Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help cleaning after malware shutdown ntldr recovery [Closed]

Started by Taliesa , Jan 14 2014 04:12 PM

  • This topic is locked This topic is locked

#1
Taliesa
Posted 14 January 2014 - 04:12 PM

Taliesa

    Member

  • Member
  • PipPip
  • 29 posts
After tryng to uninstall some driver update program, my winxp laptop was unbootable for over a week. I finally got windows to load again, but my system s full of programs and browser effects that I don't want. Pages are not loadng fully and I'm frequented by popups that advise me to back up my system here or speed up my browser there, all of whch are malware, I beleve. Here's my long scan log from the Old Guy's program. Please help me get rid of all this stuff. I'm afraid to uninstall as that is what led to the crash.

OTL logfile created on: 1/14/2014 4:34:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jon Guren\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.37 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 61.64% Memory free
2.54 Gb Paging File | 2.19 Gb Available in Paging File | 85.94% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 57.20 Gb Free Space | 76.75% Space Free | Partition Type: NTFS

Computer Name: JON-0509 | User Name: Jon Guren | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/14 13:09:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jon Guren\My Documents\Downloads\OTL.exe
PRC - [2013/12/30 05:21:09 | 000,599,208 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Program Files\iSafe\iSafeTray.exe
PRC - [2013/12/30 05:21:08 | 000,777,384 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Program Files\iSafe\iSafeSvc2.exe
PRC - [2013/12/30 05:21:07 | 000,491,688 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Program Files\iSafe\iSafeSvc.exe
PRC - [2013/12/16 04:09:22 | 004,180,256 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe
PRC - [2013/12/16 04:09:22 | 002,849,056 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\UI\bin\cltmngui.exe
PRC - [2013/12/16 04:09:22 | 002,251,552 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
PRC - [2013/11/13 10:37:44 | 000,166,072 | ---- | M] (Local Weather LLC) -- C:\Documents and Settings\Jon Guren\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe
PRC - [2013/10/31 11:20:58 | 000,281,384 | ---- | M] (Ginger Software) -- C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe
PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/10/08 07:48:23 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/09/19 17:45:18 | 000,038,440 | ---- | M] (Just Develop It) -- C:\Program Files\MyPC Backup\BackupStack.exe
PRC - [2013/06/22 14:30:28 | 034,220,352 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files\DriverUpdate\DriverUpdate.exe
PRC - [2010/03/25 17:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/01/13 19:36:28 | 000,196,608 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
PRC - [2005/04/29 16:15:40 | 000,045,056 | ---- | M] () -- C:\Program Files\TouchFreeze\TouchFreeze.exe


========== Modules (No Company Name) ==========

MOD - [2013/12/30 05:21:22 | 000,185,000 | ---- | M] () -- C:\Program Files\iSafe\libpng.dll
MOD - [2013/10/10 18:47:04 | 000,688,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\0ca4eba5116d0a04855f2cae16987aa2\System.Security.ni.dll
MOD - [2013/10/10 18:46:59 | 000,978,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\1b7600e7fe5e152f21ba6d79f3c0c3b6\System.Configuration.ni.dll
MOD - [2013/10/10 18:44:00 | 012,434,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\02257c6b67db33c194fa3beccf977afb\System.Windows.Forms.ni.dll
MOD - [2013/10/09 15:41:48 | 002,933,248 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2013/10/09 15:41:39 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013/10/09 15:41:34 | 000,261,632 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2013/09/19 17:32:28 | 000,904,704 | ---- | M] () -- C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
MOD - [2013/08/15 07:36:28 | 011,816,960 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\972dcf9830a64e9802aaca3a83cae24b\System.Web.ni.dll
MOD - [2013/08/15 07:35:53 | 000,627,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b01bf82d99cca42b8140884fb833583d\System.Transactions.ni.dll
MOD - [2013/08/15 07:35:51 | 000,212,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013/08/15 07:34:54 | 000,627,712 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\9c02362e677418460c52569019a266e4\System.EnterpriseServices.ni.dll
MOD - [2013/08/15 05:47:48 | 005,462,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013/08/15 05:46:51 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll
MOD - [2013/08/15 05:45:27 | 006,616,576 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\5013900c3c0610c88059fcb8f1f4acb4\System.Data.ni.dll
MOD - [2013/08/14 22:54:55 | 007,977,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013/07/10 22:11:48 | 011,497,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2005/04/29 16:15:40 | 000,045,056 | ---- | M] () -- C:\Program Files\TouchFreeze\TouchFreeze.exe
MOD - [2005/04/29 16:15:36 | 000,045,056 | ---- | M] () -- C:\Program Files\TouchFreeze\TouchFreeze.dll
MOD - [2003/11/15 17:38:02 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/12/30 05:21:07 | 000,491,688 | ---- | M] (Elex do Brasil Participações Ltda) [Auto | Running] -- C:\Program Files\iSafe\iSafeSvc.exe -- (iSafeService)
SRV - [2013/12/29 23:15:16 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/16 04:09:22 | 002,251,552 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/10/31 11:20:58 | 000,281,384 | ---- | M] (Ginger Software) [Auto | Running] -- C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe -- (GingerUpdateService)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/10/08 07:48:23 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/09/19 17:45:18 | 000,038,440 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/09/10 21:26:44 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\TfSysMon.sys -- (TFSysMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (24859912)
DRV - [2014/01/14 12:36:54 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2013/12/30 05:21:30 | 000,054,784 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System | Running] -- C:\Program Files\iSafe\iSafeNetFilter.sys -- (iSafeNetFilter)
DRV - [2013/12/30 05:21:28 | 000,192,000 | ---- | M] (Elex do Brasil Participações Ltda) [File_System | On_Demand | Running] -- C:\Program Files\iSafe\iSafeKrnl.sys -- (iSafeKrnl)
DRV - [2012/10/30 18:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/10/30 18:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/03/27 00:16:28 | 000,012,672 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys -- (cpuz132)
DRV - [2008/10/23 00:58:36 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/10/09 14:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/02/27 11:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2005/03/04 14:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2003/11/15 17:40:34 | 000,621,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{51792311-174E-4728-B44E-7BDBFE8F5B96}: "URL" = http://websearch.ask...2A-8C8C3247B09E
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7PRFA_en
IE - HKCU\..\SearchScopes\{A57E58B6-A76B-49EE-A864-AB72755F28C5}: "URL" = http://mp3rocketsear...s={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Conduit Search"
FF - prefs.js..browser.search.selectedEngine: "Conduit Search"
FF - prefs.js..browser.startup.homepage: "http://search.condui...5711DC06&SSPV="
FF - prefs.js..extensions.enabledAddons: lgqgafutbj%40lgqgafutbj.org:2.5
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: 685aca14-a2af-4de5-b005-59f6148277d5%4082b5964b-8646-4899-a412-5f13772e62ad.com:0.93.21
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.DictionaryBoss.com/Plugin: C:\Program Files\DictionaryBossEI\Installr\a.bin\NPv4EISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\gingersoftware.com/gingerPlugin: C:\Program Files\Ginger\GingerServices\GingerServicesProxy.dll (Ginger Software)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/06 10:32:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Ginger\Mozilla\[email protected] [2013/12/29 23:59:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Ginger\Mozilla\[email protected] [2013/12/29 23:59:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/09/27 17:16:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jon Guren\Application Data\Mozilla\Extensions
[2014/01/13 15:34:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jon Guren\Application Data\Mozilla\Firefox\Profiles\07x39cu4.default\extensions
[2014/01/13 15:34:14 | 000,000,000 | ---D | M] ("KeyDownload1") -- C:\Documents and Settings\Jon Guren\Application Data\Mozilla\Firefox\Profiles\07x39cu4.default\extensions\685aca14-a2af-4de5-b005-59f6148277d5@82b5964b-8646-4899-a412-5f13772e62ad.com
[2014/01/13 15:34:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jon Guren\Application Data\Mozilla\Firefox\Profiles\07x39cu4.default\extensions\685aca14-a2af-4de5-b005-59f6148277d5@82b5964b-8646-4899-a412-5f13772e62ad.com\extensionData
[2014/01/13 15:34:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jon Guren\Application Data\Mozilla\Firefox\Profiles\07x39cu4.default\extensions\685aca14-a2af-4de5-b005-59f6148277d5@82b5964b-8646-4899-a412-5f13772e62ad.com\extensionData\plugins
[2014/01/13 15:34:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jon Guren\Application Data\Mozilla\Firefox\Profiles\07x39cu4.default\extensions\685aca14-a2af-4de5-b005-59f6148277d5@82b5964b-8646-4899-a412-5f13772e62ad.com\extensionData\userCode
[2004/08/04 07:00:00 | 000,004,804 | ---- | M] () (No name found) -- C:\Documents and Settings\Jon Guren\Application Data\Mozilla\Firefox\Profiles\07x39cu4.default\extensions\[email protected]
[2013/12/29 23:30:31 | 000,000,861 | ---- | M] () -- C:\Documents and Settings\Jon Guren\Application Data\Mozilla\Firefox\Profiles\07x39cu4.default\searchplugins\conduit-search.xml
[2013/10/11 16:57:39 | 000,003,727 | ---- | M] () -- C:\Documents and Settings\Jon Guren\Application Data\Mozilla\Firefox\Profiles\07x39cu4.default\searchplugins\safeguard-secure-search.xml
[2013/12/30 00:00:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/12/30 00:00:47 | 000,000,000 | ---D | M] ("Ginger") -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/12/30 00:00:48 | 000,000,000 | ---D | M] (Ginger - Grammar and Spell Checker) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/10/01 12:15:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/10/01 12:15:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/11/06 10:32:50 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - Extension: No name found = C:\Documents and Settings\Jon Guren\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cdbblnhlknbafhllnbgbkmlelmokbngg\1.25.4_0\crossrider
CHR - Extension: No name found = C:\Documents and Settings\Jon Guren\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cdbblnhlknbafhllnbgbkmlelmokbngg\1.25.4_0\

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\85975ee1-fe3b-4620-8061-43b0e73f36fd.exe (AVAST Software)
O4 - HKLM..\Run: [ATIModeChange] C:\windows\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DriverUpdate] C:\Program Files\DriverUpdate\DriverUpdate.exe (SlimWare Utilities, Inc.)
O4 - HKCU..\Run: [TouchFreeze] C:\Program Files\TouchFreeze\TouchFreeze.exe ()
O4 - Startup: C:\Documents and Settings\Jon Guren\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk = C:\Documents and Settings\Jon Guren\Local Settings\Application Data\WeatherAlerts\DesktopWeatherAlertsApp.exe ()
O4 - Startup: C:\Documents and Settings\Jon Guren\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O4 - Startup: C:\Documents and Settings\Jon Guren\Start Menu\Programs\Startup\Weather Alerts.lnk = C:\Documents and Settings\Jon Guren\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe (Local Weather LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKCU\..Trusted Domains: taxactonline.com ([www] https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1321220045968 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14E849DF-25B8-42DB-BC20-62CBEA3C61CB}: DhcpNameServer = 192.168.1.1 4.2.2.2
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\windows\System32\ati2evxx.dll ()
O24 - Desktop Components:AutorunsDisabled () -
O27 - HKLM IFEO\_avp32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\_avpcc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\_avpm.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\~1.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\~2.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\a.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aAvgApi.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AAWTray.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\About.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ackwin32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\adaware.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Ad-Aware.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\advxdwin.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AdwarePrj.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agent.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agentsvr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agentw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alertsvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alevir.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alogserv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AlphaAV: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AlphaAV.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AluSchedulerSvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\amon9x.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntispywarXP2009.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\anti-trojan.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Anti-Virus Professional.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\antivirus.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntiVirus_Pro.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusPlus: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusPlus.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusPro_2010.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusXP: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusXP.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\antivirusxppro2009.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ants.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\apimonitor.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aplica32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\apvxdwin.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\arr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashAvast.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashBug.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashChest.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashCnsnt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashDisp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashLogV.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashMaiSv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashPopWz.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashQuick.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashServ.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSimp2.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSimpl.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSkPcc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSkPck.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashUpd.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashWebSv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswChLic.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswRegSvr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswRunDll.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswUpdSv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atcon.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atguard.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atro55en.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atupdater.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atwatch.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\au.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aupdate.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autodown.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\auto-protect.nav80try.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autotrace.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autoupdate.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\av360.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avadmin.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avastSvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avastUI.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVCare.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avcenter.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avciman.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconfig.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconsol.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ave32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVENGINE.EXE: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcc32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgchk.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcmgr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcsrvx.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgctrl.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgdumpx.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgemc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgiproxy.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgnsx.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgnt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgrsx.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgscanx.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgserv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgserv9.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgsrmax.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgtray.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avguard.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgui.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgupd.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgwdsvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkpop.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkserv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkservice.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkwctl9.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avltmain.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avmailc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avmcdlg.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avnotify.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avnt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avp32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpcc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpdos32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpm.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avptc32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpupd.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avsched32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avshadow.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avsynmgr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avupgsvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVWEBGRD.EXE: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwin.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwin95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwinnt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwsc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupd.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupd32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupsrv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxmonitor9x.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxmonitornt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxquar.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\b.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\backweb.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bargains.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bd_professional.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdfvcl.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdfvwiz.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDInProcPatch.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdmcon.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDMsnScan.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDSurvey.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\beagle.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\belt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bidef.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bidserver.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bipcp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bipcpevalsetup.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bisp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blackd.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blackice.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blink.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blss.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bootconf.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bootwarn.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\borg2.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brasil.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brastk.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bs120.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bspatch.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bundle.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bvt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\c.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cavscan.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccapp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccevtmgr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccpxysvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccSvcHst.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cdp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfd.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfgwiz.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfiadmin.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfiaudit.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfinet.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfinet32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpconfg.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfplogvw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpupdat.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\claw95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\claw95cf.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\clean.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleaner.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleaner3.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleanIELow.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleanpc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\click.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmd32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmdagent.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmesys.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmgrdian.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmon016.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\connectionmonitor.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\control: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpd.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpf9x206.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpfnt206.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\crashrep.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\csc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssconfg.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssupdat.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssurf.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ctrl.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cwnb181.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cwntdwmo.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\d.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\datemanager.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dcomx.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defalert.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defscangui.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defwatch.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\deloeminfs.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\deputy.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\divx.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dllcache.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dllreg.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\doors.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dop.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpf.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpfsetup.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpps2.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\driverctrl.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwatson.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drweb32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwebupw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dssagent.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dvp95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dvp95_0.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ecengine.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\efpeadm.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\emsw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ent.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\esafe.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\escanhnt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\escanv95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\espwatch.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ethereal.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\etrustcipe.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\evpn.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\exantivirus-cnet.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\exe.avxw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\expert.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\explore.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fact.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-agnt95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fameh32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fast.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fch32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fih32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\findviru.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\firewall.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fixcfg.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fixfp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fnrb32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fprot.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-prot.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-prot95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fp-win.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fp-win_trial.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\frmwrk32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\frw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsaa.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav530stbyb.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav530wtbyb.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsgk32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsm32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsma32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsmb32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-stopw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gator.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gav.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbmenu.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbn976rl.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbpoll.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\generics.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gmt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guard.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guarddog.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guardgui.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hacktracersetup.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hbinst.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hbsrv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\History.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\homeav2010.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hotactio.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hotpatch.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\htlog.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\htpatch.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hwpe.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hxdl.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hxiul.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamapp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamserv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamstats.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ibmasn.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ibmavsp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icload95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icloadnt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icmon.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icsupp95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icsuppnt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Identity.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\idle.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iedll.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iedriver.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\IEShow.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iface.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ifw2000.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\inetlnfo.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\infus.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\infwin.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\init.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\init32.exe : Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[1].exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[2].exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[3].exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[4].exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[5].exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\intdel.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\intren.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iomon98.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\istsvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jammer.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jdbgmrg.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jedi.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\JsRcGen.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavlite40eng.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavpers40eng.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavpf.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kazza.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\keenvalue.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-pf-213-en-win.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-wrl-421-en-win.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-wrp-421-en-win.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\killprocesssetup161.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldnetmon.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldpro.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldpromenu.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldscan.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\licmgr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lnetinfo.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\loader.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\localnet.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lockdown.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lockdown2000.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lookout.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lordpe.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lsetup.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luall.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luau.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lucomserver.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luinit.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luspt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MalwareRemoval.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mapisvc32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mbam.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mbamgui.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mbamservice.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcagent.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcmnhdlr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcmpeng.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcmscsvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcnasvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcproxy.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\McSACore.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcshell.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcshield.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcsysmon.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mctool.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcupdate.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcvsrte.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcvsshld.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\md.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfin32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfw2en.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfweng3.02d30.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgavrtcl.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgavrte.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mghtml.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgui.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\minilog.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mmod.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\monitor.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\moolive.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mostat.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpfagent.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpfservice.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MPFSrv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpftray.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mrflux.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mrt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msa.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msapp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MSASCui.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msbb.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msblast.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mscache.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msccn32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mscman.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msconfig: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msdm.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msdos.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msiexec16.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mslaugh.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msmgt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msmsgri32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msseces.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mssmmc32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mssys.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msvxd.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mu0311ad.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mwatch.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\n32scanw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nav.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navap.navapsvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navapsvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navapw32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navdx.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navlu32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navnt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navstub.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navw32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navwnt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nc2000.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ncinst4.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ndd32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\neomonitor.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\neowatchlog.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netarmor.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netd32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netinfo.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netmon.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netscanpro.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netspyhunter-1.2.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netutils.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nisserv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nisum.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nmain.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nod32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\normist.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\norton_internet_secu_3.0_407.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\notstart.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npf40_tw_98_nt_me_2k.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npfmessenger.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nprotect.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npscheck.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npssvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nsched32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nssys32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nstask32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nsupdate.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntrtscan.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntvdm.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntxconfig.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nui.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nupgrade.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvarch16.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvc95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvsvc32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwinst4.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwservice.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwtool16.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAcat.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAhlp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAReg.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oasrv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oaui.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oaview.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ODSW.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ollydbg.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\onsrvr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\optimize.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ostronet.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\otfix.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpost.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpostinstall.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpostproinstall.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ozn695m5.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\padmin.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\panixk.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\patch.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pav.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavcl.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PavFnSvr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavproxy.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavprsrv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavsched.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavsrv51.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PC_Antispyware2010.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pccwin98.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcfwallicon.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcip10117_0.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcscan.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsAuxs.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsGui.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsSvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsTray.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pdfndr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pdsetup.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PerAvir.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\periscope.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\persfw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\personalguard: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\personalguard.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\perswf.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pf2.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pfwadmin.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pgmonitr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pingscan.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\platin.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pop3trap.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\poproxy.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\popscan.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\portdetective.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\portmonitor.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\powerscan.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ppinupdt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pptbc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ppvstop.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prizesurfer.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prmt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prmvr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\procdump.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\processmonitor.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\procexplorerv1.0.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\programauditor.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\proport.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\protector.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectx.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANCU.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANHost.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANToManager.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PsCtrls.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PsImSvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PskSvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pspf.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSUNMain.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\purge.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qconsole.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qh.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qserver.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Quick Heal.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\QuickHealCleaner.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rapapp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav7.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav7win.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav8win32eng.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ray.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rb32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rcsync.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\realmon.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\reged.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\regedt32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rescue.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rescue32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rrguard.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rscdwld.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rshell.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rtvscan.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rtvscn95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rulaunch.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rwg: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rwg.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SafetyKeeper.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\safeweb.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sahagent.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Save.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SaveArmor.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SaveDefense.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SaveKeep.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\savenow.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sbserv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scam32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scanpm.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scrscan.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Secure Veteran.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\secureveteran.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Security Center.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SecurityFighter.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\securitysoldier.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\serv95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setloadorder.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setup_flowprotector_us.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setupvameeval.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sgssfw32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sh.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shellspyinstall.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shield.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shn.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\showbehind.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\signcheck.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smart.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smartprotector.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smrtdefp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sms.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smss32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\snetcfg.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\soap.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sofi.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SoftSafeness.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sperm.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spf.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sphinx.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoler.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoolcv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoolsv32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spywarexpguard.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spyxx.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\srexe.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\srng.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ss3edit.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ssg_4104.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ssgrate.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\st2.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\start.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\stcloader.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\supftrl.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\support.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\supporter5.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svchostc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svchosts.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svshost.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweep95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symlcsvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symproxysvc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symtray.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\system.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\system32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sysupd.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tapinstall.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\taumon.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tbscan.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tca.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tcm.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds2-98.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds2-nt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds-3.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\teekids.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tfak.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tfak5.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tgbob.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\titanin.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\titaninxp.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\TPSrv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trickler.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trjscan.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trjsetup.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trojantrap3.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\TrustWarrior.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tsadbot.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tsc.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tvmd.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tvtmd.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\undoboot.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\updat.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\upgrad.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\utpost.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbcmserv.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbcons.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbust.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbwin9x.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbwinntw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vcsetup.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vet32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vet95.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vettray.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vfsetup.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vir-help.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\virusmdpersonalfirewall.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthAux.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthLic.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthUpd.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vnlan300.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vnpc3000.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpc32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpc42.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpfw30s.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vptray.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vscan40.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vscenu6.02d30.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsched.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsecomr.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vshwin32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsisetup.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsmain.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsmon.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsstat.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswin9xe.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswinntse.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswinperse.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\w32dsm89.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\W3asbas.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\w9x.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\watchdog.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webdav.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\WebProxy.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webscanx.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webtrap.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wfindv32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\whoswatchingme.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wimmun32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win32us.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winactive.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winav.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win-bugsfix.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windll32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\window.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windows Police Pro.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windows.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wininetd.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wininitx.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winlogin.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winmain.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winppr32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winrecon.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winservn.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winssk32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winstart.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winstart001.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wintsk32.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winupdate.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wkufind.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wnad.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wnt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wradmin.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wrctrl.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wsbgate.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxas.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxav.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxfw.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wsctool.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wupdater.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wupdt.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wyvernworksfirewall.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xp_antispyware.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xpdeluxe.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xpf202en.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapro.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapsetup3001.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zatutor.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonalm2601.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonealarm.exe: Debugger - C:\windows\System32\svchost.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e2380284-ae5f-11e0-bb89-00023f226625}\Shell - "" = AutoRun
O33 - MountPoints2\{e2380284-ae5f-11e0-bb89-00023f226625}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e2380284-ae5f-11e0-bb89-00023f226625}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/14 12:37:00 | 000,000,000 | ---D | C] -- C:\windows\LastGood
[2013/12/30 00:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon Guren\AppData
[2013/12/30 00:02:19 | 000,000,000 | ---D | C] -- C:\Program Files\Setup Support for Consumer Input
[2013/12/30 00:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon Guren\Application Data\Acapela Group
[2013/12/30 00:00:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon Guren\My Documents\Add-in Express
[2013/12/29 23:59:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ginger
[2013/12/29 23:58:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon Guren\Local Settings\Application Data\KeyDownload1
[2013/12/29 23:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Ginger
[2013/12/29 23:55:28 | 000,000,000 | ---D | C] -- C:\Program Files\KeyDownload1
[2013/12/29 23:54:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon Guren\Local Settings\Application Data\Local_Weather_LLC
[2013/12/29 23:54:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon Guren\Start Menu\Programs\Weather Alerts
[2013/12/29 23:54:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon Guren\Start Menu\Programs\Video Downloader
[2013/12/29 23:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon Guren\Local Settings\Application Data\WeatherAlerts
[2013/12/29 23:44:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon Guren\My Documents\Optimizer Pro
[2013/12/29 23:37:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon Guren\Start Menu\Programs\MyPC Backup
[2013/12/29 23:37:25 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2013/12/29 23:32:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ZalmanInstaller_VideoDownloader
[2013/12/29 23:32:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\YAC
[2013/12/29 23:32:00 | 000,000,000 | ---D | C] -- C:\Program Files\iSafe
[2013/12/29 23:31:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon Guren\Application Data\iSafe
[2013/12/29 23:29:15 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect
[2013/12/29 23:29:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon Guren\Local Settings\Application Data\SearchProtect
[2013/12/29 23:28:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Video Downloader
[2013/12/29 23:28:19 | 000,000,000 | ---D | C] -- C:\Program Files\Video Downloader
[2013/07/13 11:33:30 | 000,637,248 | ---- | C] (SlimWare Utilities, Inc.) -- C:\Program Files\DriverUpdate-setup.exe
[2012/09/10 09:16:28 | 000,649,864 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\All Users\autoruns.exe
[2012/09/10 09:16:28 | 000,567,944 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\All Users\autorunsc.exe
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/14 16:49:10 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/01/14 16:08:00 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/14 12:45:31 | 000,000,384 | -H-- | M] () -- C:\windows\tasks\Microsoft Antimalware Scheduled Scan.job
[2014/01/14 12:38:42 | 000,445,270 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2014/01/14 12:38:42 | 000,072,874 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2014/01/14 12:37:21 | 000,000,370 | -H-- | M] () -- C:\windows\tasks\avast! Emergency Update.job
[2014/01/14 12:36:54 | 000,013,464 | ---- | M] () -- C:\windows\System32\drivers\SWDUMon.sys
[2014/01/14 12:36:18 | 000,001,964 | ---- | M] () -- C:\windows\tasks\KeyDownload1-chromeinstaller.job
[2014/01/14 12:36:05 | 000,001,232 | ---- | M] () -- C:\windows\tasks\KeyDownload1-codedownloader.job
[2014/01/14 12:36:05 | 000,001,132 | ---- | M] () -- C:\windows\tasks\KeyDownload1-enabler.job
[2014/01/14 12:36:04 | 000,002,032 | ---- | M] () -- C:\windows\tasks\KeyDownload1-firefoxinstaller.job
[2014/01/14 12:36:03 | 000,001,330 | ---- | M] () -- C:\windows\tasks\KeyDownload1-updater.job
[2014/01/14 12:35:46 | 000,013,646 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2014/01/14 12:33:40 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2014/01/14 12:33:38 | 1475,399,680 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/13 13:58:51 | 000,000,461 | ---- | M] () -- C:\Shortcut to My Documents.lnk
[2014/01/13 13:03:22 | 000,265,416 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/12/29 23:59:48 | 000,002,156 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ginger.lnk
[2013/12/29 23:54:19 | 000,000,748 | ---- | M] () -- C:\Documents and Settings\Jon Guren\Start Menu\Programs\Startup\MyPC Backup.lnk
[2013/12/29 23:54:16 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\Jon Guren\Desktop\MyPC Backup.lnk
[2013/12/29 23:54:15 | 000,000,778 | ---- | M] () -- C:\Documents and Settings\Jon Guren\Desktop\Video Downloader.lnk
[2013/12/29 23:54:14 | 000,001,173 | ---- | M] () -- C:\Documents and Settings\Jon Guren\Start Menu\Programs\Startup\Weather Alerts.lnk
[2013/12/29 23:52:46 | 000,001,205 | ---- | M] () -- C:\Documents and Settings\Jon Guren\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk
[2013/12/29 23:32:34 | 000,001,455 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\YAC.lnk
[2013/12/29 23:32:32 | 000,001,473 | ---- | M] () -- C:\Documents and Settings\Jon Guren\Application Data\Microsoft\Internet Explorer\Quick Launch\YAC.lnk
[2013/12/29 23:28:39 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Video Downloader.lnk
[2013/12/29 23:15:15 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013/12/29 23:15:14 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2013/12/29 21:29:16 | 000,001,324 | ---- | M] () -- C:\windows\System32\d3d9caps.dat
[2013/12/17 00:59:38 | 000,001,393 | ---- | M] () -- C:\windows\imsins.BAK
[2013/12/16 12:43:26 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/13 13:58:51 | 000,000,461 | ---- | C] () -- C:\Shortcut to My Documents.lnk
[2013/12/30 14:25:05 | 000,047,580 | ---- | C] () -- C:\windows\ntdetect.com
[2013/12/30 14:25:05 | 000,047,580 | ---- | C] () -- C:\ntdetect.com
[2013/12/30 14:24:56 | 000,235,824 | ---- | C] () -- C:\windows\ntldr
[2013/12/30 14:24:56 | 000,235,824 | ---- | C] () -- C:\ntldr
[2013/12/30 00:21:03 | 000,001,330 | ---- | C] () -- C:\windows\tasks\KeyDownload1-updater.job
[2013/12/29 23:59:48 | 000,002,156 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ginger.lnk
[2013/12/29 23:58:53 | 000,001,132 | ---- | C] () -- C:\windows\tasks\KeyDownload1-enabler.job
[2013/12/29 23:58:31 | 000,001,232 | ---- | C] () -- C:\windows\tasks\KeyDownload1-codedownloader.job
[2013/12/29 23:56:28 | 000,002,032 | ---- | C] () -- C:\windows\tasks\KeyDownload1-firefoxinstaller.job
[2013/12/29 23:55:51 | 000,001,964 | ---- | C] () -- C:\windows\tasks\KeyDownload1-chromeinstaller.job
[2013/12/29 23:54:15 | 000,000,778 | ---- | C] () -- C:\Documents and Settings\Jon Guren\Desktop\Video Downloader.lnk
[2013/12/29 23:54:14 | 000,001,173 | ---- | C] () -- C:\Documents and Settings\Jon Guren\Start Menu\Programs\Startup\Weather Alerts.lnk
[2013/12/29 23:54:14 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Jon Guren\Start Menu\Programs\Video Downloader.lnk
[2013/12/29 23:52:46 | 000,001,205 | ---- | C] () -- C:\Documents and Settings\Jon Guren\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk
[2013/12/29 23:37:46 | 000,000,748 | ---- | C] () -- C:\Documents and Settings\Jon Guren\Start Menu\Programs\Startup\MyPC Backup.lnk
[2013/12/29 23:37:45 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\Jon Guren\Desktop\MyPC Backup.lnk
[2013/12/29 23:32:34 | 000,001,455 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\YAC.lnk
[2013/12/29 23:32:31 | 000,001,473 | ---- | C] () -- C:\Documents and Settings\Jon Guren\Application Data\Microsoft\Internet Explorer\Quick Launch\YAC.lnk
[2013/12/29 23:28:39 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Video Downloader.lnk
[2013/12/29 23:15:17 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/12/16 16:57:05 | 000,000,384 | -H-- | C] () -- C:\windows\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/07/13 11:41:20 | 000,013,464 | ---- | C] () -- C:\windows\System32\drivers\SWDUMon.sys
[2013/02/25 16:14:54 | 000,000,045 | ---- | C] () -- C:\windows\10-key.ini
[2013/01/23 12:56:56 | 000,000,133 | ---- | C] () -- C:\windows\TaxACT12.ini
[2012/11/05 22:21:36 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Jon Guren\Local Settings\Application Data\housecall.guid.cache
[2012/05/11 14:42:27 | 133,615,528 | ---- | C] () -- C:\Program Files\setup_11.0.0.1245.x01_2012_05_04_11_39.exe
[2012/05/10 16:11:46 | 000,000,546 | ---- | C] () -- C:\Documents and Settings\Jon Guren\Application Data\result.db
[2012/02/28 14:01:24 | 000,000,061 | ---- | C] () -- C:\windows\TaxACT11.ini
[2012/02/28 09:34:37 | 000,003,072 | ---- | C] () -- C:\windows\System32\iacenc.dll
[2011/11/05 13:52:32 | 000,049,648 | ---- | C] () -- C:\Documents and Settings\All Users\autoruns.chm

========== ZeroAccess Check ==========

[2009/05/12 10:47:03 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 04:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

Attached Files

  • Attached File  OTL.Txt   216.94KB   97 downloads

  • 0

Advertisements

#2
zep516
Posted 14 January 2014 - 06:03 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hi! My name is zep516 and Welcome to geekstogo]
I'll do the best I can to resolve your computer issue
Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue. Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

First

You ran OTL on the first time you ran it OTL creates 2 log reports. The one I need is called Extras .txt do you have that log? If so post it, If not I would like you to re-run OTL once more so we can re create the log, before you run the scan I need you to do this--> under the Extra Registry section please put a check mark in "All" then hit Runscan, when OTL is done scanning 2 logs will be generated, the first log will pop up in front of you, the second log will be minimized to the task bar down by the clock area, called Extras .txt please post that log Extras.txt.

Next

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click AdwCleaner.exe to run the tool.
    Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
  • Click the Scan button.
  • AdwCleaner will begin. Be patient as the scan may take some time to complete.
  • After the scan has finished, click the Report button. A logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, please let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.


Next

Download Security Check by screen317 from Here or Here
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


In your next reply please post.
  • Extras .txt
  • AdwCleaner[R0].txt
  • checkup.txt

Edited by zep516, 14 January 2014 - 06:05 PM.

  • 0

#3
Taliesa
Posted 14 January 2014 - 06:48 PM

Taliesa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Can't get adware cleaner to download. Here are other 2 files

Attached Files


  • 0

#4
zep516
Posted 14 January 2014 - 06:58 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
OK,

Thanks for that you have a lot of add ware, so be paient, I need time to make a fix for you, but will not be till Tomorrow.

Don't do anything to the computer, no more scanners, don't try to fix anything.

You have signs of 2 Anti Virus programs running.

  • Avast
  • Microsoft Security Essentials.

The real-time protection of two antivirus programs may conflict with each other and cause the following:

* False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
* Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.
* Performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.
* Less protection: Two antivirus trying to scan the same file may interfere with the process and allow a malicious file onto the computer without notice to you.


Tell me the one you want to keep, then I'll help you uninstall the other one.

Thanks
Joe :)

Edited by zep516, 14 January 2014 - 06:59 PM.

  • 0

#5
Taliesa
Posted 14 January 2014 - 07:20 PM

Taliesa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Which do you think is better? I have been happy with Avast in the past, and think microsoft might stop updating for winxp
  • 0

#6
zep516
Posted 14 January 2014 - 07:41 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hi Taliesa,

Lets keep Avast.

Next

Lets remove "Microsoft Security Essentials" from the add / remove programs list, and a few others that are add/ware related.

Remove These programs.
==> Click > Start > Control Panel > Add / Remove. Look for the programs below and remove them.
  • MyPC Backup
  • Search Protect
  • Registry Repair 4.1.0.388------> These programs cause more harm then good!!!!
  • Microsoft Security Essentials

Let me know when you're done with that, that's all we will do today. See if you can get adwCleaner to run and do a scan, if not don't worry.

Edited by zep516, 14 January 2014 - 07:41 PM.

  • 0

#7
Taliesa
Posted 15 January 2014 - 03:34 PM

Taliesa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Oh Help, help!
I used add/remove to remove the programs you mentioned. I rebooted after removing micro security essentials and the mypcbackup thing, but when I rebooted after taking out registry repair and searchhelp, the system went back to the black screen and the message ntldr is missing
  • 0

#8
zep516
Posted 15 January 2014 - 04:11 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hi Taliesa

went back to the black screen and the message ntldr is missing


How long has this problem been occurring ? How did you overcome this problem before?

What is the make an model of the computer? Do you have operating disks for the computer, Like an xp disk.

Have you ever heard noises from the computer or Hard disk?

Please answer all my questions

Thanks
Joe :)
  • 0

#9
Taliesa
Posted 15 January 2014 - 08:54 PM

Taliesa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
The problem started Dec 30, when I tried to uninstall (ad/remove programs) something that might have been called driver update. After the uninstall, my internet explorer kept openin to the driver program's web page, over and over. i shut down and the next day, I couldn't boot. i just got the black screen with the hp logo and another screen that says ntldr is missing. I don't have any installation disks for this laptop, but I went to a site called kioska and dl'd an xp rescue disk. I followed all the instructions, and I could see the system loading, but at the end it said "can't find serial number", well it was in French, but it was something like that, and then it shut itself down. Then I ordered a rescue disk for xp from repairos, but that wouldn't load past the table of contents. then i dl'd an avg rescue disk from you geeks, but it wouldn't load past the directory. Finally, I reset the list at F8 to safe mode with dos, restarted with the memory stick (Copy of ntldr and ntdetect.com) and the original disk from kioska. I stopped after returning the drive to c and turned the machine off and then on. the system loaded, and I ran hijack this until I could get online to start a thread with you. As for noises, I hear the regular whirring and some clicking, which mostly stops when the system stops loading. there's nothing unusual in the sounds.


Operating System System Model
Windows XP Home Edition Service Pack 3 (build 2600)
Install Language: English (United States)
System Locale: English (United States) Hewlett-Packard Pavilion zv5000 (DZ329U#ABA) F.12
System Serial Number: CND4190Z0F
Enclosure Type: Notebook
Processor a Main Circuit Board b
2.80 gigahertz Intel Celeron
8 kilobyte primary memory cache
128 kilobyte secondary memory cache
Not hyper-threaded Board: Hewlett-Packard 089C 31.31
Serial Number: CND4190Z0FABCDEF
BIOS: Hewlett-Packard F.12 02/16/2004
  • 0

#10
zep516
Posted 15 January 2014 - 09:54 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hi Taliesa,

some clicking, which mostly stops


Clicking Hard drives can be the sign of a failing drive. That's what the NTLDR Error is most likely. Plus the machine looks extremely infected, so there's a few things going on here, and you have made considerable changes, manipulations, using rescue disks etc.

Do you have any personal data left like pictures or is that all gone now?

Can you get the machine to boot to windows, or are you now getting NTLDR missing every time?

Thanks
Joe :)

Edited by zep516, 15 January 2014 - 09:54 PM.

  • 0

#11
Taliesa
Posted 15 January 2014 - 10:00 PM

Taliesa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
The clicking seems mostly to be related to the cdrom disks. I know there is a lot of malware on there--it installed itself when I tried to do a download, then took me out when I tried to uninstall. I can't boot to anything at the moment--even the directories on the disks are not coming up this time. Even F8 won't come up. I can get to the bios and change the boot order. that is about all.

When I got it to boot a couple of days ago, I quickly transferred my most important files to a memory stick, but I will still lose a lot if the drive is toast. When I had it up, it seemed to be quite functional, except for all the malware that kept popping up.
  • 0

#12
zep516
Posted 15 January 2014 - 10:14 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hi Taliesa,

I'll review the situation with my Instructor and get back to you. It appears you have a good working computer and a flash drive, we may need and use those to help the infected computer.

I'll get back to you as soon as possible with a course of action.

Thanks
Joe :)
  • 0

#13
Taliesa
Posted 15 January 2014 - 10:17 PM

Taliesa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
yes, i do have those things at my disposal. the laptop is my main working tool, though, and has a lot of photos i wasn't able to put on the flash drive.

thanks for your help
T.
  • 0

#14
zep516
Posted 16 January 2014 - 04:20 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hi Taliesa.

Could you follow the instructions below please:

Reboot into Safe Mode:

How to boot into Safe Mode:

Restart your computer and as soon as it starts booting up again continuously tap the F8 key. A menu should come up where you will be given the option to enter Safe Mode, do so.

If any problems refer to this tutorial.

Next:

In Safe Mode when the Windows Advanced Options menu appears use the Arrow(On the number pad part of the keyboard)keys to select Last Known Good Configuration (your most recent settings that worked), and then press the Enter/Return key.

Let me know how this goes for you.

Thanks
Joe
  • 0

#15
Dakeyras
Posted 21 January 2014 - 04:25 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP