provider (SPI/LSP)
LSP settings checked. No errors detected
5. Searching for keyboard/mouse/windows events hooks (Keyloggers, Trojan DLLs)
Checking - disabled by user
6. Searching for opened TCP/UDP ports used by malicious software
Checking - disabled by user
7. Heuristic system check
Checking - complete
8. Searching for vulnerabilities
>> Services: potentially dangerous service allowed: TermService (Remote Desktop Services)
>> Services: potentially dangerous service allowed: SSDPSRV (SSDP Discovery)
>> Services: potentially dangerous service allowed: Schedule (Task Scheduler)
> Services: please bear in mind that the set of services depends on the use of the PC (home PC, office PC connected to corporate network, etc)!
>> Security: disk drives' autorun is enabled
>> Security: administrative shares (C$, D$ ...) are enabled
>> Security: anonymous user access is enabled
>> Security: sending Remote Assistant queries is enabled
Checking - complete
9. Troubleshooting wizard
>> HDD autorun is allowed
>> Network drives autorun is allowed
>> Removable media autorun is allowed
Checking - complete
Files scanned: 105270, extracted from archives: 55584, malicious software found 0, suspicions - 0
Scanning finished at 31.03.2015 20:46:21
Time of scanning: 00:24:45
If you have a suspicion on presence of viruses or questions on the suspected objects,
Creating archive of files from Quarantine
Creating archive of files from Quarantine - complete
System Analysis in progress
Network diagnostics
DNS and Ping test
Host="yandex.ru", IP="93.158.134.8,87.250.250.8,77.88.21.11,87.250.251.11", Ping=OK (0,159,93.158.134.8)
Host="google.ru", IP="24.226.15.84,24.226.15.114,24.226.15.99,24.226.15.89,24.226.15.104,24.226.15.108,24.226.15.109,24.226.15.93,24.226.15.118,24.226.15.103,24.226.15.98,24.226.15.113,24.226.15.94,24.226.15.88,24.226.15.123,24.226.15.119", Ping=OK (0,14,24.226.15.84)
Host="google.com", IP="24.226.16.158,24.226.16.152,24.226.16.153,24.226.16.187,24.226.16.183,24.226.16.173,24.226.16.177,24.226.16.167,24.226.16.163,24.226.16.178,24.226.16.172,24.226.16.168,24.226.16.157,24.226.16.148,24.226.16.162,24.226.16.182", Ping=OK (0,20,24.226.16.158)
Host="www.kaspersky.com", IP="4.59.181.209", Ping=OK (0,20,4.59.181.209)
Host="www.kaspersky.ru", IP="4.59.181.212", Ping=OK (0,22,4.59.181.212)
Host="dnl-03.geo.kaspersky.com", IP="4.28.136.39", Ping=OK (0,21,4.28.136.39)
Host="dnl-11.geo.kaspersky.com", IP="38.117.98.199", Ping=OK (0,13,38.117.98.199)
Host="activation-v2.kaspersky.com", IP="4.59.181.141", Ping=Error (11010,0,0.0.0.0)
Host="odnoklassniki.ru", IP="217.20.147.94", Ping=OK (0,146,217.20.147.94)
Host="vk.com", IP="87.240.131.117,87.240.131.118,87.240.143.241", Ping=OK (0,141,87.240.131.117)
Host="vkontakte.ru", IP="95.213.4.242,95.213.4.243,95.213.4.241", Ping=OK (0,149,95.213.4.242)
Host="twitter.com", IP="199.16.156.70,199.16.156.102,199.16.156.230,199.16.156.198", Ping=OK (0,52,199.16.156.70)
Host="facebook.com", IP="173.252.120.6", Ping=OK (0,49,173.252.120.6)
Host="ru-ru.facebook.com", IP="31.13.71.1", Ping=OK (0,29,31.13.71.1)
Network IE settings
IE setting AutoConfigURL=
IE setting AutoConfigProxy=wininet.dll
IE setting ProxyOverride=*.local
IE setting ProxyServer=
IE setting Internet\ManualProxies=
Network TCP/IP settings
Network Persistent Routes
<br> System Analysis - complete
<br>
<b>Script commands</b><form name="ScriptForm"> <textarea rows=10 cols=80 name="CureScript"></textarea></form>
Add commands to script:<br><ul><li><a href='Javascript:add_scr_line("SearchRootkit(true, true);", 1)'>Blocking hooks using Anti-Rootkit</a><br><li><a href='Javascript:add_scr_line("SetAVZGuardStatus(True);", 1)'>Enable AVZGuard</a><br><li><a href='Javascript:add_scr_line("SetAVZPMStatus(True);", 1)'>Operations with AVZPM (true=enable,false=disable)</a><br><li><a href='Javascript:add_scr_line("BC_ImportDeletedList;", 0)'>BootCleaner - import list of deleted files</a><br><li><a href='Javascript:add_scr_line("BC_ImportAll;", 0)'>BootCleaner - import all</a><br><li><a href='Javascript:add_scr_line("ExecuteSysClean;", 0)'>Remove traces of deleted files</a><br><li><a href='Javascript:add_scr_line_q("%45%78%65%63%75%74%65%57%69%7A%61%72%64%28%27%54%53%57%27%2C%32%2C%33%2C%74%72%75%65%29%3B", 0)'>ExecuteWizard ('TSW',2,3,true) - Running Troubleshooting wizard</a><br><li><a href='Javascript:add_scr_line("BC_Activate;", 0)'>BootCleaner - activate</a><br><li><a href='Javascript:add_scr_line("RebootWindows(true);", 0)'>Reboot</a><br><li><a href='Javascript:add_scr_line_q("%51%75%61%72%61%6E%74%69%6E%65%46%69%6C%65%28%27%27%2C%27%27%29%3B", 1)'>Insert template for QuarantineFile() - quarantining a file</a><br><li><a href='Javascript:add_scr_line_q("%42%43%5F%51%72%46%69%6C%65%28%27%27%29%3B", 1)'>Insert template for BC_QrFile() - quarantining file via BootCleaner</a><br><li><a href='Javascript:add_scr_line_q("%44%65%6C%65%74%65%46%69%6C%65%28%27%27%29%3B", 1)'>Insert template for DeleteFile() - deleting a file</a><br><li><a href='Javascript:add_scr_line_q("%44%65%6C%43%4C%53%49%44%28%27%27%29%3B", 1)'>Insert template for DelCLSID() - removing a CLSID item from registry</a><br></ul>Additional operations:<ul><li><a href='Javascript:add_scr_line_q("%53%65%74%53%65%72%76%69%63%65%53%74%61%72%74%28%27%54%65%72%6D%53%65%72%76%69%63%65%27%2C%20%34%29%3B", 1)'>Performance tweaking: disable service TermService (Remote Desktop Services)</a><br><li><a href='Javascript:add_scr_line_q("%53%65%74%53%65%72%76%69%63%65%53%74%61%72%74%28%27%53%53%44%50%53%52%56%27%2C%20%34%29%3B", 1)'>Performance tweaking: disable service SSDPSRV (SSDP Discovery)</a><br><li><a href='Javascript:add_scr_line_q("%53%65%74%53%65%72%76%69%63%65%53%74%61%72%74%28%27%53%63%68%65%64%75%6C%65%27%2C%20%34%29%3B", 1)'>Performance tweaking: disable service Schedule (Task Scheduler)</a><br><li><a href='Javascript:add_scr_line_q("%52%65%67%4B%65%79%49%6E%74%50%61%72%61%6D%57%72%69%74%65%28%27%48%4B%45%59%5F%4C%4F%43%41%4C%5F%4D%41%43%48%49%4E%45%27%2C%20%27%53%79%73%74%65%6D%5C%5C%43%75%72%72%65%6E%74%43%6F%6E%74%72%6F%6C%53%65%74%5C%5C%53%65%72%76%69%63%65%73%5C%5C%43%44%52%4F%4D%27%2C%27%41%75%74%6F%52%75%6E%27%2C%20%30%29%3B", 1)'>Security tweaking: disable CD autorun</a><br><li><a href='Javascript:add_scr_line_q("%52%65%67%4B%65%79%49%6E%74%50%61%72%61%6D%57%72%69%74%65%28%27%48%4B%45%59%5F%4C%4F%43%41%4C%5F%4D%41%43%48%49%4E%45%27%2C%20%27%53%79%73%74%65%6D%5C%5C%43%75%72%72%65%6E%74%43%6F%6E%74%72%6F%6C%53%65%74%5C%5C%53%65%72%76%69%63%65%73%5C%5C%4C%61%6E%6D%61%6E%53%65%72%76%65%72%5C%5C%50%61%72%61%6D%65%74%65%72%73%27%2C%27%41%75%74%6F%53%68%61%72%65%57%6B%73%27%2C%20%30%29%3B", 1)'>Security tweaking: disable administrative shares</a><br><li><a href='Javascript:add_scr_line_q("%52%65%67%4B%65%79%49%6E%74%50%61%72%61%6D%57%72%69%74%65%28%27%48%4B%45%59%5F%4C%4F%43%41%4C%5F%4D%41%43%48%49%4E%45%27%2C%20%27%53%59%53%54%45%4D%5C%5C%43%75%72%72%65%6E%74%43%6F%6E%74%72%6F%6C%53%65%74%5C%5C%43%6F%6E%74%72%6F%6C%5C%5C%4C%53%41%27%2C%27%52%65%73%74%72%69%63%74%41%6E%6F%6E%79%6D%6F%75%73%27%2C%20%32%29%3B", 1)'>Security tweaking: disable anonymous user access</a><br><li><a href='Javascript:add_scr_line_q("%52%65%67%4B%65%79%49%6E%74%50%61%72%61%6D%57%72%69%74%65%28%27%48%4B%45%59%5F%4C%4F%43%41%4C%5F%4D%41%43%48%49%4E%45%27%2C%20%27%53%59%53%54%45%4D%5C%5C%43%6F%6E%74%72%6F%6C%53%65%74%30%30%31%5C%5C%43%6F%6E%74%72%6F%6C%5C%5C%52%65%6D%6F%74%65%20%41%73%73%69%73%74%61%6E%63%65%27%2C%27%66%41%6C%6C%6F%77%54%6F%47%65%74%48%65%6C%70%27%2C%20%30%29%3B", 1)'>Security: disable sending Remote Assistant queries</a><br></ul><hr>
<b>File list</b><form name="FilesForm"> <textarea rows=10 cols=80 name="FileList"></textarea></form>
</BODY></HTML>
Edited by Shruikan66, 01 April 2015 - 06:35 AM.