Trojan.KillFiles.17664

Technical Information

To ensure autorun and distribution:

Creates the following services:

[<HKLM>\SYSTEM\ControlSet001\services\sppsvc] 'Start' = '00000002'

Malicious functions:

Executes the following:

'<SYSTEM32>\Wat\WatAdminSvc.exe'
'<SYSTEM32>\slui.exe' -Embedding
'<SYSTEM32>\sppsvc.exe'
'<SYSTEM32>\makecab.exe' %WINDIR%\Logs\CBS\CbsPersist_20140807121057.log %WINDIR%\Logs\CBS\CbsPersist_20140807121057.cab
'<SYSTEM32>\Wat\WatAdminSvc.exe' /run
'<SYSTEM32>\systeminfo.exe'
'%WINDIR%\servicing\TrustedInstaller.exe'

Injects code into

the following system processes:

%WINDIR%\Explorer.EXE

Modifies file system :

Creates the following files:

%WINDIR%\Logs\CBS\CbsPersist_20140807121057.cab
%WINDIR%\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C24EC5BDAF13613245B4CECC3DE91DC6
%WINDIR%\Temp\cab_4376_6
%WINDIR%\Temp\cab_4376_5
%WINDIR%\ServiceProfiles\NetworkService\AppData\Local\Temp\CabDE5.tmp
%WINDIR%\ServiceProfiles\NetworkService\AppData\Local\Temp\CabE06.tmp
%WINDIR%\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C24EC5BDAF13613245B4CECC3DE91DC6
%WINDIR%\Temp\tmpEA10.tmp
<SYSTEM32>\config\COMPONENTS{6cced2ec-6e01-11de-8bed-001e0bcd1824}.TxR.blf
<SYSTEM32>\config\COMPONENTS{6cced2ec-6e01-11de-8bed-001e0bcd1824}.TxR.0.regtrans-ms
%TEMP%\~529181.tmp
%WINDIR%\Temp\cab_4376_2
%WINDIR%\Temp\cab_4376_3
%WINDIR%\Temp\cab_4376_4
<SYSTEM32>\config\COMPONENTS{6cced2ec-6e01-11de-8bed-001e0bcd1824}.TxR.1.regtrans-ms
<SYSTEM32>\config\COMPONENTS{6cced2ec-6e01-11de-8bed-001e0bcd1824}.TxR.2.regtrans-ms

Deletes the following files:

%WINDIR%\Logs\CBS\CbsPersist_20140807121057.log
%WINDIR%\Temp\cab_4376_6
%WINDIR%\Temp\tmpEA10.tmp
%WINDIR%\ServiceProfiles\NetworkService\AppData\Local\Temp\CabE06.tmp
%WINDIR%\ServiceProfiles\NetworkService\AppData\Local\Temp\CabDE5.tmp
%WINDIR%\Temp\cab_4376_2
%TEMP%\~529181.tmp
%WINDIR%\Temp\cab_4376_3
%WINDIR%\Temp\cab_4376_5
%WINDIR%\Temp\cab_4376_4

Deletes itself.

Network activity:

Connects to:

'20#.#6.232.182':80
'ct###.#indowsupdate.com':80
'20#.#6.232.49':80

TCP:

HTTP GET requests:

20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_121_process_lin_bin
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_120_process_l2_bin
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_122_process_lotroclient_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_124_process_maplestory_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_123_process_magent_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_119_process_InphaseNXD_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_115_process_ge_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_114_process_gc_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_116_process_GVOnline_bin
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_118_process_httplook_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_117_process_gw_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_132_process_TwelveSky2_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_131_process_sro_client_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_133_process_winbaram_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_135_process_wow_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_134_process_woool_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_130_process_so3d_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_126_process_Mir3Game_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_125_process_MCAGENT_EXE
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_127_process_Ragexe_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_129_process_smc_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_128_process_RagFree_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_113_process_elementclient_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_98_process_startclient7_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_97_process_sgbclient_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_99_process_tiny_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_101_process_UniStream_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_100_process_translink_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_96_process_rclient_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_92_process_kb_cli_ex
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_91_process_ISClient_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_93_process_kb_cli_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_95_process_oncbcli_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_94_process_loadmain_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_109_process_cabalmain_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_108_process_safari_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_110_process_ccapp_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_112_process_dnf_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_111_process_dekaron_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_107_process_opera_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_103_process_webmoney_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_102_process_wclnt_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_104_process_chrome_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_106_process_iexplore_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_105_process_firefox_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_136_process_ybclient_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_167_process_<Auxiliary name>_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_166_process_conhost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_168_process_cmd_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_170_process_conhost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_169_process_WatAdminSvc_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_165_process_schtasks_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_161_process_conhost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_160_process_WindowsKiller_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_162_process_mmover_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_164_process_<Auxiliary name>_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_163_process_conhost_exe
20#.#6.232.182/pki/crl/products/microsoftrootcert.crl
ct###.#indowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?fa##############
20#.#6.232.182/pki/crl/products/WinPCA.crl
ct###.#indowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?f7##############
20#.#6.232.182/fwlink/?Li###########
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_176_step_2
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_172_process_<Auxiliary name>32_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_171_process_<Auxiliary name>32_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_173_process_conhost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_175_process_systeminfo_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_174_process_conhost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_159_process_conhost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_144_process_qip_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_143_process_pidgin_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_145_process_skype_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_147_process_wsm_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_146_process_trillian_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_142_process_msnmsgr_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_138_process_googletalk_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_137_process_zlclient_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_139_process_ICQ_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_141_process_msn6_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_140_process_miranda32_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_155_process_conhost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_154_process_cmd_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_156_process_<Auxiliary name>_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_158_process_cscript_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_157_process_WmiPrvSE_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_153_process_ZZ__cd75efb816b2cc___exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_149_process_java_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_148_process_YahooMessenger_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_150_process_javaw_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_152_process_putty_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_151_process_ntvdm_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_30_process___cd75efb816b2cc___exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_29_process_thp_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_31_process_360tray_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_33_process_aion_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_32_process_ageofconan_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_28_process_svchost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_24_process_taskhost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_23_process_svchost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_25_process_dwm_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_27_process_svchost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_26_process_explorer_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_41_process_AVP_EXE
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_40_process_AVP_COM
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_42_process_AVP32_EXE
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_44_process_AVPM_EXE
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_43_process_AVPCC_EXE
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_39_process_AVGCTRL_EXE
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_35_process_ashAvast_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_34_process_ash_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_36_process_ashAvSrv_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_38_process_AVGCC32_EXE
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_37_process_avgcc_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_22_process_spoolsv_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_7_process_smss_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_6_process_System
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_8_process_csrss_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_10_process_csrss_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_9_process_wininit_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_5_process__System_Process_
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_1_step_0
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_0_started_ext_ALRRR_N_OSBBB_32_OSNNN_Windows_7_Ultimate_CNNN_BVNSEUHJ_UNNN_FFPXOMEV_EXXX_A19D102D0553B18A91145090037ACBD5_495616_C__bf32d3b0_<Auxiliary name>_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_2_step_1
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_4_mark_ok
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_3_already_ok
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_18_process_svchost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_17_process_svchost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_19_process_svchost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_21_process_svchost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_20_process_svchost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_16_process_svchost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_12_process_services_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_11_process_winlogon_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_13_process_lsass_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_15_process_svchost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_14_process_lsm_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_45_process_AVSYNMGR_EXE
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_76_process_bk_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_75_process_bclient_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_77_process_cbank_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_79_process_cbmain_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_78_process_cbmain_ex
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_74_process_bc_loader_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_70_process_zapro_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_69_process_spidernt_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_71_process_ZONEALARM_EXE
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_73_process_BBClient_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_72_process_bankcl_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_87_process_elbank_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_86_process_el_cli_ex
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_88_process_inbank-start-ff_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_90_process_iscc_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_89_process_intpro_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_85_process_contactNG_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_81_process_clbank_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_80_process_cbsmain_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_82_process_client7_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_84_process_clntw32_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_83_process_clmain_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_68_process_outpost_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_53_process_Drwebupw_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_52_process_drweb386_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_54_process_Drwebwcl_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_56_process_egni_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_55_process_ecmd_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_51_process_Drweb32w_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_47_process_bdss_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_46_process_bdagent_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_48_process_bdsubmit_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_50_process_drweb_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_49_process_ClamWin_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_64_process_NAVAPW32_EXE
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_63_process_mpftray_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_65_process_netxray_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_67_process_nod32_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_66_process_nod_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_62_process_GUARD_EXE
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_58_process_fsav_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_57_process_ekrn_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_59_process_fsav32_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_61_process_fsavgui_exe
20#.#6.232.49/report_n_0003_451419FA2B04CA01-842594A98DB1CF01-E96F2B6A8AB1CF01-3C0A4B648AB1CF01_42564E534555484A_464650584F4D4556_CB7FD91C_DF4E5AE1_60_process_fsavaui_exe

UDP:

DNS ASK www.microsoft.com
DNS ASK go.###rosoft.com
DNS ASK ct###.#indowsupdate.com
DNS ASK crl.microsoft.com

Miscellaneous:

Searches for the following windows:

ClassName: 'Shell_TrayWnd' WindowName: ''

Tecnologie

Termini

Formazione ed informazione

Falsi miti

Technical Information

Curing recommendations

Free trial