Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Internet Security Suite - Revisited


  • This topic is locked This topic is locked

#1
tcjones76

tcjones76

    Member

  • Member
  • PipPip
  • 43 posts
I started a recovery topic for a Dell laptop back in December, but never made it through to completion. The laptop wasn't needed for a while, so it sat on a shelf. I would like to reopen the issue under this new topic. Essexboy was the last rep to assist. XP will boot up, but no internet access.

Thank you in advance.

OTL log below:

OTL logfile created on: 5/24/2011 10:23:12 AM - Run 4
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\David A. Quelle\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.21 Mb Total Physical Memory | 240.89 Mb Available Physical Memory | 47.21% Memory free
1.22 Gb Paging File | 0.95 Gb Available in Paging File | 77.68% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 24.31 Gb Free Space | 65.32% Space Free | Partition Type: NTFS
Drive E: | 3.74 Gb Total Space | 2.76 Gb Free Space | 73.79% Space Free | Partition Type: FAT32
Drive S: | 62.33 Gb Total Space | 46.75 Gb Free Space | 74.99% Space Free | Partition Type: NTFS

Computer Name: 8NHLQ71 | User Name: David A. Quelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/24 09:56:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David A. Quelle\Desktop\OTL.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/01/24 14:30:00 | 001,204,306 | ---- | M] (Venturi Wireless) -- c:\Program Files\Verizon Wireless\venturi\Client\VentC.exe


========== Modules (SafeList) ==========

MOD - [2011/05/24 09:56:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David A. Quelle\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare9)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2005/01/24 14:30:00 | 001,204,306 | ---- | M] (Venturi Wireless) [Auto | Running] -- c:\Program Files\Verizon Wireless\venturi\Client\VentC.exe -- (Venturi2)


========== Driver Services (SafeList) ==========

DRV - [2007/04/09 01:25:20 | 000,005,888 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PWCTLDRV.sys -- (PWCTLDRV)
DRV - [2007/04/06 03:49:26 | 000,039,808 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDWVsp.sys -- (PTDWVsp) Curitel PC Card Diagnostic Serial Port (UDP)
DRV - [2007/04/06 03:49:20 | 000,041,728 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDWMdm.sys -- (PTDWMdm) Curitel PC Card Drivers (UDP)
DRV - [2007/04/06 03:49:16 | 000,027,392 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDWBus.sys -- (PTDWBus) Curitel PC Card Composite Device driver (UDP)
DRV - [2005/02/23 15:19:08 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/11/15 16:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2002/11/26 15:54:58 | 000,016,936 | ---- | M] (Smith Micro Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMNDIS5.sys -- (SMNDIS5)
DRV - [2001/08/22 12:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25431



O1 HOSTS File: ([2010/12/08 13:52:21 | 000,002,783 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 188.124.7.188 www.google.com
O1 - Hosts: 188.124.7.188 google.com
O1 - Hosts: 188.124.7.188 google.com.au
O1 - Hosts: 188.124.7.188 www.google.com.au
O1 - Hosts: 188.124.7.188 google.be
O1 - Hosts: 188.124.7.188 www.google.be
O1 - Hosts: 188.124.7.188 google.com.br
O1 - Hosts: 188.124.7.188 www.google.com.br
O1 - Hosts: 188.124.7.188 google.ca
O1 - Hosts: 39 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (XML Class) - {500BCA15-57A7-4eaf-8143-8C619470B13D} - File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 6vmjHq9EdX = C:\Documents and Settings\All Users\Application Data\bwvsvgpc\pydsdepm.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 0 = msseces.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = MSASCui.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 2 = ekrn.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 3 = egui.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 4 = avgnt.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 5 = avcenter.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 6 = avscan.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 7 = avgfrw.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 8 = avgui.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 9 = avgtray.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 10 = avgscanx.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 11 = avgcfgex.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 12 = avgemc.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 13 = avgchsvx.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 14 = avgcmgr.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 15 = avgwdsvc.exe
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1193690031417 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1193690109008 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.252
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O27 - HKLM IFEO\_avp32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\_avpcc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\_avpm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\~1.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\~2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\a.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aAvgApi.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AAWTray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\About.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ackwin32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\adaware.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Ad-Aware.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\advxdwin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AdwarePrj.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agentsvr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agentw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alertsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alevir.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alogserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AlphaAV: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AlphaAV.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AluSchedulerSvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\amon9x.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntispywarXP2009.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\anti-trojan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Anti-Virus Professional.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\antivirus.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntiVirus_Pro.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusPlus: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusPlus.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusPro_2010.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusXP: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusXP.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\antivirusxppro2009.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ants.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\apimonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aplica32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\apvxdwin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\arr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Arrakis3.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashAvast.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashBug.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashChest.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashCnsnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashDisp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashLogV.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashMaiSv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashPopWz.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashQuick.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashServ.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSimp2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSimpl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSkPcc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSkPck.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashUpd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashWebSv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswChLic.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswRegSvr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswRunDll.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswUpdSv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atcon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atguard.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atro55en.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atupdater.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atwatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\au.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autodown.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\auto-protect.nav80try.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autotrace.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autoupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\av360.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avadmin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVCare.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avcenter.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avciman.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconfig.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconsol.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ave32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVENGINE.EXE: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcc32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgchk.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcsrvx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgctrl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgdumpx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgemc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgiproxy.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgnsx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgrsx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgscanx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgserv9.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgsrmax.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgtray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgupd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgwdsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkpop.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkservice.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkwctl9.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avltmain.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avmailc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avmcdlg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avnotify.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avp32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpcc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpdos32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avptc32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpupd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avsched32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avsynmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avupgsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVWEBGRD.EXE: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwin95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwinnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwsc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupd32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupsrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxmonitor9x.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxmonitornt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxquar.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\b.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\backweb.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bargains.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bd_professional.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdagent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdfvcl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdfvwiz.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDInProcPatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdmcon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDMsnScan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdreinit.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdsubwiz.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDSurvey.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdtkexec.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdwizreg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\beagle.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\belt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bidef.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bidserver.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bipcp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bipcpevalsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bisp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blackd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blackice.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blink.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blss.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bootconf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bootwarn.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\borg2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brasil.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brastk.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bs120.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bspatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bundle.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bvt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\c.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cavscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccapp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccevtmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccpxysvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccSvcHst.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cdp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfgwiz.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfiadmin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfiaudit.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfinet.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfinet32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpconfg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfplogvw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpupdat.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Cl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\claw95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\claw95cf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\clean.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleaner.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleaner3.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleanIELow.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleanpc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\click.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmd32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmdagent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmesys.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmgrdian.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmon016.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\connectionmonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\control: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpf9x206.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpfnt206.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\crashrep.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\csc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssconfg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssupdat.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssurf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ctrl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cwnb181.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cwntdwmo.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\d.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\datemanager.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dcomx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defalert.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defscangui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defwatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\deloeminfs.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\deputy.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\divx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dllcache.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dllreg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\doors.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dop.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpfsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpps2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\driverctrl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwatson.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drweb32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwebupw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dssagent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dvp95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dvp95_0.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ecengine.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\efpeadm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\egui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ekrn.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\emsw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\esafe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\escanhnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\escanv95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\espwatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ethereal.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\etrustcipe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\evpn.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\exantivirus-cnet.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\exe.avxw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\expert.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\explore.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fact.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-agnt95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fameh32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fast.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fch32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fih32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\findviru.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\firewall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fixcfg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fixfp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fnrb32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fprot.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-prot.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-prot95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fp-win.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fp-win_trial.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\frmwrk32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\frw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsaa.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav530stbyb.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav530wtbyb.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsgk32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsm32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsma32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsmb32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-stopw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gator.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbmenu.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbn976rl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbpoll.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\generics.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gmt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guard.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guarddog.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guardgui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hacktracersetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hbinst.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hbsrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\History.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\homeav2010.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hotactio.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hotpatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\htlog.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\htpatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hwpe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hxdl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hxiul.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamapp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamstats.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ibmasn.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ibmavsp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icload95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icloadnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icmon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icsupp95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icsuppnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Identity.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\idle.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iedll.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iedriver.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\IEShow.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iface.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ifw2000.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\inetlnfo.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\infus.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\infwin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\init.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\init32.exe : Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[1].exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[2].exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[3].exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[4].exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[5].exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\intdel.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\intren.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iomon98.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\istsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jammer.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jdbgmrg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jedi.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\JsRcGen.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavlite40eng.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavpers40eng.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavpf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kazza.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\keenvalue.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-pf-213-en-win.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-wrl-421-en-win.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-wrp-421-en-win.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\killprocesssetup161.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldnetmon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldpro.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldpromenu.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\licmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\livesrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lnetinfo.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\loader.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\localnet.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lockdown.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lockdown2000.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lookout.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lordpe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luau.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lucomserver.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luinit.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luspt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MalwareRemoval.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mapisvc32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcagent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcmnhdlr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcmscsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcnasvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcproxy.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\McSACore.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcshell.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcshield.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcsysmon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mctool.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcvsrte.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcvsshld.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\md.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfin32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfw2en.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfweng3.02d30.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgavrtcl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgavrte.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mghtml.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\minilog.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mmod.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\monitor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\moolive.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mostat.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpfagent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpfservice.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MPFSrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpftray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mrflux.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mrt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msa.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msapp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MSASCui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msbb.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msblast.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mscache.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msccn32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mscman.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msconfig: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msdm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msdos.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msfwsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msiexec16.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mslaugh.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msmgt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MsMpEng.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msmsgri32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msseces.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mssmmc32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mssys.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msvxd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mu0311ad.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mwatch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\n32scanw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navap.navapsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navapsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navapw32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navdx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navlu32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navstub.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navw32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navwnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nc2000.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ncinst4.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ndd32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\neomonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\neowatchlog.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netarmor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netd32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netinfo.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netmon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netscanpro.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netspyhunter-1.2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netutils.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nisserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nisum.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nmain.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nod32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\normist.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\norton_internet_secu_3.0_407.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\notstart.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npf40_tw_98_nt_me_2k.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npfmessenger.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nprotect.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npscheck.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npssvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nsched32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nssys32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nstask32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nsupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntrtscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntvdm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntxconfig.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nupgrade.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvarch16.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvc95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvsvc32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwinst4.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwservice.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwtool16.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAcat.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAhlp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAReg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oasrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oaui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oaview.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OcHealthMon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ODSW.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ollydbg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\onsrvr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\optimize.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ostronet.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\otfix.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpost.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpostinstall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpostproinstall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ozn695m5.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\padmin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\panixk.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\patch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavcl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PavFnSvr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavproxy.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavprsrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavsched.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavsrv51.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PC_Antispyware2010.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pccwin98.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcfwallicon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcip10117_0.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsAuxs.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsGui.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsSvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsTray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pdfndr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pdsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PerAvir.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\periscope.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\persfw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\personalguard: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\personalguard.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\perswf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pf2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pfwadmin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pgmonitr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pingscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\platin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pop3trap.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\poproxy.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\popscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\portdetective.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\portmonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\powerscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ppinupdt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pptbc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ppvstop.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prizesurfer.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prmt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prmvr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\procdump.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\processmonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\procexplorerv1.0.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\programauditor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\proport.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\protector.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANCU.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANHost.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANToManager.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PsCtrls.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PsImSvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PskSvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pspf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSUNMain.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\purge.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qconsole.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qh.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qserver.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Quick Heal.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\QuickHealCleaner.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rapapp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav7.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav7win.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav8win32eng.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rb32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rcsync.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\realmon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\reged.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\regedt32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rescue.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rescue32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rrguard.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rscdwld.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rshell.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rtvscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rtvscn95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rulaunch.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rwg: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rwg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SafetyKeeper.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\safeweb.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sahagent.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Save.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SaveArmor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SaveDefense.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SaveKeep.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\savenow.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sbserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scam32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scanpm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scrscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\seccenter.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Secure Veteran.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\secureveteran.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Security Center.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SecurityFighter.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\securitysoldier.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\serv95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setloadorder.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setup_flowprotector_us.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setupvameeval.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sgssfw32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sh.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shellspyinstall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shield.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shn.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\showbehind.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\signcheck.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smart.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smartprotector.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smrtdefp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sms.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smss32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\snetcfg.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\soap.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sofi.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SoftSafeness.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sperm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spf.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sphinx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoler.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoolcv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoolsv32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spywarexpguard.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spyxx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\srexe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\srng.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ss3edit.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ssg_4104.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ssgrate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\st2.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\start.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\stcloader.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\supftrl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\support.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\supporter5.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svchostc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svchosts.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svshost.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweep95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symlcsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symproxysvc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symtray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\system.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\system32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sysupd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tapinstall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\taskmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\taumon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tbscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tca.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tcm.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds2-98.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds2-nt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds-3.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\teekids.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tfak.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tfak5.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tgbob.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\titanin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\titaninxp.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\TPSrv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trickler.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trjscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trjsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trojantrap3.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\TrustWarrior.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tsadbot.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tsc.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tvmd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tvtmd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\uiscan.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\undoboot.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\updat.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\upgrad.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\upgrepl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\utpost.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbcmserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbcons.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbust.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbwin9x.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbwinntw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vcsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vet32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vet95.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vettray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vfsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vir-help.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\virusmdpersonalfirewall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthAux.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthLic.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthUpd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vnlan300.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vnpc3000.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpc32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpc42.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpfw30s.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vptray.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vscan40.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vscenu6.02d30.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsched.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsecomr.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vshwin32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsisetup.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsmain.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsmon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsserv.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsstat.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswin9xe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswinntse.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswinperse.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\w32dsm89.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\W3asbas.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\w9x.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\watchdog.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webdav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\WebProxy.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webscanx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webtrap.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wfindv32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\whoswatchingme.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wimmun32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win32us.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winactive.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win-bugsfix.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windll32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\window.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windows Police Pro.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windows.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wininetd.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wininitx.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winlogin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winmain.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winppr32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winrecon.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winservn.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winss.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winssk32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winssnotify.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\WinSSUI.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winstart.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winstart001.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wintsk32.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wkufind.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wnad.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wnt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wradmin.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wrctrl.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wsbgate.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxas.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxav.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxfw.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wsctool.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wupdater.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wupdt.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wyvernworksfirewall.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xp_antispyware.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xpdeluxe.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xpf202en.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapro.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapsetup3001.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zatutor.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonalm2601.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonealarm.exe: Debugger - svchost.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/29 15:18:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/24 10:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/24 10:31:00 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B587BACD-8527-47C7-BA6C-31E164AF0C50}.job
[2011/05/24 10:13:02 | 000,483,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/24 10:13:02 | 000,086,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/24 10:12:27 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/24 09:56:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David A. Quelle\Desktop\OTL.exe
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/12 10:19:17 | 000,038,463 | ---- | C] () -- C:\Documents and Settings\David A. Quelle\Application Data\Comma Separated Values (Windows).ADR
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2008/11/05 15:49:42 | 000,000,471 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\WINWGPX.EXE
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\winsystem.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\winsystem.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\winlogonpc.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\vcatchpi.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\vbsys2.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\userconfig9x.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\thun32.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\thun.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\temp#01.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\taack.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\taack.dat
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysreq.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\ssvchost.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\ssvchost.com
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\ssurf022.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sncntr.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\Rundl1.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\regm64.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\regc64.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\psoft1.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\psof1.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\ps1.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\newsd32.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\netode.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\mwin32.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\mtr2.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\msvchost.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\mssecu.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\mssecu.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\msnbho.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\msgp.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\medup020.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\medup012.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\iTunesMusic.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\hxiwlgpm.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\hxiwlgpm.dat
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\hoproxy.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\[email protected]@@k.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\FVProtect.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\emesx.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\dpcproxy.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\bsva-egihsg52.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\bdn.com
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\bdn.com
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\awtoolb.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\anticipator.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\akttzn.exe
[2008/10/12 22:06:16 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_ycbcr_.dll
[2008/10/12 22:06:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_x_.dll
[2008/10/12 22:06:15 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_xpm_.dll
[2008/10/12 22:06:15 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_xwd_.dll
[2008/10/12 22:06:15 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_xtrn_.dll
[2008/10/12 22:06:15 | 000,013,824 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_xc_.dll
[2008/10/12 22:06:14 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_wmf_.dll
[2008/10/12 22:06:14 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_viff_.dll
[2008/10/12 22:06:14 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_wpg_.dll
[2008/10/12 22:06:14 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_xcf_.dll
[2008/10/12 22:06:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_xbm_.dll
[2008/10/12 22:06:14 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_wbmp_.dll
[2008/10/12 22:06:14 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_vid_.dll
[2008/10/12 22:06:13 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_txt_.dll
[2008/10/12 22:06:13 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_vicar_.dll
[2008/10/12 22:06:13 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_ttf_.dll
[2008/10/12 22:06:13 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_uil_.dll
[2008/10/12 22:06:13 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_uyvy_.dll
[2008/10/12 22:06:13 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_url_.dll
[2008/10/12 22:06:12 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_svg_.dll
[2008/10/12 22:06:12 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_tiff_.dll
[2008/10/12 22:06:12 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_sun_.dll
[2008/10/12 22:06:12 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_tga_.dll
[2008/10/12 22:06:12 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_tim_.dll
[2008/10/12 22:06:12 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_tile_.dll
[2008/10/12 22:06:11 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_sgi_.dll
[2008/10/12 22:06:11 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_sfw_.dll
[2008/10/12 22:06:11 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_sct_.dll
[2008/10/12 22:06:11 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_stegano_.dll
[2008/10/12 22:06:10 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_rgb_.dll
[2008/10/12 22:06:10 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_rle_.dll
[2008/10/12 22:06:10 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_raw_.dll
[2008/10/12 22:06:10 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_rla_.dll
[2008/10/12 22:06:10 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_scr_.dll
[2008/10/12 22:06:09 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_ps_.dll
[2008/10/12 22:06:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_ps2_.dll
[2008/10/12 22:06:09 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_psd_.dll
[2008/10/12 22:06:09 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_ps3_.dll
[2008/10/12 22:06:09 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pwp_.dll
[2008/10/12 22:06:09 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_preview_.dll
[2008/10/12 22:06:08 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_png_.dll
[2008/10/12 22:06:08 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pnm_.dll
[2008/10/12 22:06:08 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pix_.dll
[2008/10/12 22:06:08 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_plasma_.dll
[2008/10/12 22:06:07 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pdf_.dll
[2008/10/12 22:06:07 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pict_.dll
[2008/10/12 22:06:07 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pdb_.dll
[2008/10/12 22:06:07 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pcx_.dll
[2008/10/12 22:06:07 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pcl_.dll
[2008/10/12 22:06:06 | 000,446,464 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pattern_.dll
[2008/10/12 22:06:06 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pcd_.dll
[2008/10/12 22:06:06 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_palm_.dll
[2008/10/12 22:06:06 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_otb_.dll
[2008/10/12 22:06:06 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mvg_.dll
[2008/10/12 22:06:06 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_null_.dll
[2008/10/12 22:06:05 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_msl_.dll
[2008/10/12 22:06:05 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mtv_.dll
[2008/10/12 22:06:05 | 000,013,824 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mpr_.dll
[2008/10/12 22:06:04 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_miff_.dll
[2008/10/12 22:06:04 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_meta_.dll
[2008/10/12 22:06:04 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mpc_.dll
[2008/10/12 22:06:04 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mpeg_.dll
[2008/10/12 22:06:04 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mono_.dll
[2008/10/12 22:06:03 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_magick_.dll
[2008/10/12 22:06:03 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mat_.dll
[2008/10/12 22:06:03 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_map_.dll
[2008/10/12 22:06:03 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_matte_.dll
[2008/10/12 22:06:02 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_jpeg_.dll
[2008/10/12 22:06:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_label_.dll
[2008/10/12 22:06:01 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_jp2_.dll
[2008/10/12 22:06:01 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_icon_.dll
[2008/10/12 22:06:01 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_jbig_.dll
[2008/10/12 22:06:01 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_html_.dll
[2008/10/12 22:06:01 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_info_.dll
[2008/10/12 22:06:00 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_gif_.dll
[2008/10/12 22:06:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_histogram_.dll
[2008/10/12 22:06:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_gray_.dll
[2008/10/12 22:06:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_gradient_.dll
[2008/10/12 22:06:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_hdf_.dll
[2008/10/12 22:06:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_fpx_.dll
[2008/10/12 22:05:59 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_dpx_.dll
[2008/10/12 22:05:59 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_fits_.dll
[2008/10/12 22:05:59 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_ept_.dll
[2008/10/12 22:05:59 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_emf_.dll
[2008/10/12 22:05:59 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_fax_.dll
[2008/10/12 22:05:58 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_dcm_.dll
[2008/10/12 22:05:58 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_dib_.dll
[2008/10/12 22:05:58 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_dps_.dll
[2008/10/12 22:05:58 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_dot_.dll
[2008/10/12 22:05:57 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_cmyk_.dll
[2008/10/12 22:05:57 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_cut_.dll
[2008/10/12 22:05:57 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_cin_.dll
[2008/10/12 22:05:57 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_cip_.dll
[2008/10/12 22:05:57 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_clipboard_.dll
[2008/10/12 22:05:57 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_caption_.dll
[2008/10/12 22:05:57 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_clip_.dll
[2008/10/12 22:05:56 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_avi_.dll
[2008/10/12 22:05:56 | 000,044,032 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_bmp_.dll
[2008/10/12 22:05:56 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_avs_.dll
[2008/10/12 22:05:55 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\CORE_DB_xlib_.dll
[2008/10/12 22:05:55 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_art_.dll
[2008/10/12 22:05:53 | 000,569,344 | ---- | C] () -- C:\WINDOWS\System32\CORE_DB_Magick++_.dll
[2008/10/12 22:05:52 | 000,794,624 | ---- | C] () -- C:\WINDOWS\System32\CORE_DB_libxml_.dll
[2008/10/12 22:05:52 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\CORE_DB_lcms_.dll
[2008/10/12 22:05:51 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_yuv_.dll
[2008/09/30 10:37:46 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\E2E75E7E33.sys
[2008/09/30 10:37:45 | 000,000,848 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2008/06/14 09:59:18 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2008/05/06 21:29:52 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/05/06 14:36:34 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\David A. Quelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/07 12:29:20 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/10/29 20:24:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2007/10/29 20:24:33 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2007/10/29 15:22:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/10/29 15:14:40 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/10/29 06:55:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/10/29 06:54:35 | 000,265,416 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/03/21 21:48:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/21 21:48:05 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,483,022 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,086,326 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 19:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/11/18 15:25:45 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\585abe
[2008/09/30 10:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Act
[2008/10/17 21:11:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\bwvsvgpc
[2010/11/18 15:25:22 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\ISKUVQDCES
[2008/10/12 23:43:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/09/30 10:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David A. Quelle\Application Data\ACT
[2010/11/18 15:25:44 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\David A. Quelle\Application Data\Internet Security Suite
[2008/01/07 16:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David A. Quelle\Application Data\InterVideo
[2008/09/30 10:37:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David A. Quelle\Application Data\IsolatedStorage
[2010/11/18 15:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David A. Quelle\Application Data\MSNInstaller
[2008/01/08 21:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David A. Quelle\Application Data\Smith Micro
[2011/05/24 10:31:00 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{B587BACD-8527-47C7-BA6C-31E164AF0C50}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:62E4E252

< End of report >

Edited by tcjones76, 24 May 2011 - 09:07 AM.

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
In that case I might as well continue - there is a big mess on this system so I will clear enough to let combofix run, and allow you to access the net

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25431
    O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No CLSID value found.
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O2 - BHO: (XML Class) - {500BCA15-57A7-4eaf-8143-8C619470B13D} - File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 6vmjHq9EdX = C:\Documents and Settings\All Users\Application Data\bwvsvgpc\pydsdepm.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 0 = msseces.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = MSASCui.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 2 = ekrn.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 3 = egui.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 4 = avgnt.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 5 = avcenter.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 6 = avscan.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 7 = avgfrw.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 8 = avgui.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 9 = avgtray.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 10 = avgscanx.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 11 = avgcfgex.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 12 = avgemc.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 13 = avgchsvx.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 14 = avgcmgr.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 15 = avgwdsvc.exe
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
    O27 - HKLM IFEO\_avp32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\_avpcc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\_avpm.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\~1.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\~2.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\a.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aAvgApi.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AAWTray.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\About.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ackwin32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\adaware.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Ad-Aware.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\advxdwin.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AdwarePrj.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\agent.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\agentsvr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\agentw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\alertsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\alevir.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\alogserv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AlphaAV: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AlphaAV.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AluSchedulerSvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\amon9x.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntispywarXP2009.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\anti-trojan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Anti-Virus Professional.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\antivirus.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntiVirus_Pro.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntivirusPlus: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntivirusPlus.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntivirusPro_2010.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntivirusXP: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntivirusXP.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\antivirusxppro2009.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ants.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\apimonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aplica32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\apvxdwin.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\arr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Arrakis3.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashAvast.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashBug.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashChest.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashCnsnt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashDisp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashLogV.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashMaiSv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashPopWz.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashQuick.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashServ.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashSimp2.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashSimpl.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashSkPcc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashSkPck.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashUpd.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashWebSv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aswChLic.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aswRegSvr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aswRunDll.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aswUpdSv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\atcon.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\atguard.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\atro55en.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\atupdater.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\atwatch.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\au.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\autodown.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\auto-protect.nav80try.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\autotrace.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\autoupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\av360.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avadmin.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AVCare.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avcenter.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avciman.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avconfig.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avconsol.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ave32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AVENGINE.EXE: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgcc32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgchk.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgcmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgcsrvx.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgctrl.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgdumpx.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgemc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgiproxy.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgnsx.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgnt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgrsx.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgscanx.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgserv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgserv9.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgsrmax.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgtray.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgui.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgupd.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgwdsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avkpop.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avkserv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avkservice.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avkwctl9.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avltmain.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avmailc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avmcdlg.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avnotify.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avnt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avp32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avpcc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avpdos32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avpm.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avptc32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avpupd.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avsched32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avsynmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avupgsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AVWEBGRD.EXE: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwin.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwin95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwinnt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwsc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwupd.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwupd32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwupsrv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avxmonitor9x.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avxmonitornt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avxquar.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\b.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\backweb.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bargains.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bd_professional.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdagent.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdfvcl.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdfvwiz.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\BDInProcPatch.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdmcon.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\BDMsnScan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdreinit.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdsubwiz.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\BDSurvey.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdtkexec.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdwizreg.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\beagle.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\belt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bidef.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bidserver.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bipcp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bipcpevalsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bisp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\blackd.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\blackice.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\blink.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\blss.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bootconf.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bootwarn.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\borg2.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bpc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\brasil.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\brastk.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\brw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bs120.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bspatch.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bundle.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bvt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\c.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cavscan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ccapp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ccevtmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ccpxysvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ccSvcHst.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cdp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfd.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfgwiz.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfiadmin.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfiaudit.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfinet.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfinet32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfpconfg.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfplogvw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfpupdat.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Cl.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\claw95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\claw95cf.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\clean.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cleaner.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cleaner3.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cleanIELow.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cleanpc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\click.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cmd32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cmdagent.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cmesys.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cmgrdian.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cmon016.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\connectionmonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\control: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cpd.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cpf9x206.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cpfnt206.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\crashrep.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\csc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cssconfg.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cssupdat.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cssurf.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ctrl.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cwnb181.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cwntdwmo.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\d.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\datemanager.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dcomx.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\defalert.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\defscangui.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\defwatch.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\deloeminfs.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\deputy.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\divx.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dllcache.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dllreg.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\doors.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dop.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dpf.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dpfsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dpps2.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\driverctrl.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\drwatson.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\drweb32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\drwebupw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dssagent.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dvp95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dvp95_0.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ecengine.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\efpeadm.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\egui.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ekrn.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\emsw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ent.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\esafe.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\escanhnt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\escanv95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\espwatch.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ethereal.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\etrustcipe.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\evpn.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\exantivirus-cnet.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\exe.avxw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\expert.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\explore.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fact.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\f-agnt95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fameh32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fast.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fch32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fih32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\findviru.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\firewall.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fixcfg.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fixfp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fnrb32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fprot.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\f-prot.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\f-prot95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fp-win.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fp-win_trial.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\frmwrk32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\frw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsaa.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsav.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsav32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsav530stbyb.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsav530wtbyb.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsav95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsgk32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsm32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsma32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsmb32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\f-stopw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\gator.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\gav.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\gbmenu.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\gbn976rl.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\gbpoll.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\generics.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\gmt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\guard.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\guarddog.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\guardgui.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hacktracersetup.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hbinst.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hbsrv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\History.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\homeav2010.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hotactio.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hotpatch.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\htlog.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\htpatch.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hwpe.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hxdl.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hxiul.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iamapp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iamserv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iamstats.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ibmasn.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ibmavsp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\icload95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\icloadnt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\icmon.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\icsupp95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\icsuppnt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Identity.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\idle.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iedll.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iedriver.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\IEShow.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iface.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ifw2000.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\inetlnfo.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\infus.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\infwin.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\init.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\init32.exe : Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\install.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\install[1].exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\install[2].exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\install[3].exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\install[4].exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\install[5].exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\intdel.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\intren.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iomon98.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\istsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\jammer.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\jdbgmrg.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\jedi.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\JsRcGen.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kavlite40eng.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kavpers40eng.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kavpf.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kazza.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\keenvalue.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kerio-pf-213-en-win.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kerio-wrl-421-en-win.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kerio-wrp-421-en-win.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\killprocesssetup161.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ldnetmon.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ldpro.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ldpromenu.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ldscan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\licmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\livesrv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lnetinfo.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\loader.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\localnet.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lockdown.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lockdown2000.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lookout.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lordpe.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\luall.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\luau.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lucomserver.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\luinit.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\luspt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\MalwareRemoval.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mapisvc32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcagent.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcmnhdlr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcmscsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcnasvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcproxy.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\McSACore.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcshell.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcshield.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcsysmon.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mctool.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcvsrte.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcvsshld.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\md.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mfin32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mfw2en.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mfweng3.02d30.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mgavrtcl.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mgavrte.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mghtml.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mgui.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\minilog.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mmod.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\monitor.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\moolive.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mostat.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mpfagent.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mpfservice.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\MPFSrv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mpftray.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mrflux.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mrt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msa.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msapp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\MSASCui.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msbb.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msblast.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mscache.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msccn32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mscman.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msconfig: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msdm.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msdos.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msfwsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msiexec16.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mslaugh.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msmgt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\MsMpEng.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msmsgri32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msseces.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mssmmc32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mssys.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msvxd.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mu0311ad.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mwatch.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\n32scanw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nav.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navap.navapsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navapsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navapw32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navdx.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navlu32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navnt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navstub.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navw32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navwnt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nc2000.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ncinst4.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ndd32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\neomonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\neowatchlog.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netarmor.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netd32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netinfo.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netmon.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netscanpro.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netspyhunter-1.2.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netutils.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nisserv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nisum.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nmain.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nod32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\normist.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\norton_internet_secu_3.0_407.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\notstart.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\npf40_tw_98_nt_me_2k.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\npfmessenger.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nprotect.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\npscheck.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\npssvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nsched32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nssys32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nstask32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nsupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ntrtscan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ntvdm.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ntxconfig.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nui.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nupgrade.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nvarch16.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nvc95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nvsvc32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nwinst4.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nwservice.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nwtool16.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\OAcat.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\OAhlp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\OAReg.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\oasrv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\oaui.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\oaview.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\OcHealthMon.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ODSW.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ollydbg.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\onsrvr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\optimize.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ostronet.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\otfix.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\outpost.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\outpostinstall.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\outpostproinstall.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ozn695m5.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\padmin.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\panixk.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\patch.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pav.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pavcl.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PavFnSvr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pavproxy.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pavprsrv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pavsched.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pavsrv51.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pavw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PC_Antispyware2010.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pccwin98.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pcfwallicon.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pcip10117_0.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pcscan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pctsAuxs.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pctsGui.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pctsSvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pctsTray.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pdfndr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pdsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PerAvir.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\periscope.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\persfw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\personalguard: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\personalguard.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\perswf.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pf2.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pfwadmin.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pgmonitr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pingscan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\platin.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pop3trap.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\poproxy.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\popscan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\portdetective.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\portmonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\powerscan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ppinupdt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pptbc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ppvstop.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\prizesurfer.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\prmt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\prmvr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\procdump.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\processmonitor.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\procexplorerv1.0.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\programauditor.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\proport.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\protector.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\protectx.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PSANCU.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PSANHost.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PSANToManager.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PsCtrls.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PsImSvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PskSvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pspf.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PSUNMain.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\purge.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\qconsole.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\qh.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\qserver.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Quick Heal.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\QuickHealCleaner.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rapapp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rav7.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rav7win.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rav8win32eng.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ray.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rb32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rcsync.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\realmon.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\reged.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\regedt32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rescue.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rescue32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rrguard.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rscdwld.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rshell.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rtvscan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rtvscn95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rulaunch.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rwg: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rwg.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\SafetyKeeper.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\safeweb.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sahagent.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Save.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\SaveArmor.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\SaveDefense.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\SaveKeep.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\savenow.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sbserv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\scam32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\scan32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\scan95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\scanpm.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\scrscan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\seccenter.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Secure Veteran.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\secureveteran.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Security Center.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\SecurityFighter.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\securitysoldier.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\serv95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\setloadorder.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\setup_flowprotector_us.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\setupvameeval.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sgssfw32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sh.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\shellspyinstall.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\shield.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\shn.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\showbehind.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\signcheck.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\smart.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\smartprotector.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\smc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\smrtdefp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sms.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\smss32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\snetcfg.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\soap.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sofi.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\SoftSafeness.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sperm.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\spf.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sphinx.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\spoler.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\spoolcv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\spoolsv32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\spywarexpguard.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\spyxx.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\srexe.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\srng.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ss3edit.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ssg_4104.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ssgrate.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\st2.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\start.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\stcloader.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\supftrl.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\support.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\supporter5.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\svc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\svchostc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\svchosts.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\svshost.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sweep95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\symlcsvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\symproxysvc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\symtray.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\system.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\system32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sysupd.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tapinstall.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\taskmgr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\taumon.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tbscan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tca.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tcm.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tds2-98.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tds2-nt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tds-3.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\teekids.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tfak.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tfak5.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tgbob.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\titanin.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\titaninxp.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\TPSrv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\trickler.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\trjscan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\trjsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\trojantrap3.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\TrustWarrior.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tsadbot.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tsc.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tvmd.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tvtmd.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\uiscan.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\undoboot.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\updat.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\upgrad.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\upgrepl.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\utpost.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vbcmserv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vbcons.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vbust.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vbwin9x.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vbwinntw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vcsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vet32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vet95.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vettray.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vfsetup.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vir-help.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\virusmdpersonalfirewall.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\VisthAux.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\VisthLic.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\VisthUpd.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vnlan300.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vnpc3000.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vpc32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vpc42.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vpfw30s.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vptray.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vscan40.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vscenu6.02d30.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsched.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsecomr.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vshwin32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsisetup.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsmain.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsmon.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsserv.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsstat.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vswin9xe.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vswinntse.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vswinperse.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\w32dsm89.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\W3asbas.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\w9x.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\watchdog.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\webdav.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\WebProxy.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\webscanx.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\webtrap.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wfindv32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\whoswatchingme.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wimmun32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\win32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\win32us.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winactive.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winav.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\win-bugsfix.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\windll32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\window.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\windows Police Pro.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\windows.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wininetd.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wininitx.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winlogin.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winmain.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winppr32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winrecon.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winservn.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winss.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winssk32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winssnotify.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\WinSSUI.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winstart.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winstart001.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wintsk32.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winupdate.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wkufind.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wnad.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wnt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wradmin.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wrctrl.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wsbgate.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wscfxas.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wscfxav.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wscfxfw.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wsctool.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wupdater.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wupdt.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wyvernworksfirewall.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\xp_antispyware.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\xpdeluxe.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\xpf202en.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\zapro.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\zapsetup3001.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\zatutor.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\zonalm2601.exe: Debugger - svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\zonealarm.exe: Debugger - svchost.exe (Microsoft Corporation)
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\winsystem.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\winsystem.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\winlogonpc.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\vcatchpi.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\vbsys2.dll

    :Files
    ipconfig /flushdns /c
    C:\Documents and Settings\All Users\Application Data\bwvsvgpc

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download ComboFix from one of these locations:


Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#3
tcjones76

tcjones76

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts
OTL after Run Fix - I will do ComboFix after dinner, Thanks

OTL logfile created on: 5/24/2011 3:50:21 PM - Run 5
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\David A. Quelle\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.21 Mb Total Physical Memory | 330.95 Mb Available Physical Memory | 64.86% Memory free
1.22 Gb Paging File | 1.10 Gb Available in Paging File | 90.47% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 26.42 Gb Free Space | 71.00% Space Free | Partition Type: NTFS
Drive E: | 3.74 Gb Total Space | 2.76 Gb Free Space | 73.78% Space Free | Partition Type: FAT32

Computer Name: 8NHLQ71 | User Name: David A. Quelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/24 09:56:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David A. Quelle\Desktop\OTL.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/24 09:56:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David A. Quelle\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare9)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)


========== Driver Services (SafeList) ==========

DRV - [2007/04/09 01:25:20 | 000,005,888 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PWCTLDRV.sys -- (PWCTLDRV)
DRV - [2007/04/06 03:49:26 | 000,039,808 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDWVsp.sys -- (PTDWVsp) Curitel PC Card Diagnostic Serial Port (UDP)
DRV - [2007/04/06 03:49:20 | 000,041,728 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDWMdm.sys -- (PTDWMdm) Curitel PC Card Drivers (UDP)
DRV - [2007/04/06 03:49:16 | 000,027,392 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDWBus.sys -- (PTDWBus) Curitel PC Card Composite Device driver (UDP)
DRV - [2005/02/23 15:19:08 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/11/15 16:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2001/08/22 12:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =



O1 HOSTS File: ([2011/05/24 15:33:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1193690031417 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1193690109008 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/29 15:18:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/24 15:33:04 | 000,000,000 | ---D | C] -- C:\_OTL

========== Files - Modified Within 30 Days ==========

[2011/05/24 15:52:14 | 000,483,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/24 15:52:14 | 000,086,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/24 15:48:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/24 15:48:53 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/24 15:47:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/24 15:33:30 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/05/24 15:12:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/24 14:34:48 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B587BACD-8527-47C7-BA6C-31E164AF0C50}.job
[2011/05/24 09:56:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David A. Quelle\Desktop\OTL.exe

========== Files Created - No Company Name ==========

[2010/10/12 10:19:17 | 000,038,463 | ---- | C] () -- C:\Documents and Settings\David A. Quelle\Application Data\Comma Separated Values (Windows).ADR
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2008/11/05 15:49:42 | 000,000,471 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\WINWGPX.EXE
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\userconfig9x.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\thun32.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\thun.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\temp#01.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\taack.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\taack.dat
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysreq.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\ssvchost.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\ssvchost.com
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\ssurf022.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sncntr.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\Rundl1.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\regm64.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\regc64.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\psoft1.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\psof1.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\ps1.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\newsd32.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\netode.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\mwin32.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\mtr2.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\msvchost.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\mssecu.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\mssecu.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\msnbho.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\msgp.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\medup020.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\medup012.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\iTunesMusic.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\hxiwlgpm.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\hxiwlgpm.dat
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\hoproxy.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\[email protected]@@k.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\FVProtect.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\emesx.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\dpcproxy.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\bsva-egihsg52.exe
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\bdn.com
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\bdn.com
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\awtoolb.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\anticipator.dll
[2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\akttzn.exe
[2008/10/12 22:06:16 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_ycbcr_.dll
[2008/10/12 22:06:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_x_.dll
[2008/10/12 22:06:15 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_xpm_.dll
[2008/10/12 22:06:15 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_xwd_.dll
[2008/10/12 22:06:15 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_xtrn_.dll
[2008/10/12 22:06:15 | 000,013,824 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_xc_.dll
[2008/10/12 22:06:14 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_wmf_.dll
[2008/10/12 22:06:14 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_viff_.dll
[2008/10/12 22:06:14 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_wpg_.dll
[2008/10/12 22:06:14 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_xcf_.dll
[2008/10/12 22:06:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_xbm_.dll
[2008/10/12 22:06:14 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_wbmp_.dll
[2008/10/12 22:06:14 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_vid_.dll
[2008/10/12 22:06:13 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_txt_.dll
[2008/10/12 22:06:13 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_vicar_.dll
[2008/10/12 22:06:13 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_ttf_.dll
[2008/10/12 22:06:13 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_uil_.dll
[2008/10/12 22:06:13 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_uyvy_.dll
[2008/10/12 22:06:13 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_url_.dll
[2008/10/12 22:06:12 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_svg_.dll
[2008/10/12 22:06:12 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_tiff_.dll
[2008/10/12 22:06:12 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_sun_.dll
[2008/10/12 22:06:12 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_tga_.dll
[2008/10/12 22:06:12 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_tim_.dll
[2008/10/12 22:06:12 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_tile_.dll
[2008/10/12 22:06:11 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_sgi_.dll
[2008/10/12 22:06:11 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_sfw_.dll
[2008/10/12 22:06:11 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_sct_.dll
[2008/10/12 22:06:11 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_stegano_.dll
[2008/10/12 22:06:10 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_rgb_.dll
[2008/10/12 22:06:10 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_rle_.dll
[2008/10/12 22:06:10 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_raw_.dll
[2008/10/12 22:06:10 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_rla_.dll
[2008/10/12 22:06:10 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_scr_.dll
[2008/10/12 22:06:09 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_ps_.dll
[2008/10/12 22:06:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_ps2_.dll
[2008/10/12 22:06:09 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_psd_.dll
[2008/10/12 22:06:09 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_ps3_.dll
[2008/10/12 22:06:09 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pwp_.dll
[2008/10/12 22:06:09 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_preview_.dll
[2008/10/12 22:06:08 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_png_.dll
[2008/10/12 22:06:08 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pnm_.dll
[2008/10/12 22:06:08 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pix_.dll
[2008/10/12 22:06:08 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_plasma_.dll
[2008/10/12 22:06:07 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pdf_.dll
[2008/10/12 22:06:07 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pict_.dll
[2008/10/12 22:06:07 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pdb_.dll
[2008/10/12 22:06:07 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pcx_.dll
[2008/10/12 22:06:07 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pcl_.dll
[2008/10/12 22:06:06 | 000,446,464 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pattern_.dll
[2008/10/12 22:06:06 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_pcd_.dll
[2008/10/12 22:06:06 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_palm_.dll
[2008/10/12 22:06:06 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_otb_.dll
[2008/10/12 22:06:06 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mvg_.dll
[2008/10/12 22:06:06 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_null_.dll
[2008/10/12 22:06:05 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_msl_.dll
[2008/10/12 22:06:05 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mtv_.dll
[2008/10/12 22:06:05 | 000,013,824 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mpr_.dll
[2008/10/12 22:06:04 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_miff_.dll
[2008/10/12 22:06:04 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_meta_.dll
[2008/10/12 22:06:04 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mpc_.dll
[2008/10/12 22:06:04 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mpeg_.dll
[2008/10/12 22:06:04 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mono_.dll
[2008/10/12 22:06:03 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_magick_.dll
[2008/10/12 22:06:03 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_mat_.dll
[2008/10/12 22:06:03 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_map_.dll
[2008/10/12 22:06:03 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_matte_.dll
[2008/10/12 22:06:02 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_jpeg_.dll
[2008/10/12 22:06:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_label_.dll
[2008/10/12 22:06:01 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_jp2_.dll
[2008/10/12 22:06:01 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_icon_.dll
[2008/10/12 22:06:01 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_jbig_.dll
[2008/10/12 22:06:01 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_html_.dll
[2008/10/12 22:06:01 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_info_.dll
[2008/10/12 22:06:00 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_gif_.dll
[2008/10/12 22:06:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_histogram_.dll
[2008/10/12 22:06:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_gray_.dll
[2008/10/12 22:06:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_gradient_.dll
[2008/10/12 22:06:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_hdf_.dll
[2008/10/12 22:06:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_fpx_.dll
[2008/10/12 22:05:59 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_dpx_.dll
[2008/10/12 22:05:59 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_fits_.dll
[2008/10/12 22:05:59 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_ept_.dll
[2008/10/12 22:05:59 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_emf_.dll
[2008/10/12 22:05:59 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_fax_.dll
[2008/10/12 22:05:58 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_dcm_.dll
[2008/10/12 22:05:58 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_dib_.dll
[2008/10/12 22:05:58 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_dps_.dll
[2008/10/12 22:05:58 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_dot_.dll
[2008/10/12 22:05:57 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_cmyk_.dll
[2008/10/12 22:05:57 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_cut_.dll
[2008/10/12 22:05:57 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_cin_.dll
[2008/10/12 22:05:57 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_cip_.dll
[2008/10/12 22:05:57 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_clipboard_.dll
[2008/10/12 22:05:57 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_caption_.dll
[2008/10/12 22:05:57 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_clip_.dll
[2008/10/12 22:05:56 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_avi_.dll
[2008/10/12 22:05:56 | 000,044,032 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_bmp_.dll
[2008/10/12 22:05:56 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_avs_.dll
[2008/10/12 22:05:55 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\CORE_DB_xlib_.dll
[2008/10/12 22:05:55 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_art_.dll
[2008/10/12 22:05:53 | 000,569,344 | ---- | C] () -- C:\WINDOWS\System32\CORE_DB_Magick++_.dll
[2008/10/12 22:05:52 | 000,794,624 | ---- | C] () -- C:\WINDOWS\System32\CORE_DB_libxml_.dll
[2008/10/12 22:05:52 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\CORE_DB_lcms_.dll
[2008/10/12 22:05:51 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\IM_MOD_DB_yuv_.dll
[2008/09/30 10:37:46 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\E2E75E7E33.sys
[2008/09/30 10:37:45 | 000,000,848 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2008/06/14 09:59:18 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2008/05/06 21:29:52 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/05/06 14:36:34 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\David A. Quelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/07 12:29:20 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/10/29 20:24:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2007/10/29 20:24:33 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2007/10/29 15:22:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/10/29 15:14:40 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/10/29 06:55:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/10/29 06:54:35 | 000,265,416 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/03/21 21:48:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/21 21:48:05 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,483,022 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,086,326 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 19:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/11/18 15:25:45 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\585abe
[2008/09/30 10:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Act
[2010/11/18 15:25:22 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\ISKUVQDCES
[2008/10/12 23:43:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/09/30 10:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David A. Quelle\Application Data\ACT
[2010/11/18 15:25:44 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\David A. Quelle\Application Data\Internet Security Suite
[2008/01/07 16:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David A. Quelle\Application Data\InterVideo
[2008/09/30 10:37:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David A. Quelle\Application Data\IsolatedStorage
[2010/11/18 15:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David A. Quelle\Application Data\MSNInstaller
[2008/01/08 21:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David A. Quelle\Application Data\Smith Micro
[2011/05/24 14:34:48 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{B587BACD-8527-47C7-BA6C-31E164AF0C50}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:62E4E252

< End of report >
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You should be able to get online now - see you after the munchies :)
  • 0

#5
tcjones76

tcjones76

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts
I had to remove all the AVG files before ComboFix would run. Microsoft Windows Recovery Console is not installed and Internet is still not working (limited conductivity on the wireless, and not IP address on the network card). ComboFix skipped and AutoScan is running again, froze up first time.

Anyway to download Microsoft Windows Recovery Console install to USB drive?

Nevermind, I just went to bleepingcomputer and got the routine, trying ComboFix again.

Edited by tcjones76, 25 May 2011 - 06:09 AM.

  • 0

#6
tcjones76

tcjones76

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts
I have not been able to get ComboFix to complete a run. It could be I have no internet connection required to complete the restore point, I don't know. The AutoScan does start, but never finishes (and there is no disk activity). Plan B?
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Always a plan B. What is the exact error when you try to connect ?

Download AVP Tool

First we will run a virus scan

On the first tab select all elements down to and including Computer and then select start scan
Once it has finished select report and post that.

Posted Image

Do not close AVPTool or it will self uninstall, if it does uninstall - then just rerun the setup file on your desktop

Now an analysis scan

Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip

Posted Image
  • 0

#8
tcjones76

tcjones76

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts
Here is the important events from the KVRT (all events way too long). Running Manual Disinfection now...


Autoscan: completed 5 minutes ago (events: 24, objects: 132537, time: 01:18:17)
5/25/2011 5:40:57 PM Task completed
5/25/2011 5:38:13 PM Processing error C:\WINDOWS\system32\dmconfig.dll Read error
5/25/2011 5:32:12 PM Processing error C:\WINDOWS\Driver Cache\i386\driver.cab Read error
5/25/2011 5:22:10 PM Disinfected: Trojan.Win32.Hosts2.gen C:\_OTL\MovedFiles\05242011_153304\C_WINDOWS\system32\drivers\etc\hosts
5/25/2011 5:22:10 PM Disinfected: Trojan.Win32.Hosts2.gen C:\_OTL\MovedFiles\05242011_153304\C_WINDOWS\system32\drivers\etc\hosts
5/25/2011 5:21:56 PM Detected: Trojan.Win32.Hosts2.gen C:\_OTL\MovedFiles\05242011_153304\C_WINDOWS\system32\drivers\etc\hosts
5/25/2011 5:17:12 PM Processing error C:\WINDOWS\system32\dmconfig.dll Read error
5/25/2011 5:00:22 PM Processing error C:\WINDOWS\inf\mdmsun2.inf Read error
5/25/2011 4:56:12 PM Processing error C:\WINDOWS\Driver Cache\i386\driver.cab Read error
5/25/2011 4:43:52 PM Deleted: not-a-virus:FraudTool.Win32.Antivirus2010.aw C:\System Volume Information\_restore{FAB6C456-C63C-4EC5-A589-223274348EB7}\RP225\A0053124.exe
5/25/2011 4:43:03 PM Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{FAB6C456-C63C-4EC5-A589-223274348EB7}\RP225\A0053122.exe
5/25/2011 4:42:50 PM Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{FAB6C456-C63C-4EC5-A589-223274348EB7}\RP225\A0053123.exe
5/25/2011 4:42:30 PM Detected: not-a-virus:FraudTool.Win32.Antivirus2010.aw C:\System Volume Information\_restore{FAB6C456-C63C-4EC5-A589-223274348EB7}\RP225\A0053124.exe
5/25/2011 4:42:27 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{FAB6C456-C63C-4EC5-A589-223274348EB7}\RP225\A0053122.exe
5/25/2011 4:41:58 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\System Volume Information\_restore{FAB6C456-C63C-4EC5-A589-223274348EB7}\RP225\A0053123.exe
5/25/2011 4:22:38 PM Task started
5/25/2011 4:17:23 PM Task stopped
5/25/2011 4:17:22 PM Processing error C:\Documents and Settings\David A. Quelle\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe/data0016.res Read error
5/25/2011 4:16:19 PM Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\8DC8467972494A2FA46A9106F7003291\JiSkype.exe
5/25/2011 4:16:18 PM Deleted: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\8DC8467972494A2FA46A9106F7003291\BOTSetupBeta.exe
5/25/2011 4:14:16 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\8DC8467972494A2FA46A9106F7003291\JiSkype.exe
5/25/2011 4:13:57 PM Detected: not-a-virus:FraudTool.Win32.Antivirus2010.aw C:\Documents and Settings\All Users\Application Data\585abe\IS585_2204.exe
5/25/2011 4:13:52 PM Detected: HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\8DC8467972494A2FA46A9106F7003291\BOTSetupBeta.exe
5/25/2011 4:07:22 PM Task started
Disinfect active threats: completed 1 hour ago (events: 4, objects: 2476, time: 00:02:36)
5/25/2011 4:19:54 PM Task completed
5/25/2011 4:17:35 PM Deleted: not-a-virus:FraudTool.Win32.Antivirus2010.aw C:\Documents and Settings\All Users\Application Data\585abe\IS585_2204.exe
5/25/2011 4:17:24 PM Detected: not-a-virus:FraudTool.Win32.Antivirus2010.aw C:\Documents and Settings\All Users\Application Data\585abe\IS585_2204.exe
5/25/2011 4:17:18 PM Task started
  • 0

#9
tcjones76

tcjones76

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts
Manual Disinfection zip file attached.

The wireless say limited or no conductivity and there is no IP address.

tcj

Attached Files


  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets now run this, the fixit tool described later can be downloaded to another computer and copied across

  • Re-run AVPTool
  • Select the Manual Disinfection tab
  • Where it states Step 3 paste in the following disinfection script and press execute

    begin
    SetAVZPMStatus(True);
    SetAVZGuardStatus(True);
    SearchRootkit(true, true);
     DelBHO('{000000DA-0786-4633-87C6-1AA7A4429EF1}');
     DeleteFile('C:\Documents and Settings\All Users\Application Data\585abe\IS585_2204.exe');
     BC_DeleteFile('C:\Documents and Settings\All Users\Application Data\585abe\IS585_2204.exe');
     DeleteFile('C:\WINDOWS\system32\thun32.dll');
     BC_DeleteFile('C:\WINDOWS\system32\thun32.dll');
     DeleteFile('C:\WINDOWS\fvprotect.exe');
     BC_DeleteFile('C:\WINDOWS\fvprotect.exe');
    BC_ImportDeletedList;
    ExecuteSysClean;
    BC_Activate;
    ExecuteRepair(14);
    RebootWindows(true);
    end.
  • Your system will reboot on completion, if it does not please do so yourself
  • On completion please run another analysis scan and attach the zip file

Posted Image

THEN

First run the fixit on this page

If that fails then try the following

  • To open a command prompt, click Start > All Programs > Accessories click command prompt
  • Copy and paste (or type) the following command in the command box box and then press ENTER:
    netsh winsock reset c:\resetlog.txt
  • Reboot the computer.
  • In next reply please post content of the file c:\resetlog.txt

  • 0

Advertisements


#11
tcjones76

tcjones76

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts
Here is the zip file. MrFixit missed the mark, command line worked and got to Google. No resetlog.txt?

Attached Files


Edited by tcjones76, 26 May 2011 - 08:12 PM.

  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you bear with me please - we have a slight forum error inasmuch as I cannot download the zip file...

Could you upload to Mediafire and post the sharing link.

Also could you now run a fresh OTL log and update me on your symptoms
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Change of plan the forum is working again :)

On completion of this OTL run could you try Combofix again please

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\thun32.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\thun.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\temp#01.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\taack.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\taack.dat
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysreq.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\ssvchost.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\ssvchost.com
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\ssurf022.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sncntr.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\Rundl1.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\regm64.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\regc64.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\psoft1.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\psof1.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\ps1.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\newsd32.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\netode.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\mwin32.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\mtr2.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\msvchost.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\mssecu.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\mssecu.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\msnbho.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\msgp.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\medup020.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\medup012.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\iTunesMusic.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\hxiwlgpm.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\hxiwlgpm.dat
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\hoproxy.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\[email protected]@@k.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\FVProtect.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\emesx.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\dpcproxy.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\bsva-egihsg52.exe
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\bdn.com
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\bdn.com
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\awtoolb.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\anticipator.dll
    [2008/10/13 21:50:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\akttzn.exe

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#14
tcjones76

tcjones76

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts
OTL log, going for Combofix


All processes killed
========== OTL ==========
File C:\WINDOWS\System32\thun32.dll not found.
C:\WINDOWS\system32\thun.dll moved successfully.
C:\WINDOWS\system32\temp#01.exe moved successfully.
C:\WINDOWS\system32\taack.exe moved successfully.
C:\WINDOWS\system32\taack.dat moved successfully.
C:\WINDOWS\system32\sysreq.exe moved successfully.
C:\WINDOWS\system32\ssvchost.exe moved successfully.
C:\WINDOWS\system32\ssvchost.com moved successfully.
C:\WINDOWS\system32\ssurf022.dll moved successfully.
C:\WINDOWS\system32\sncntr.exe moved successfully.
C:\WINDOWS\system32\Rundl1.exe moved successfully.
C:\WINDOWS\system32\regm64.dll moved successfully.
C:\WINDOWS\system32\regc64.dll moved successfully.
C:\WINDOWS\system32\psoft1.exe moved successfully.
C:\WINDOWS\system32\psof1.exe moved successfully.
C:\WINDOWS\system32\ps1.exe moved successfully.
C:\WINDOWS\system32\newsd32.exe moved successfully.
C:\WINDOWS\system32\netode.exe moved successfully.
C:\WINDOWS\system32\mwin32.exe moved successfully.
C:\WINDOWS\system32\mtr2.exe moved successfully.
C:\WINDOWS\system32\msvchost.exe moved successfully.
C:\WINDOWS\system32\mssecu.exe moved successfully.
C:\WINDOWS\mssecu.exe moved successfully.
C:\WINDOWS\system32\msnbho.dll moved successfully.
C:\WINDOWS\system32\msgp.exe moved successfully.
C:\WINDOWS\system32\medup020.dll moved successfully.
C:\WINDOWS\system32\medup012.dll moved successfully.
C:\WINDOWS\iTunesMusic.exe moved successfully.
C:\WINDOWS\system32\hxiwlgpm.exe moved successfully.
C:\WINDOWS\system32\hxiwlgpm.dat moved successfully.
C:\WINDOWS\system32\hoproxy.dll moved successfully.
C:\WINDOWS\system32\[email protected]@@k.dll moved successfully.
File C:\WINDOWS\FVProtect.exe not found.
C:\WINDOWS\system32\emesx.dll moved successfully.
C:\WINDOWS\system32\dpcproxy.exe moved successfully.
C:\WINDOWS\system32\bsva-egihsg52.exe moved successfully.
C:\WINDOWS\system32\bdn.com moved successfully.
C:\WINDOWS\bdn.com moved successfully.
C:\WINDOWS\system32\awtoolb.dll moved successfully.
C:\WINDOWS\system32\anticipator.dll moved successfully.
C:\WINDOWS\system32\akttzn.exe moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\David A. Quelle\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\David A. Quelle\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: David A. Quelle
->Temp folder emptied: 3726938 bytes
->Temporary Internet Files folder emptied: 7437415 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 10415990 bytes
->Flash cache emptied: 502 bytes

User: DAVIDA~1~QUE

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 74697 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 12920052 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 33.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: David A. Quelle
->Flash cache emptied: 0 bytes

User: DAVIDA~1~QUE

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.23.0 log created on 05272011_181000

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_610.dat not found!

Registry entries deleted on Reboot...
  • 0

#15
tcjones76

tcjones76

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts
Combofix started, installed restore point from internet fine(I have internet now!!!) and AutoScan screen loaded. I let run over night, and the PC was locked this morning. Plan C?

PC seems to be running OK, I installed chrome for browser and internet is good. No signs of trouble.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP