- C:\Windows\F1VPIJD6\DQ6GG2H6.cfg Win32/DelShad.B trojan cleaned by deleting
Processes
Register(Greatis Software LLC -> Greatis Software, LLC) C:\Windows\F1VPIJD6\SU10Guard.exe
(Greatis Software LLC -> Greatis Software, LLC) C:\Program Files (x86)\StopUpdates10\SU10Guard.exe
Image File Execution Options (IFEO) regels[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\ADMX_StartMenu\NoWindowsUpdate]
"Behavior"=dword:00000050
"mergealgorithm"=dword:00000003
"policytype"=dword:00000001
"RegKeyPathRedirect"="Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer"
"RegValueNameRedirect"="NoWindowsUpdate"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoWindowsUpdate"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoWindowsUpdate"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SU10Guard]
"DelayedAutoStart"=dword:00000001
"Type"=dword:00000010
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,\
20,00,46,00,69,00,6c,00,65,00,73,00,20,00,28,00,78,00,38,00,36,00,29,00,5c,\
00,53,00,74,00,6f,00,70,00,55,00,70,00,64,00,61,00,74,00,65,00,73,00,31,00,\
30,00,5c,00,53,00,55,00,31,00,30,00,47,00,75,00,61,00,72,00,64,00,2e,00,65,\
00,78,00,65,00,00,00
"DisplayName"="StopUpdates10 Guard"
"WOW64"=dword:0000014c
"ObjectName"="LocalSystem"
"Description"="StopUpdates10 permanently blocks Windows Update service"
Code: Selecteer alles
IFEO\dismHost.exe: [Debugger] *
IFEO\EOSNOTIFY.EXE: [Debugger] *
IFEO\InstallAgent.exe: [Debugger] *
IFEO\LogTransport2.exe: [Debugger] 0
IFEO\MusNotification.exe: [Debugger] *
IFEO\MUSNOTIFICATIONUX.EXE: [Debugger] *
IFEO\remsh.exe: [Debugger] *
IFEO\SIHClient.exe: [Debugger] *
IFEO\UpdateAssistant.exe: [Debugger] *
IFEO\UPFC.EXE: [Debugger] *
IFEO\UsoClient.exe: [Debugger] *
IFEO\WaaSMedic.exe: [Debugger] *
IFEO\WaasMedicAgent.exe: [Debugger] *
IFEO\Windows10Upgrade.exe: [Debugger] *
IFEO\WINDOWS10UPGRADERAPP.EXE: [Debugger] *
R2 SU10Guard; C:\Windows\F1VPIJD6\SU10Guard.exe [72776 2020-05-30] (Greatis Software LLC -> Greatis Software, LLC)
R2 SU10Guard; C:\Program Files (x86)\StopUpdates10\SU10Guard.exe [72032 2021-07-06] (Greatis Software LLC -> Greatis Software, LLC)