Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AV Security Essentials - Malware?


  • This topic is locked This topic is locked
27 replies to this topic

#1 pleasehelp2012

pleasehelp2012

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 04 February 2012 - 04:56 PM

Hello

I was hoping a kind person could help me out with the following:

I was surfing the internet yesterday when a pop-up window appeared stating a scan of my PC was being undertaken. We use the free version of AVG Anti-Virus 2012 on our PC, so I closed the pop-up as it appeared to come from a rogue website. However upon closing the window another pop-up appeared from a program called 'AV Security Essentials' which stated that our PC had been infected with several Trojan viruses. This rogue program 'AV Security Essentials' appears to have installed itself on our desktop and Start menu. The pop-up asks for the user to give their payment details and upgrade their software in order to repair the viruses, so naturally I was suspicious! The internet connection appeared to go down temporarily as well.

I did a normal AVG scan of our PC and this found a couple of Trojan objects which I followed the instructions to quarantine/remove. I also did the following:

- Downloaded and ran 'rkill'. I have attached the log file to this post.

- Downloaded and ran 'Malwarebytes Anti-Malware' and did a full PC scan. The log file is again attached to this post. This found over 700 registry key objects with the words 'Security Hijack' in them.

- Downloaded and ran 'Super AntiSpyware' and did a full PC scan. The log file is again attached to this post. This found 6 browser hijacker internet threats.

I then rebooted the PC and the 'AV Security Essentials' program is still on the desktop and still continues to bring up a pop-up stating there are Trojans on the system. The only way I can remove the pop-up is to run 'rkill' but then it comes back whenever the PC is rebooted or shut down.

In addition I have noticed that while on Google and I click on a search result I am occasionally redirected to a different site. When this happens 'Malwarebytes Anti-Malware' comes up with a message saying it has 'blocked access to website with IP 77.794.498 outgoing'. Google also directs me to the .com version of its website (I am from the UK) and my location is incorrect on its website.

I have run DDS and attach the 2 log files from that scan. I was also in the middle of scanning using GMER, but three hours in the PC went to a blue screen saying it had a hardware problem and I had to reboot, so I have failed to complete this scan.

If anyone could provide any assistance I would be most grateful.

Thank you in advance.

Attached Files

  • Attached File  rkill.log   512bytes   0 downloads
  • Attached File  dds.txt   17.74KB   3 downloads


BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:46 PM

Posted 04 February 2012 - 06:56 PM

Hi,

Please do the following:


Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 pleasehelp2012

pleasehelp2012
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 05 February 2012 - 06:38 AM

Hi CatByte

Thank you for your reply. Please find attached the two files as requested.

Thank you in advance

Attached Files



#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:46 PM

Posted 05 February 2012 - 09:15 AM

Hi,

Please do the following:

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

  • Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 pleasehelp2012

pleasehelp2012
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 05 February 2012 - 09:56 AM

Hi CatByte

Thanks for your reply.

I downloaded ComboFix and attempted to run it.

Whilst running the program my open Firefox browser closed. Then nothing happened - I did not have any further messages appear regarding Microsoft Windows Recovery Console or doing a scan.

Do you have any ideas?

Thank you

#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:46 PM

Posted 05 February 2012 - 10:10 AM

yes,

the malware is shutting it down, let's give this a try and if it fails, we'll move on to something else


please delete the copy of ComboFix that you have on your desktop and download a fresh copy but rename it to svchost before saving it, now boot into safe mode to run it:

To Enter Safemode
  • Go to Start> Shut off your Computer> Restart
  • As the computer starts to boot-up, Tap the F8 KEY repeatedly,
  • this will bring up a menu.
  • Use the Up and Down Arrow Keys to scroll up to Safemode
  • Then press the Enter Key on your Keyboard
  • go into your usual account

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#7 pleasehelp2012

pleasehelp2012
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 05 February 2012 - 10:41 AM

Hi CatByte

Thanks for your reply.

I followed your instructions and the program appeared to be running but then came up with a warning to say 2 virus programs had not been de-activated - AVG 2012 & AV Security Essentials. I can't access AVG 2012 since the AV Security Essentials program installed itself. It says there are restriction rights when I try to open AVG 2012 on my desktop and the AVG icon is also gone in my system tray.

When I rebooted the PC to come back from safe mode I also found the renamed file 'svchost' has now been changed back to 'ComboFix' on my desktop.

So no joy sorry to report.

#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:46 PM

Posted 05 February 2012 - 10:49 AM

Please run the following:

Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
    • Only if Malicious objects are found then ensure Cure is selected
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)


NEXT



Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    %systemroot%\*. /s /r
    /md5stop
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 pleasehelp2012

pleasehelp2012
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 05 February 2012 - 11:41 AM

Hi CatByte

Here are the logs as requested:

TDSSKiller

15:54:27.0109 2152 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49
15:54:27.0578 2152 ============================================================
15:54:27.0578 2152 Current date / time: 2012/02/05 15:54:27.0578
15:54:27.0578 2152 SystemInfo:
15:54:27.0578 2152
15:54:27.0578 2152 OS Version: 5.1.2600 ServicePack: 3.0
15:54:27.0578 2152 Product type: Workstation
15:54:27.0578 2152 ComputerName: ROSSITER
15:54:27.0578 2152 UserName: D Rossiter
15:54:27.0578 2152 Windows directory: C:\WINDOWS
15:54:27.0578 2152 System windows directory: C:\WINDOWS
15:54:27.0578 2152 Processor architecture: Intel x86
15:54:27.0578 2152 Number of processors: 2
15:54:27.0578 2152 Page size: 0x1000
15:54:27.0578 2152 Boot type: Normal boot
15:54:27.0578 2152 ============================================================
15:54:32.0031 2152 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:54:32.0078 2152 \Device\Harddisk0\DR0:
15:54:32.0078 2152 MBR used
15:54:32.0078 2152 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F608, BlocksNum 0x123E436C
15:54:32.0156 2152 Initialize success
15:54:32.0156 2152 ============================================================
15:54:46.0421 2256 ============================================================
15:54:46.0421 2256 Scan started
15:54:46.0421 2256 Mode: Manual; TDLFS;
15:54:46.0421 2256 ============================================================
15:54:46.0703 2256 Abiosdsk - ok
15:54:46.0781 2256 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
15:54:46.0781 2256 abp480n5 - ok
15:54:46.0875 2256 ACPI (d8fb7d1c3f5bfa3f53fe9cc6367e9e99) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:54:46.0875 2256 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: d8fb7d1c3f5bfa3f53fe9cc6367e9e99, Fake md5: 8fd99680a539792a30e97944fdaecf17
15:54:46.0875 2256 ACPI ( Virus.Win32.Rloader.a ) - infected
15:54:46.0875 2256 ACPI - detected Virus.Win32.Rloader.a (0)
15:54:46.0906 2256 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:54:46.0906 2256 ACPIEC - ok
15:54:46.0984 2256 ADILOADER (2b3b8c0a2c979dd77ba6dc9376074854) C:\WINDOWS\system32\Drivers\adildr.sys
15:54:47.0015 2256 ADILOADER - ok
15:54:47.0078 2256 adiusbaw (d478c566318803a7063b120f026dc0b7) C:\WINDOWS\system32\DRIVERS\adiusbaw.sys
15:54:47.0093 2256 adiusbaw - ok
15:54:47.0156 2256 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
15:54:47.0156 2256 adpu160m - ok
15:54:47.0234 2256 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:54:47.0234 2256 aec - ok
15:54:47.0296 2256 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:54:47.0312 2256 AFD - ok
15:54:47.0375 2256 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
15:54:47.0375 2256 agp440 - ok
15:54:47.0453 2256 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
15:54:47.0453 2256 agpCPQ - ok
15:54:47.0515 2256 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
15:54:47.0515 2256 Aha154x - ok
15:54:47.0593 2256 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
15:54:47.0593 2256 aic78u2 - ok
15:54:47.0656 2256 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
15:54:47.0671 2256 aic78xx - ok
15:54:47.0734 2256 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
15:54:47.0734 2256 AliIde - ok
15:54:47.0812 2256 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
15:54:47.0812 2256 alim1541 - ok
15:54:47.0890 2256 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
15:54:47.0890 2256 amdagp - ok
15:54:47.0968 2256 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
15:54:47.0968 2256 amsint - ok
15:54:48.0046 2256 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
15:54:48.0046 2256 asc - ok
15:54:48.0109 2256 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
15:54:48.0125 2256 asc3350p - ok
15:54:48.0187 2256 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
15:54:48.0187 2256 asc3550 - ok
15:54:48.0296 2256 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:54:48.0296 2256 AsyncMac - ok
15:54:48.0359 2256 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:54:48.0359 2256 atapi - ok
15:54:48.0390 2256 Atdisk - ok
15:54:48.0484 2256 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:54:48.0531 2256 ati2mtag - ok
15:54:48.0593 2256 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:54:48.0593 2256 Atmarpc - ok
15:54:48.0656 2256 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:54:48.0656 2256 audstub - ok
15:54:48.0718 2256 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
15:54:48.0718 2256 AVGIDSDriver - ok
15:54:48.0765 2256 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
15:54:48.0765 2256 AVGIDSEH - ok
15:54:48.0843 2256 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
15:54:48.0843 2256 AVGIDSFilter - ok
15:54:48.0890 2256 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
15:54:48.0921 2256 AVGIDSShim - ok
15:54:48.0984 2256 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
15:54:49.0000 2256 Avgldx86 - ok
15:54:49.0031 2256 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
15:54:49.0031 2256 Avgmfx86 - ok
15:54:49.0078 2256 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
15:54:49.0078 2256 Avgrkx86 - ok
15:54:49.0140 2256 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
15:54:49.0140 2256 Avgtdix - ok
15:54:49.0203 2256 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:54:49.0203 2256 Beep - ok
15:54:49.0234 2256 bvrp_pci - ok
15:54:49.0296 2256 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
15:54:49.0296 2256 cbidf - ok
15:54:49.0359 2256 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:54:49.0359 2256 cbidf2k - ok
15:54:49.0421 2256 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
15:54:49.0421 2256 cd20xrnt - ok
15:54:49.0468 2256 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:54:49.0468 2256 Cdaudio - ok
15:54:49.0531 2256 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:54:49.0546 2256 Cdfs - ok
15:54:49.0640 2256 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:54:49.0671 2256 Cdrom - ok
15:54:49.0718 2256 Changer - ok
15:54:49.0765 2256 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
15:54:49.0781 2256 CmdIde - ok
15:54:49.0843 2256 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
15:54:49.0859 2256 Cpqarray - ok
15:54:49.0921 2256 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
15:54:49.0937 2256 dac2w2k - ok
15:54:49.0984 2256 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
15:54:50.0000 2256 dac960nt - ok
15:54:50.0093 2256 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:54:50.0093 2256 Disk - ok
15:54:50.0187 2256 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
15:54:50.0203 2256 dmboot - ok
15:54:50.0281 2256 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
15:54:50.0281 2256 dmio - ok
15:54:50.0343 2256 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:54:50.0343 2256 dmload - ok
15:54:50.0406 2256 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:54:50.0406 2256 DMusic - ok
15:54:50.0484 2256 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
15:54:50.0484 2256 dpti2o - ok
15:54:50.0546 2256 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:54:50.0546 2256 drmkaud - ok
15:54:50.0625 2256 drvmcdb (96bc8f872f0270c10edc3931f1c03776) C:\WINDOWS\system32\drivers\drvmcdb.sys
15:54:50.0625 2256 drvmcdb - ok
15:54:50.0671 2256 drvnddm (5afbec7a6ac61b211633dfdb1d9e0c89) C:\WINDOWS\system32\drivers\drvnddm.sys
15:54:50.0671 2256 drvnddm - ok
15:54:50.0812 2256 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
15:54:50.0812 2256 DSproct - ok
15:54:50.0890 2256 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
15:54:50.0890 2256 dsunidrv - ok
15:54:50.0968 2256 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys
15:54:50.0984 2256 E100B - ok
15:54:51.0015 2256 ElbyDelay - ok
15:54:51.0109 2256 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:54:51.0109 2256 Fastfat - ok
15:54:51.0171 2256 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:54:51.0171 2256 Fdc - ok
15:54:51.0218 2256 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
15:54:51.0218 2256 Fips - ok
15:54:51.0296 2256 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:54:51.0296 2256 Flpydisk - ok
15:54:51.0375 2256 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:54:51.0375 2256 FltMgr - ok
15:54:51.0421 2256 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:54:51.0421 2256 Fs_Rec - ok
15:54:51.0515 2256 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:54:51.0515 2256 Ftdisk - ok
15:54:51.0593 2256 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:54:51.0593 2256 GEARAspiWDM - ok
15:54:51.0640 2256 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:54:51.0640 2256 Gpc - ok
15:54:51.0687 2256 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:54:51.0687 2256 HDAudBus - ok
15:54:51.0750 2256 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:54:51.0750 2256 HidUsb - ok
15:54:51.0828 2256 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
15:54:51.0828 2256 hpn - ok
15:54:51.0921 2256 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:54:51.0921 2256 HTTP - ok
15:54:51.0968 2256 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
15:54:51.0968 2256 i2omgmt - ok
15:54:52.0031 2256 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
15:54:52.0031 2256 i2omp - ok
15:54:52.0093 2256 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:54:52.0093 2256 i8042prt - ok
15:54:52.0140 2256 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:54:52.0140 2256 Imapi - ok
15:54:52.0203 2256 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
15:54:52.0218 2256 ini910u - ok
15:54:52.0312 2256 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
15:54:52.0359 2256 IntelC51 - ok
15:54:52.0421 2256 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
15:54:52.0437 2256 IntelC52 - ok
15:54:52.0484 2256 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
15:54:52.0484 2256 IntelC53 - ok
15:54:52.0546 2256 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
15:54:52.0546 2256 IntelIde - ok
15:54:52.0625 2256 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:54:52.0625 2256 intelppm - ok
15:54:52.0687 2256 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:54:52.0687 2256 Ip6Fw - ok
15:54:52.0781 2256 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:54:52.0781 2256 IpFilterDriver - ok
15:54:52.0843 2256 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:54:52.0843 2256 IpInIp - ok
15:54:52.0906 2256 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:54:52.0906 2256 IpNat - ok
15:54:52.0968 2256 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:54:52.0968 2256 IPSec - ok
15:54:53.0031 2256 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:54:53.0031 2256 IRENUM - ok
15:54:53.0093 2256 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:54:53.0093 2256 isapnp - ok
15:54:53.0140 2256 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:54:53.0156 2256 Kbdclass - ok
15:54:53.0187 2256 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:54:53.0203 2256 kbdhid - ok
15:54:53.0250 2256 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:54:53.0250 2256 kmixer - ok
15:54:53.0312 2256 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:54:53.0312 2256 KSecDD - ok
15:54:53.0359 2256 lbrtfdc - ok
15:54:53.0421 2256 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
15:54:53.0421 2256 MBAMProtector - ok
15:54:53.0515 2256 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:54:53.0515 2256 mnmdd - ok
15:54:53.0609 2256 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
15:54:53.0609 2256 Modem - ok
15:54:53.0671 2256 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
15:54:53.0671 2256 MODEMCSA - ok
15:54:53.0718 2256 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
15:54:53.0718 2256 mohfilt - ok
15:54:53.0812 2256 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
15:54:53.0812 2256 motmodem - ok
15:54:53.0875 2256 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:54:53.0875 2256 Mouclass - ok
15:54:53.0953 2256 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:54:53.0984 2256 mouhid - ok
15:54:54.0062 2256 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:54:54.0078 2256 MountMgr - ok
15:54:54.0140 2256 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
15:54:54.0140 2256 mraid35x - ok
15:54:54.0218 2256 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:54:54.0218 2256 MRxDAV - ok
15:54:54.0328 2256 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:54:54.0328 2256 MRxSmb - ok
15:54:54.0375 2256 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:54:54.0375 2256 Msfs - ok
15:54:54.0453 2256 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:54:54.0453 2256 MSKSSRV - ok
15:54:54.0531 2256 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:54:54.0531 2256 MSPCLOCK - ok
15:54:54.0593 2256 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:54:54.0593 2256 MSPQM - ok
15:54:54.0656 2256 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:54:54.0656 2256 mssmbios - ok
15:54:54.0703 2256 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:54:54.0718 2256 Mup - ok
15:54:54.0781 2256 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:54:54.0781 2256 NDIS - ok
15:54:54.0859 2256 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:54:54.0859 2256 NdisTapi - ok
15:54:54.0906 2256 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:54:54.0906 2256 Ndisuio - ok
15:54:54.0953 2256 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:54:54.0968 2256 NdisWan - ok
15:54:55.0031 2256 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:54:55.0031 2256 NDProxy - ok
15:54:55.0078 2256 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:54:55.0078 2256 NetBIOS - ok
15:54:55.0140 2256 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:54:55.0140 2256 NetBT - ok
15:54:55.0234 2256 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:54:55.0234 2256 Npfs - ok
15:54:55.0296 2256 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:54:55.0312 2256 Ntfs - ok
15:54:55.0359 2256 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:54:55.0359 2256 Null - ok
15:54:55.0500 2256 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:54:55.0578 2256 nv - ok
15:54:55.0687 2256 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:54:55.0687 2256 NwlnkFlt - ok
15:54:55.0765 2256 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:54:55.0765 2256 NwlnkFwd - ok
15:54:55.0843 2256 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
15:54:55.0859 2256 Parport - ok
15:54:55.0906 2256 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:54:55.0906 2256 PartMgr - ok
15:54:55.0968 2256 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
15:54:55.0968 2256 ParVdm - ok
15:54:56.0015 2256 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
15:54:56.0015 2256 PCI - ok
15:54:56.0062 2256 PCIDump - ok
15:54:56.0125 2256 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:54:56.0125 2256 PCIIde - ok
15:54:56.0171 2256 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:54:56.0187 2256 Pcmcia - ok
15:54:56.0250 2256 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
15:54:56.0265 2256 pcouffin - ok
15:54:56.0312 2256 PDCOMP - ok
15:54:56.0343 2256 PDFRAME - ok
15:54:56.0390 2256 PDRELI - ok
15:54:56.0421 2256 PDRFRAME - ok
15:54:56.0484 2256 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
15:54:56.0484 2256 perc2 - ok
15:54:56.0531 2256 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
15:54:56.0531 2256 perc2hib - ok
15:54:56.0625 2256 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:54:56.0625 2256 PptpMiniport - ok
15:54:56.0656 2256 PROCEXP113 - ok
15:54:56.0718 2256 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:54:56.0718 2256 PSched - ok
15:54:56.0765 2256 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:54:56.0765 2256 Ptilink - ok
15:54:56.0843 2256 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:54:56.0843 2256 PxHelp20 - ok
15:54:56.0890 2256 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
15:54:56.0906 2256 ql1080 - ok
15:54:56.0984 2256 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
15:54:56.0984 2256 Ql10wnt - ok
15:54:57.0046 2256 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
15:54:57.0046 2256 ql12160 - ok
15:54:57.0125 2256 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
15:54:57.0125 2256 ql1240 - ok
15:54:57.0203 2256 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
15:54:57.0203 2256 ql1280 - ok
15:54:57.0250 2256 RapportBuka - ok
15:54:57.0484 2256 RapportCerberus_34302 (6b6f0a77365667912360ff1d5e984f25) C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys
15:54:57.0515 2256 RapportCerberus_34302 - ok
15:54:57.0687 2256 RapportEI (34992b59780a8a227a9eb54c97dc4608) C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
15:54:57.0687 2256 RapportEI - ok
15:54:57.0921 2256 RapportIaso (dd3e4610de9252a957c5bd19bdf47ac4) c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\28896\rapportiaso.sys
15:54:57.0937 2256 RapportIaso - ok
15:54:58.0046 2256 RapportKELL (a231b5552148ade82ed3dfba25919b75) C:\WINDOWS\system32\Drivers\RapportKELL.sys
15:54:58.0046 2256 RapportKELL - ok
15:54:58.0187 2256 RapportPG (060f8e34707d68178a564935ce4546eb) C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
15:54:58.0187 2256 RapportPG - ok
15:54:58.0265 2256 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:54:58.0281 2256 RasAcd - ok
15:54:58.0359 2256 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:54:58.0359 2256 Rasl2tp - ok
15:54:58.0390 2256 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:54:58.0406 2256 RasPppoe - ok
15:54:58.0437 2256 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:54:58.0437 2256 Raspti - ok
15:54:58.0500 2256 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:54:58.0500 2256 Rdbss - ok
15:54:58.0531 2256 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:54:58.0531 2256 RDPCDD - ok
15:54:58.0593 2256 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:54:58.0593 2256 rdpdr - ok
15:54:58.0687 2256 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
15:54:58.0687 2256 RDPWD - ok
15:54:58.0750 2256 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:54:58.0750 2256 redbook - ok
15:54:58.0859 2256 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:54:58.0859 2256 SASDIFSV - ok
15:54:58.0890 2256 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:54:58.0890 2256 SASKUTIL - ok
15:54:58.0968 2256 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:54:58.0968 2256 Secdrv - ok
15:54:59.0046 2256 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:54:59.0062 2256 serenum - ok
15:54:59.0109 2256 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
15:54:59.0125 2256 Serial - ok
15:54:59.0171 2256 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
15:54:59.0171 2256 Sfloppy - ok
15:54:59.0250 2256 sfng32 (5fe18fff6fbcf218290042009eab023d) C:\WINDOWS\system32\drivers\sfng32.sys
15:54:59.0250 2256 sfng32 - ok
15:54:59.0312 2256 Simbad - ok
15:54:59.0390 2256 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
15:54:59.0390 2256 sisagp - ok
15:54:59.0484 2256 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
15:54:59.0484 2256 Sparrow - ok
15:54:59.0546 2256 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:54:59.0546 2256 splitter - ok
15:54:59.0593 2256 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
15:54:59.0593 2256 sr - ok
15:54:59.0671 2256 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:54:59.0671 2256 Srv - ok
15:54:59.0750 2256 sscdbhk5 (98625722ad52b40305e74aaa83c93086) C:\WINDOWS\system32\drivers\sscdbhk5.sys
15:54:59.0765 2256 sscdbhk5 - ok
15:54:59.0828 2256 ssrtln (d79412e3942c8a257253487536d5a994) C:\WINDOWS\system32\drivers\ssrtln.sys
15:54:59.0843 2256 ssrtln - ok
15:54:59.0968 2256 STHDA (237ccbfc82b4c98435461972597f29d5) C:\WINDOWS\system32\drivers\sthda.sys
15:55:00.0015 2256 STHDA - ok
15:55:00.0062 2256 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:55:00.0062 2256 swenum - ok
15:55:00.0109 2256 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:55:00.0125 2256 swmidi - ok
15:55:00.0187 2256 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
15:55:00.0187 2256 symc810 - ok
15:55:00.0265 2256 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
15:55:00.0265 2256 symc8xx - ok
15:55:00.0343 2256 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
15:55:00.0343 2256 sym_hi - ok
15:55:00.0406 2256 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
15:55:00.0406 2256 sym_u3 - ok
15:55:00.0468 2256 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:55:00.0468 2256 sysaudio - ok
15:55:00.0562 2256 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:55:00.0562 2256 Tcpip - ok
15:55:00.0625 2256 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:55:00.0625 2256 TDPIPE - ok
15:55:00.0703 2256 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:55:00.0703 2256 TDTCP - ok
15:55:00.0765 2256 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:55:00.0765 2256 TermDD - ok
15:55:00.0843 2256 tfsnboio (d0177776e11b0b3f272eebd262a69661) C:\WINDOWS\system32\dla\tfsnboio.sys
15:55:00.0843 2256 tfsnboio - ok
15:55:00.0890 2256 tfsncofs (599804bc938b8305a5422319774da871) C:\WINDOWS\system32\dla\tfsncofs.sys
15:55:00.0890 2256 tfsncofs - ok
15:55:00.0937 2256 tfsndrct (a1902c00adc11c4d83f8e3ed947a6a32) C:\WINDOWS\system32\dla\tfsndrct.sys
15:55:00.0937 2256 tfsndrct - ok
15:55:01.0015 2256 tfsndres (d8ddb3f2b1bef15cff6728d89c042c61) C:\WINDOWS\system32\dla\tfsndres.sys
15:55:01.0015 2256 tfsndres - ok
15:55:01.0093 2256 tfsnifs (c4f2dea75300971cdaee311007de138d) C:\WINDOWS\system32\dla\tfsnifs.sys
15:55:01.0109 2256 tfsnifs - ok
15:55:01.0187 2256 tfsnopio (272925be0ea919f08286d2ee6f102b0f) C:\WINDOWS\system32\dla\tfsnopio.sys
15:55:01.0187 2256 tfsnopio - ok
15:55:01.0218 2256 tfsnpool (7b7d955e5cebc2fb88b03ef875d52a2f) C:\WINDOWS\system32\dla\tfsnpool.sys
15:55:01.0218 2256 tfsnpool - ok
15:55:01.0265 2256 tfsnudf (e3d01263109d800c1967c12c10a0b018) C:\WINDOWS\system32\dla\tfsnudf.sys
15:55:01.0265 2256 tfsnudf - ok
15:55:01.0328 2256 tfsnudfa (b9e9c377906e3a65bc74598fff7f7458) C:\WINDOWS\system32\dla\tfsnudfa.sys
15:55:01.0328 2256 tfsnudfa - ok
15:55:01.0437 2256 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
15:55:01.0437 2256 TosIde - ok
15:55:01.0531 2256 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:55:01.0546 2256 Udfs - ok
15:55:01.0609 2256 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
15:55:01.0609 2256 ultra - ok
15:55:01.0703 2256 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:55:01.0718 2256 Update - ok
15:55:01.0796 2256 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
15:55:01.0828 2256 USBAAPL - ok
15:55:01.0906 2256 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:55:01.0921 2256 usbccgp - ok
15:55:01.0984 2256 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:55:01.0984 2256 usbehci - ok
15:55:02.0031 2256 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:55:02.0031 2256 usbhub - ok
15:55:02.0109 2256 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:55:02.0109 2256 usbprint - ok
15:55:02.0187 2256 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:55:02.0218 2256 usbscan - ok
15:55:02.0312 2256 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:55:02.0312 2256 USBSTOR - ok
15:55:02.0359 2256 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:55:02.0359 2256 usbuhci - ok
15:55:02.0406 2256 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:55:02.0406 2256 VgaSave - ok
15:55:02.0500 2256 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
15:55:02.0500 2256 viaagp - ok
15:55:02.0562 2256 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
15:55:02.0578 2256 ViaIde - ok
15:55:02.0656 2256 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
15:55:02.0671 2256 VolSnap - ok
15:55:02.0750 2256 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:55:02.0765 2256 Wanarp - ok
15:55:02.0796 2256 wanatw - ok
15:55:02.0890 2256 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
15:55:02.0890 2256 Wdf01000 - ok
15:55:02.0953 2256 WDICA - ok
15:55:03.0000 2256 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:55:03.0000 2256 wdmaud - ok
15:55:03.0125 2256 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:55:03.0125 2256 WS2IFSL - ok
15:55:03.0218 2256 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:55:03.0234 2256 WudfPf - ok
15:55:03.0312 2256 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:55:03.0312 2256 WudfRd - ok
15:55:03.0343 2256 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
15:55:03.0421 2256 \Device\Harddisk0\DR0 - ok
15:55:03.0453 2256 Boot (0x1200) (55879895ffab790825d7a608041e634c) \Device\Harddisk0\DR0\Partition0
15:55:03.0453 2256 \Device\Harddisk0\DR0\Partition0 - ok
15:55:03.0453 2256 ============================================================
15:55:03.0453 2256 Scan finished
15:55:03.0453 2256 ============================================================
15:55:03.0468 2156 Detected object count: 1
15:55:03.0468 2156 Actual detected object count: 1
15:55:13.0984 2156 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
15:55:15.0718 2156 Backup copy found, using it..
15:55:15.0750 2156 C:\WINDOWS\system32\DRIVERS\ACPI.sys - will be cured on reboot
15:55:15.0750 2156 ACPI ( Virus.Win32.Rloader.a ) - User select action: Cure
15:56:04.0312 3756 Deinitialize success

OTL logs to follow in next post

OTL

OTL.txt

OTL logfile created on: 05/02/2012 16:09:52 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\D Rossiter\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1022.07 Mb Total Physical Memory | 305.49 Mb Available Physical Memory | 29.89% Memory free
2.40 Gb Paging File | 1.57 Gb Available in Paging File | 65.21% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.95 Gb Total Space | 71.79 Gb Free Space | 49.19% Space Free | Partition Type: NTFS

Computer Name: ROSSITER | User Name: D Rossiter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/05 16:06:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\D Rossiter\Desktop\OTL.exe
PRC - [2012/02/03 22:04:18 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012/01/25 10:16:28 | 001,652,536 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/01/25 10:16:28 | 000,931,640 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/01/16 17:41:16 | 000,909,152 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
PRC - [2012/01/16 17:39:11 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/01/13 19:19:06 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/11/28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/09/08 19:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 05:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2007/11/15 09:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2007/11/15 09:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2007/06/13 10:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/09/07 14:24:34 | 000,086,016 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\stacsv.exe
PRC - [2006/09/07 14:23:18 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\sttray.exe
PRC - [2004/07/28 15:39:30 | 000,962,661 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/05 15:59:42 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/02/05 15:59:38 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/02/03 22:01:26 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012/02/03 22:01:22 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2012/01/16 17:41:16 | 000,909,152 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
MOD - [2012/01/16 17:39:11 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/01/13 19:19:04 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/12/03 11:07:17 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/10 16:11:00 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/10/14 16:55:54 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/13 15:25:05 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/13 15:24:40 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/08 13:46:18 | 000,516,368 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportMS.dll
MOD - [2011/02/28 22:37:32 | 000,180,624 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
MOD - [2010/02/10 18:10:10 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2004/07/28 15:39:30 | 000,962,661 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
MOD - [2003/06/06 08:59:18 | 000,081,920 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\languages\english.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (getPlusHelper) getPlus®
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2012/01/25 10:16:28 | 000,931,640 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/01/16 17:41:16 | 000,909,152 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/09/01 08:17:00 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/03/01 08:56:36 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2007/11/15 09:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/09/07 14:24:34 | 000,086,016 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Program Files\Sigmatel\C-Major Audio\WDM\stacsv.exe -- (STacSV)


========== Driver Services (SafeList) ==========

DRV - [2012/01/25 10:16:44 | 000,164,112 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2012/01/25 10:16:44 | 000,071,440 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2012/01/25 10:16:44 | 000,056,208 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/12/16 17:06:35 | 000,228,208 | ---- | M] () [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys -- (RapportCerberus_34302)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 05:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 13:46:20 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Running] -- c:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportIaso.sys -- (RapportIaso)
DRV - [2011/08/08 05:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/22 16:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 21:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/07/11 00:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 00:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 00:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 00:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2007/06/18 14:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/09/07 14:25:06 | 001,178,088 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/12/02 17:38:04 | 000,041,728 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32)
DRV - [2005/08/04 03:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/06/16 02:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/06 03:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 03:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 03:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2004/03/02 08:26:58 | 000,050,007 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)
DRV - [2004/03/02 08:24:16 | 000,127,065 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
IE - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "search"
FF - prefs.js..browser.startup.homepage: "www.bbc.co.uk"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7B8cbd9dfe-a357-485e-8109-925f092a2cd3%7D&mid=c8bca3d8b03247d1b729d15b794de004-d9a620a0d217ac76f87a8bb60066af265dbbfe3c&ds=AVG&v=10.0.0.7&lang=en&pr=fr&d=2011-10-15%2015%3A12%3A47&sap=ku&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.91: C:\Program Files\NOS\bin\np_gp.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.709: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.709: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.709: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/12 14:10:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/02/03 14:54:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\ [2012/01/16 17:46:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/13 19:19:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/10 20:27:22 | 000,000,000 | ---D | M]

[2010/05/04 16:39:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\D Rossiter\Application Data\Mozilla\Extensions
[2011/12/21 19:08:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\D Rossiter\Application Data\Mozilla\Firefox\Profiles\0qdb6dox.default\extensions
[2010/05/04 16:50:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\D Rossiter\Application Data\Mozilla\Firefox\Profiles\0qdb6dox.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/04 16:43:36 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\D Rossiter\Application Data\Mozilla\Firefox\Profiles\0qdb6dox.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/11/24 19:14:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/16 17:46:34 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\AVG SECURE SEARCH\10.0.0.7
[2012/01/13 19:19:06 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/13 19:18:58 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/01/16 17:38:20 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/01/13 19:18:58 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/13 19:18:58 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/01/13 19:18:58 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/01/13 19:18:58 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2012/02/03 18:47:39 | 000,000,761 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll File not found
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O3 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [adiras] adiras.exe File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Camera Detector] C:\Program Files\ACD Systems\DevDetect\DevDetect.exe (ACD Systems, Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008..\Run: [AV Security Essentials] "C:\Documents and Settings\All Users\Application Data\af5e44\AVaf5_8050.exe" /s /d File not found
O4 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 File not found
O4 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()
O4 - Startup: C:\Documents and Settings\D Rossiter\Start Menu\Programs\Startup\Registration .LNK = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 0 = msseces.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = MSASCui.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 2 = ekrn.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 3 = egui.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 4 = avgnt.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 5 = avcenter.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 6 = avscan.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 7 = avgfrw.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 8 = avgui.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 9 = avgtray.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 10 = avgscanx.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 11 = avgcfgex.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 12 = avgemc.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 13 = avgchsvx.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 14 = avgcmgr.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 15 = avgwdsvc.exe
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_24.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} http://apps.corel.com/nos_dl_manager_dev/plugin/IEGetPlugin.ocx (get_atlcom Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176305360078 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoftware.com/activescan/as5free/asinst.cab (ActiveScan Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540003} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://81.149.3.135:40000/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326 (QDiagHUpdateObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8647CEEC-F3BB-4E48-A563-E0B080602CD8}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Desktop Uninstall) - C:\WINDOWS\warnhp.html
O24 - Desktop WallPaper: C:\Documents and Settings\D Rossiter\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\D Rossiter\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\_avp32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\_avpcc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\_avpm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\~1.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\~2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\a.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aAvgApi.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AAWTray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\About.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ackwin32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\adaware.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Ad-Aware.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\advxdwin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AdwarePrj.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agentsvr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agentw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alertsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alevir.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alogserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AlphaAV: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AlphaAV.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AluSchedulerSvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\amon9x.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntispywarXP2009.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\anti-trojan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Anti-Virus Professional.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\antivirus.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntiVirus_Pro.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusPlus: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusPlus.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusPro_2010.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusXP: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AntivirusXP.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\antivirusxppro2009.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ants.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\apimonitor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aplica32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\apvxdwin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\arr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Arrakis3.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashAvast.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashBug.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashChest.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashCnsnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashDisp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashLogV.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashMaiSv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashPopWz.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashQuick.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashServ.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSimp2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSimpl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSkPcc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSkPck.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashUpd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashWebSv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswChLic.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswRegSvr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswRunDll.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswUpdSv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atcon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atguard.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atro55en.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atupdater.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atwatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\au.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aupdate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autodown.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\auto-protect.nav80try.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autotrace.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autoupdate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\av360.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avadmin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVCare.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avcenter.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avciman.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconfig.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconsol.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ave32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVENGINE.EXE: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcc32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgchk.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgctrl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgemc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgiproxy.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgserv9.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgupd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkpop.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkservice.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkwctl9.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avltmain.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avmailc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avmcdlg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avnotify.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avp32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpcc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpdos32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avptc32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpupd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avsched32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avsynmgr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avupgsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVWEBGRD.EXE: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwin95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwinnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwsc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupd32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupsrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxmonitor9x.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxmonitornt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxquar.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\b.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\backweb.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bargains.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bd_professional.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdagent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdfvcl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdfvwiz.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDInProcPatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdmcon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDMsnScan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdreinit.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdsubwiz.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDSurvey.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdtkexec.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdwizreg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\beagle.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\belt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bidef.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bidserver.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bipcp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bipcpevalsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bisp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blackd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blackice.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blink.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blss.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bootconf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bootwarn.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\borg2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brasil.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brastk.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bs120.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bspatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bundle.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bvt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\c.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cavscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccapp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccevtmgr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccpxysvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccSvcHst.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cdp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfgwiz.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfiadmin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfiaudit.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfinet.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfinet32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpconfg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfplogvw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpupdat.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Cl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\claw95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\claw95cf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\clean.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleaner.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleaner3.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleanIELow.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleanpc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\click.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmd32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmdagent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmesys.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmgrdian.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmon016.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\connectionmonitor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\control: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpf9x206.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpfnt206.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\crashrep.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\csc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssconfg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssupdat.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssurf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ctrl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cwnb181.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cwntdwmo.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\d.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\datemanager.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dcomx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defalert.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defscangui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defwatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\deloeminfs.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\deputy.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\divx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dllcache.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dllreg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\doors.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dop.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpfsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpps2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\driverctrl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwatson.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drweb32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwebupw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dssagent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dvp95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dvp95_0.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ecengine.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\efpeadm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\emsw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\esafe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\escanhnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\escanv95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\espwatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ethereal.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\etrustcipe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\evpn.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\exantivirus-cnet.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\exe.avxw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\expert.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\explore.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fact.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-agnt95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fameh32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fast.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fch32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fih32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\findviru.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\firewall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fixfp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fnrb32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fprot.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-prot.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-prot95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fp-win.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fp-win_trial.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\frmwrk32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\frw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsaa.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav530stbyb.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav530wtbyb.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsgk32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsm32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsma32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsmb32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-stopw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gator.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbmenu.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbn976rl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbpoll.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\generics.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gmt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guard.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guarddog.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guardgui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hacktracersetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hbinst.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hbsrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\History.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\homeav2010.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hotactio.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hotpatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\htlog.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\htpatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hwpe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hxdl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hxiul.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamapp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamstats.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ibmasn.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ibmavsp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icload95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icloadnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icmon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icsupp95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icsuppnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Identity.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\idle.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iedll.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iedriver.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\IEShow.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iface.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ifw2000.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\inetlnfo.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\infus.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\infwin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\init.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\init32.exe : Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[1].exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[2].exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[3].exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[4].exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[5].exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\intdel.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\intren.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iomon98.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\istsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jammer.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jdbgmrg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jedi.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\JsRcGen.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavlite40eng.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavpers40eng.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavpf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kazza.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\keenvalue.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-pf-213-en-win.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-wrl-421-en-win.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-wrp-421-en-win.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\killprocesssetup161.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldnetmon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldpro.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldpromenu.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\licmgr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\livesrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lnetinfo.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\loader.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\localnet.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lockdown.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lockdown2000.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lookout.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lordpe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luau.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lucomserver.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luinit.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luspt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MalwareRemoval.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mapisvc32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcagent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcmnhdlr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcmscsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcnasvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcproxy.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\McSACore.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcshell.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcshield.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcsysmon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mctool.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcupdate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcvsrte.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcvsshld.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\md.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfin32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfw2en.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfweng3.02d30.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgavrtcl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgavrte.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mghtml.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\minilog.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mmod.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\monitor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\moolive.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mostat.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpfagent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpfservice.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MPFSrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpftray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mrflux.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mrt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msa.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msapp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msbb.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msblast.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mscache.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msccn32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mscman.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msconfig: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msdm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msdos.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msfwsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msiexec16.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mslaugh.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msmgt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msmsgri32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mssmmc32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mssys.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msvxd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mu0311ad.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mwatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\n32scanw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navap.navapsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navapsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navapw32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navdx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navlu32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navstub.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navw32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navwnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nc2000.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ncinst4.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ndd32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\neomonitor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\neowatchlog.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netarmor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netd32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netinfo.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netmon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netscanpro.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netspyhunter-1.2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netutils.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nisserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nisum.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nmain.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nod32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\normist.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\norton_internet_secu_3.0_407.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\notstart.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npf40_tw_98_nt_me_2k.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npfmessenger.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nprotect.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npscheck.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npssvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nsched32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nssys32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nstask32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nsupdate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntrtscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntvdm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntxconfig.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nupgrade.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvarch16.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvc95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvsvc32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwinst4.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwservice.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwtool16.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAcat.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAhlp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAReg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oasrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oaui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oaview.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OcHealthMon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ODSW.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ollydbg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OLT.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\onsrvr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\optimize.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ostronet.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\otfix.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpost.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpostinstall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpostproinstall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ozn695m5.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\padmin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\panixk.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\patch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavcl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PavFnSvr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavproxy.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavprsrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavsched.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavsrv51.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PC_Antispyware2010.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pccwin98.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcfwallicon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcip10117_0.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsAuxs.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsGui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsSvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pctsTray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pdfndr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pdsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PerAvir.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\periscope.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\persfw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\personalguard: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\personalguard.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\perswf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pf2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pfwadmin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pgmonitr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pingscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\platin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pop3trap.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\poproxy.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\popscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\portdetective.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\portmonitor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\powerscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ppinupdt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pptbc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ppvstop.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prizesurfer.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prmt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prmvr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\procdump.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\processmonitor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\procexplorerv1.0.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\programauditor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\proport.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\protector.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANCU.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANHost.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANToManager.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PsCtrls.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PsImSvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PskSvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pspf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSUNMain.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\purge.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qconsole.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qh.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qserver.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Quick Heal.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\QuickHealCleaner.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rapapp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav7.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav7win.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav8win32eng.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rb32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rcsync.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\realmon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\reged.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\regedt32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rescue.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rescue32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rrguard.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rscdwld.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rshell.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rtvscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rtvscn95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rulaunch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rwg: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rwg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SafetyKeeper.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\safeweb.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sahagent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Save.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SaveArmor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SaveDefense.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SaveKeep.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\savenow.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sbserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scam32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scanpm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scrscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\seccenter.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Secure Veteran.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\secureveteran.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Security Center.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SecurityFighter.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\securitysoldier.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\serv95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setloadorder.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setup_flowprotector_us.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setupvameeval.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sgssfw32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sh.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shellspyinstall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shield.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shn.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\showbehind.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\signcheck.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smart.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smartprotector.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smrtdefp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sms.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smss32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\snetcfg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\soap.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sofi.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\SoftSafeness.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sperm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sphinx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoler.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoolcv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoolsv32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spywarexpguard.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spyxx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\srexe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\srng.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ss3edit.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ssg_4104.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ssgrate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\st2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\start.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\stcloader.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\supftrl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\support.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\supporter5.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svchostc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svchosts.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svshost.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweep95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symlcsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symproxysvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symtray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\system.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\system32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sysupd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tapinstall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\taumon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tbscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tca.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tcm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds2-98.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds2-nt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds-3.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\teekids.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tfak.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tfak5.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tgbob.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\titanin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\titaninxp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\TPSrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trickler.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trjscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trjsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trojantrap3.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\TrustWarrior.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tsadbot.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tsc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tvmd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tvtmd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\uiscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\undoboot.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\updat.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\upgrad.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\upgrepl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\utpost.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbcmserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbcons.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbust.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbwin9x.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbwinntw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vcsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vet32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vet95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vettray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vfsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vir-help.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\virusmdpersonalfirewall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthAux.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthLic.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthUpd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vnlan300.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vnpc3000.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpc32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpc42.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpfw30s.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vptray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vscan40.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vscenu6.02d30.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsched.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsecomr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vshwin32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsisetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsmain.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsmon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsstat.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswin9xe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswinntse.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswinperse.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\w32dsm89.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\W3asbas.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\w9x.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\watchdog.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webdav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\WebProxy.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webscanx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webtrap.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wfindv32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\whoswatchingme.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wimmun32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win32us.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winactive.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win-bugsfix.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windll32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\window.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windows Police Pro.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windows.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wininetd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wininitx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winlogin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winmain.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winppr32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winrecon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winservn.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winss.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winssk32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winssnotify.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\WinSSUI.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winstart.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winstart001.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wintsk32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winupdate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wkufind.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wnad.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wradmin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wrctrl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wsbgate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxas.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxfw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wsctool.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wupdater.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wupdt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wyvernworksfirewall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xp_antispyware.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xpdeluxe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xpf202en.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapro.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapsetup3001.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zatutor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonalm2601.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonealarm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/02/05 16:06:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\D Rossiter\Desktop\OTL.exe
[2012/02/05 15:55:13 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/02/05 15:26:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/02/05 15:19:01 | 004,395,020 | R--- | C] (Swearware) -- C:\Documents and Settings\D Rossiter\Desktop\ComboFix.exe
[2012/02/05 14:46:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/03 22:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D Rossiter\Application Data\SUPERAntiSpyware.com
[2012/02/03 21:59:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012/02/03 21:58:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012/02/03 21:58:57 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/02/03 19:36:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/03 19:36:36 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/02/03 19:22:38 | 000,000,000 | ---D | C] -- C:\52ff7b92f764b4021b736e
[2012/02/03 18:45:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\D Rossiter\Application Data\AV Security Essentials
[2012/02/03 18:45:29 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\AVMRQZFASE
[2012/02/03 18:44:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\af5e44
[2012/01/26 17:35:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2012/01/25 10:16:44 | 000,056,208 | ---- | C] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2012/01/15 17:31:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D Rossiter\My Documents\My Videos
[2006/04/17 19:35:53 | 000,532,480 | ---- | C] (Trend Micro Incorporated) -- C:\Program Files\cwshredder.exe
[2006/04/17 19:32:17 | 001,144,839 | ---- | C] (McAfee Inc.) -- C:\Program Files\stng260.exe
[2006/04/17 19:29:50 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Program Files\WinsockxpFix.exe
[2006/04/17 19:24:16 | 000,110,592 | ---- | C] (Option^Explicit Software) -- C:\Program Files\vx2finder.exe
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/05 16:06:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\D Rossiter\Desktop\OTL.exe
[2012/02/05 16:02:10 | 000,442,894 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/05 16:02:10 | 000,072,160 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/05 16:00:23 | 000,001,824 | ---- | M] () -- C:\Documents and Settings\D Rossiter\Application Data\Microsoft\Internet Explorer\Quick Launch\AV Security Essentials.lnk
[2012/02/05 16:00:19 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\D Rossiter\Desktop\AV Security Essentials.lnk
[2012/02/05 15:58:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/05 15:58:03 | 000,000,432 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2012/02/05 15:57:37 | 000,000,388 | ---- | M] () -- C:\WINDOWS\tasks\Free File Viewer Update Checker.job
[2012/02/05 15:57:37 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1625757485-1585415934-725816341-1009.job
[2012/02/05 15:57:37 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1625757485-1585415934-725816341-1008.job
[2012/02/05 15:57:37 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1625757485-1585415934-725816341-1007.job
[2012/02/05 15:57:37 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1625757485-1585415934-725816341-1006.job
[2012/02/05 15:57:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/05 15:57:18 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/05 15:19:44 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1625757485-1585415934-725816341-1008.job
[2012/02/05 15:19:14 | 004,395,020 | R--- | M] (Swearware) -- C:\Documents and Settings\D Rossiter\Desktop\ComboFix.exe
[2012/02/05 15:16:00 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/02/05 11:36:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1625757485-1585415934-725816341-1006.job
[2012/02/05 11:35:43 | 000,000,578 | ---- | M] () -- C:\Documents and Settings\D Rossiter\Desktop\MBR.zip
[2012/02/05 11:35:11 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\D Rossiter\Desktop\MBR.dat
[2012/02/05 10:50:09 | 088,216,717 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/02/04 18:10:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1625757485-1585415934-725816341-1007.job
[2012/02/03 19:26:10 | 000,002,150 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/02/03 18:47:39 | 000,000,761 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/02/03 17:57:42 | 000,233,470 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/02/03 14:54:44 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2012/01/26 20:01:35 | 000,211,456 | ---- | M] () -- C:\Documents and Settings\D Rossiter\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/26 17:35:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2012/01/25 10:16:44 | 000,056,208 | ---- | M] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2012/01/18 17:51:58 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/01/15 17:07:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1625757485-1585415934-725816341-1009.job
[2012/01/11 13:08:15 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/05 15:27:56 | 1071,796,224 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/05 11:35:43 | 000,000,578 | ---- | C] () -- C:\Documents and Settings\D Rossiter\Desktop\MBR.zip
[2012/02/05 11:35:11 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\D Rossiter\Desktop\MBR.dat
[2012/02/04 14:05:23 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\D Rossiter\Start Menu\Programs\AV Security Essentials.lnk
[2012/02/04 14:05:23 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\D Rossiter\Desktop\AV Security Essentials.lnk
[2012/02/03 19:26:10 | 000,002,150 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/02/03 18:45:40 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\D Rossiter\Application Data\Microsoft\Internet Explorer\Quick Launch\AV Security Essentials.lnk
[2012/01/26 17:35:54 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/07/06 13:29:22 | 000,180,624 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2011/02/10 04:03:48 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2010/03/01 17:54:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/03 19:05:32 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2009/09/11 18:26:58 | 000,051,180 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/09/19 21:57:34 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/02/22 15:52:10 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/09/10 16:00:19 | 000,001,068 | ---- | C] () -- C:\Program Files\runtimesetup.ini
[2007/09/10 16:00:18 | 000,200,846 | ---- | C] () -- C:\Program Files\RuntimeSetup.exe
[2007/07/21 14:00:49 | 000,476,752 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe
[2007/03/09 10:02:32 | 000,000,100 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/01/20 18:54:19 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.ini
[2007/01/09 17:54:59 | 000,000,165 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2007/01/06 19:55:17 | 000,000,004 | ---- | C] () -- C:\WINDOWS\jknradee.sys
[2007/01/06 19:35:57 | 000,000,031 | -H-- | C] () -- C:\WINDOWS\UKCpInfo.sys
[2006/12/25 19:07:32 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\BBC1DD7B09.sys
[2006/12/25 19:07:31 | 000,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/12/12 19:35:41 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\D Rossiter\Application Data\.zreglib
[2006/11/16 10:01:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\dsltest.INI
[2006/11/02 20:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/04/19 19:51:41 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2006/01/03 13:32:33 | 000,211,456 | ---- | C] () -- C:\Documents and Settings\D Rossiter\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/11/16 15:41:20 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2005/11/05 20:24:46 | 000,003,390 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/11/03 13:13:23 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2005/11/03 13:13:22 | 000,094,486 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2005/11/03 13:13:22 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2005/11/03 13:13:22 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2005/11/03 13:13:22 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2005/11/03 13:13:22 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2005/11/03 13:13:22 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2005/11/03 13:13:22 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2005/11/03 13:13:22 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2005/11/03 13:13:22 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2005/11/03 13:13:22 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2005/11/03 13:13:22 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2005/11/03 13:13:22 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2005/11/03 13:13:22 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2005/11/03 13:13:22 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2005/11/03 13:13:22 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2005/11/03 13:13:22 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2005/11/03 13:12:36 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDER220.ini
[2005/10/30 15:29:30 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/10/28 15:55:12 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\D Rossiter\Local Settings\Application Data\fusioncache.dat
[2005/10/28 15:52:53 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/10/28 15:00:15 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2005/10/28 15:00:15 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2005/10/28 15:00:09 | 000,000,342 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2005/10/28 15:00:08 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\ipdetect.exe
[2005/10/28 15:00:07 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2005/10/28 15:00:06 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll
[2005/10/28 15:00:06 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin
[2005/10/28 15:00:05 | 000,143,360 | ---- | C] () -- C:\WINDOWS\autoclk.exe
[2005/10/26 16:06:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/26 15:58:49 | 000,000,460 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/26 15:54:18 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/26 15:32:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/26 15:32:34 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/10/26 15:32:16 | 000,000,402 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:57:15 | 000,254,272 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,442,894 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,072,160 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 11:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/03/21 14:39:02 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2002/03/21 12:51:52 | 000,503,808 | R--- | C] () -- C:\WINDOWS\System32\lt_xtrans.dll
[2002/03/21 12:51:52 | 000,286,720 | R--- | C] () -- C:\WINDOWS\System32\MrSIDD.dll
[2002/03/21 12:51:52 | 000,163,840 | R--- | C] () -- C:\WINDOWS\System32\lt_common.dll
[2002/03/21 12:51:52 | 000,126,976 | R--- | C] () -- C:\WINDOWS\System32\lt_trans.dll
[2002/03/21 12:51:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\lt_meta.dll
[2002/03/21 12:51:52 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\lt_encrypt.dll
[2002/03/21 12:51:52 | 000,020,480 | R--- | C] () -- C:\WINDOWS\System32\lt_messagetext.dll
[2002/03/20 21:01:06 | 000,006,688 | R--- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002/03/20 21:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002/03/20 21:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002/03/20 21:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002/03/20 21:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll
[1999/01/22 18:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010/10/24 18:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7d28bfa
[2005/11/28 20:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2012/02/03 18:45:40 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\af5e44
[2012/01/16 17:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2010/11/20 16:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/10/15 14:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2007/10/22 10:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2012/02/03 18:45:29 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\AVMRQZFASE
[2011/05/14 13:39:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2008/08/30 19:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elaborate Bytes
[2007/10/22 10:01:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009/10/03 19:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK
[2009/06/28 14:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KEDDS
[2007/10/03 08:54:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2012/02/05 10:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/06/28 14:06:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OrbNetworks
[2005/10/30 15:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2008/08/30 19:47:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2007/11/26 20:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2007/10/25 10:57:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2009/08/31 13:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2007/05/12 11:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2007/02/08 16:22:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/05/17 19:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2009/03/12 17:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/02 17:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/09 18:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/09 19:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/04/20 17:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\ACD Systems
[2010/06/15 16:20:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\Amazon
[2011/07/27 12:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\Any Video Converter
[2012/02/03 18:47:40 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\D Rossiter\Application Data\AV Security Essentials
[2011/12/11 15:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\AVG Secure Search
[2011/10/15 14:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\AVG2012
[2009/10/03 19:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\CheckPoint
[2005/11/12 15:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\EPSON
[2011/02/27 16:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\FreeFileViewer
[2005/10/28 14:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\Leadertech
[2009/10/03 19:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\MailFrontier
[2011/12/09 18:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\PrimoPDF
[2009/06/28 18:30:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\Skinux
[2006/12/12 19:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\SlySoft
[2005/10/28 14:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\Template
[2009/08/31 15:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\Trusteer
[2007/02/08 16:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D Rossiter\Application Data\Viewpoint
[2010/02/24 12:22:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Trusteer
[2006/05/20 13:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\ACD Systems
[2010/07/18 19:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\Amazon
[2009/05/20 20:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\Any DVD Clone
[2008/10/08 20:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\Any Video Converter
[2012/01/12 12:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\AVG Secure Search
[2011/10/15 14:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\AVG2012
[2009/10/27 16:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\CheckPoint
[2006/11/29 15:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\Elaborate Bytes
[2007/05/29 13:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\EPSON
[2007/10/20 12:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\Grisoft
[2008/08/28 14:57:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\ImgBurn
[2008/09/11 07:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\MailFrontier
[2007/02/28 18:20:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\PgcEdit
[2011/07/06 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\PrimoPDF
[2008/08/30 19:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\RipIt4Me
[2009/06/28 15:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\Skinux
[2006/11/25 16:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\SlySoft
[2009/09/05 15:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\Trusteer
[2010/02/11 17:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J Rossiter\Application Data\Vso
[2006/10/05 13:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M Rossiter\Application Data\ACD Systems
[2011/12/12 19:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M Rossiter\Application Data\AVG Secure Search
[2011/10/15 14:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M Rossiter\Application Data\AVG2012
[2009/10/04 15:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M Rossiter\Application Data\CheckPoint
[2006/04/25 11:50:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M Rossiter\Application Data\EPSON
[2011/06/06 13:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M Rossiter\Application Data\FreeFileViewer
[2007/10/20 14:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M Rossiter\Application Data\Grisoft
[2008/10/03 21:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M Rossiter\Application Data\Leadertech
[2010/11/27 16:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M Rossiter\Application Data\PCDr
[2009/06/28 13:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M Rossiter\Application Data\Skinux
[2009/08/31 13:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\M Rossiter\Application Data\Trusteer
[2009/12/01 17:22:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Trusteer
[2008/09/23 08:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\P Rossiter\Application Data\ACD Systems
[2011/10/15 14:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\P Rossiter\Application Data\AVG2012
[2009/10/05 09:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\P Rossiter\Application Data\CheckPoint
[2007/10/20 12:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\P Rossiter\Application Data\Grisoft
[2007/10/26 10:41:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\P Rossiter\Application Data\MailFrontier
[2009/06/29 11:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\P Rossiter\Application Data\Skinux
[2009/09/01 10:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\P Rossiter\Application Data\Trusteer
[2012/02/05 15:16:00 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2012/02/05 15:57:37 | 000,000,388 | ---- | M] () -- C:\WINDOWS\Tasks\Free File Viewer Update Checker.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2005/10/28 15:00:16 | 000,000,184 | ---- | M] () -- C:\setuplog.exe
[2001/05/24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE


< MD5 for: EXPLORER.EXE >
[2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 11:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 10:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2007/06/13 10:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
[2004/08/04 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/14 00:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 00:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\i386\svchost.exe
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 00:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 00:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 00:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 00:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 72 bytes -> C:\WINDOWS:8FC679A46E47B9AE

< End of report >

Extras.txt

OTL Extras logfile created on: 05/02/2012 16:09:52 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\D Rossiter\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1022.07 Mb Total Physical Memory | 305.49 Mb Available Physical Memory | 29.89% Memory free
2.40 Gb Paging File | 1.57 Gb Available in Paging File | 65.21% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.95 Gb Total Space | 71.79 Gb Free Space | 49.19% Space Free | Partition Type: NTFS

Computer Name: ROSSITER | User Name: D Rossiter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\5.0\ACDSee5.exe" "%1" (ACD Systems, Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe" = C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe:*:Enabled:Free File Viewer Update Checker -- (Bitberry Software)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Documents and Settings\All Users\Application Data\af5e44\AVaf5_8050.exe" = C:\Documents and Settings\All Users\Application Data\af5e44\AVaf5_8050.exe:*:Enabled:AV Security Essentials -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{083E0D59-B6B4-4570-AA0A-37F5B4526CF5}" = AVG 2012
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 24
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C2690CF-5B74-4F93-8139-7B5644CD6A3B}" = MobileMe Control Panel
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE325D55-FCAF-4273-BB79-069BB8747270}" = TomTom HOME
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"Any Video Converter_is1" = Any Video Converter 2.7.1
"AVG" = AVG 2012
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Coupon Printer2.0" = Coupon Printer
"DVD Decrypter" = DVD Decrypter (Remove Only)
"ESPR220 User's Guide" = ESPR220 User's Guide
"FreeFileViewer_is1" = Free File Viewer 2011
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 9.0.1 (x86 en-GB)" = Mozilla Firefox 9.0.1 (x86 en-GB)
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"Rapport_msi" = Rapport
"RealPlayer 12.0" = RealPlayer
"Trusted Software Assistant_is1" = File Type Assistant
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1625757485-1585415934-725816341-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 03/02/2012 15:26:11 | Computer Name = ROSSITER | Source = Microsoft Security Client | ID = 5000
Description =

Error - 03/02/2012 15:29:12 | Computer Name = ROSSITER | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office 2000 SR-1 Professional -- Error 1706. No
valid source could be found for product Microsoft Office 2000 SR-1 Professional.
The Windows installer cannot continue.

Error - 03/02/2012 15:47:53 | Computer Name = ROSSITER | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.19170, fault address 0x000b9f68.

Error - 03/02/2012 15:51:46 | Computer Name = ROSSITER | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.19170, fault address 0x000b9f68.

Error - 03/02/2012 15:53:16 | Computer Name = ROSSITER | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office 2000 SR-1 Professional -- Error 1706. No
valid source could be found for product Microsoft Office 2000 SR-1 Professional.
The Windows installer cannot continue.

Error - 03/02/2012 15:53:48 | Computer Name = ROSSITER | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office 2000 SR-1 Professional -- Error 1706. No
valid source could be found for product Microsoft Office 2000 SR-1 Professional.
The Windows installer cannot continue.

Error - 03/02/2012 23:04:39 | Computer Name = ROSSITER | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.

Error - 05/02/2012 11:54:23 | Computer Name = ROSSITER | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 05/02/2012 11:54:23 | Computer Name = ROSSITER | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 05/02/2012 11:54:23 | Computer Name = ROSSITER | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

[ System Events ]
Error - 05/02/2012 11:22:42 | Computer Name = ROSSITER | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD Avgldx86 Avgmfx86 Avgtdix Fips intelppm IPSec MRxSmb NetBIOS NetBT RapportKELL RasAcd Rdbss
SASDIFSV
SASKUTIL
Tcpip
WS2IFSL

Error - 05/02/2012 11:24:25 | Computer Name = ROSSITER | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 05/02/2012 11:28:16 | Computer Name = ROSSITER | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.2.5 for the Network Card with network
address 00123FA909F7 has been denied by the DHCP server 192.168.2.1 (The DHCP Server
sent a DHCPNACK message).

Error - 05/02/2012 11:29:05 | Computer Name = ROSSITER | Source = Service Control Manager | ID = 7000
Description = The General Purpose USB Driver (adildr.sys) service failed to start
due to the following error: %%1058

Error - 05/02/2012 11:29:29 | Computer Name = ROSSITER | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.2.3, since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.

Error - 05/02/2012 11:30:14 | Computer Name = ROSSITER | Source = DCOM | ID = 10010
Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register
with DCOM within the required timeout.

Error - 05/02/2012 11:57:25 | Computer Name = ROSSITER | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring
the volume.

Error - 05/02/2012 11:57:45 | Computer Name = ROSSITER | Source = Service Control Manager | ID = 7000
Description = The General Purpose USB Driver (adildr.sys) service failed to start
due to the following error: %%1058

Error - 05/02/2012 11:58:03 | Computer Name = ROSSITER | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.2.3, since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.

Error - 05/02/2012 11:58:25 | Computer Name = ROSSITER | Source = DCOM | ID = 10010
Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register
with DCOM within the required timeout.


< End of report >

Thank you

#10 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:46 PM

Posted 05 February 2012 - 12:47 PM

Hi,

Please do the following:


Run OTL.exe
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :OTL
    IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
    IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
    IE - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
    O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
    O3 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
    O3 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O3 - HKU\S-1-5-21-1625757485-1585415934-725816341-1008\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
    O4 - HKLM..\Run: [adiras] adiras.exe File not found
    O27 - HKLM IFEO\_avp32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\_avpcc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\_avpm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\~1.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\~2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\a.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aAvgApi.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AAWTray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\About.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ackwin32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\adaware.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Ad-Aware.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\advxdwin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AdwarePrj.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\agent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\agentsvr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\agentw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\alertsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\alevir.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\alogserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AlphaAV: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AlphaAV.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AluSchedulerSvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\amon9x.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntispywarXP2009.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\anti-trojan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Anti-Virus Professional.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\antivirus.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntiVirus_Pro.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntivirusPlus: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntivirusPlus.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntivirusPro_2010.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntivirusXP: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AntivirusXP.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\antivirusxppro2009.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ants.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\apimonitor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aplica32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\apvxdwin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\arr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Arrakis3.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashAvast.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashBug.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashChest.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashCnsnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashDisp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashLogV.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashMaiSv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashPopWz.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashQuick.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashServ.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashSimp2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashSimpl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashSkPcc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashSkPck.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashUpd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ashWebSv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aswChLic.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aswRegSvr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aswRunDll.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aswUpdSv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\atcon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\atguard.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\atro55en.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\atupdater.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\atwatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\au.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\aupdate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\autodown.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\auto-protect.nav80try.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\autotrace.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\autoupdate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\av360.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avadmin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AVCare.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avcenter.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avciman.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avconfig.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avconsol.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ave32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AVENGINE.EXE: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgcc32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgchk.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgctrl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgemc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgiproxy.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgserv9.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgupd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avgw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avkpop.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avkserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avkservice.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avkwctl9.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avltmain.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avmailc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avmcdlg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avnotify.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avp32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avpcc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avpdos32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avpm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avptc32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avpupd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avsched32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avsynmgr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avupgsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\AVWEBGRD.EXE: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwin95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwinnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwsc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwupd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwupd32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avwupsrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avxmonitor9x.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avxmonitornt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\avxquar.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\b.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\backweb.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bargains.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bd_professional.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdagent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdfvcl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdfvwiz.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\BDInProcPatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdmcon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\BDMsnScan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdreinit.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdsubwiz.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\BDSurvey.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdtkexec.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bdwizreg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\beagle.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\belt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bidef.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bidserver.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bipcp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bipcpevalsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bisp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\blackd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\blackice.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\blink.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\blss.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bootconf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bootwarn.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\borg2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bpc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\brasil.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\brastk.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\brw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bs120.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bspatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bundle.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bvt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\c.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cavscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ccapp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ccevtmgr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ccpxysvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ccSvcHst.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cdp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfgwiz.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfiadmin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfiaudit.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfinet.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfinet32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfpconfg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfplogvw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cfpupdat.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Cl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\claw95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\claw95cf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\clean.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cleaner.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cleaner3.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cleanIELow.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cleanpc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\click.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cmd32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cmdagent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cmesys.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cmgrdian.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cmon016.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\connectionmonitor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\control: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cpd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cpf9x206.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cpfnt206.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\crashrep.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\csc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cssconfg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cssupdat.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cssurf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ctrl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cwnb181.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\cwntdwmo.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\d.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\datemanager.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dcomx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\defalert.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\defscangui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\defwatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\deloeminfs.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\deputy.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\divx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dllcache.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dllreg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\doors.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dop.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dpf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dpfsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dpps2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\driverctrl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\drwatson.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\drweb32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\drwebupw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dssagent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dvp95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\dvp95_0.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ecengine.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\efpeadm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\emsw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\esafe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\escanhnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\escanv95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\espwatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ethereal.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\etrustcipe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\evpn.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\exantivirus-cnet.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\exe.avxw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\expert.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\explore.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fact.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\f-agnt95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fameh32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fast.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fch32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fih32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\findviru.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\firewall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fixfp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fnrb32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fprot.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\f-prot.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\f-prot95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fp-win.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fp-win_trial.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\frmwrk32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\frw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsaa.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsav32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsav530stbyb.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsav530wtbyb.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsav95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsgk32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsm32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsma32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\fsmb32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\f-stopw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\gator.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\gav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\gbmenu.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\gbn976rl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\gbpoll.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\generics.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\gmt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\guard.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\guarddog.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\guardgui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hacktracersetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hbinst.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hbsrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\History.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\homeav2010.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hotactio.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hotpatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\htlog.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\htpatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hwpe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hxdl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\hxiul.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iamapp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iamserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iamstats.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ibmasn.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ibmavsp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\icload95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\icloadnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\icmon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\icsupp95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\icsuppnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Identity.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\idle.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iedll.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iedriver.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\IEShow.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iface.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ifw2000.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\inetlnfo.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\infus.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\infwin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\init.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\init32.exe : Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\install.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\install[1].exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\install[2].exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\install[3].exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\install[4].exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\install[5].exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\intdel.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\intren.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\iomon98.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\istsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\jammer.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\jdbgmrg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\jedi.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\JsRcGen.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kavlite40eng.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kavpers40eng.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kavpf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kazza.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\keenvalue.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kerio-pf-213-en-win.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kerio-wrl-421-en-win.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\kerio-wrp-421-en-win.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\killprocesssetup161.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ldnetmon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ldpro.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ldpromenu.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ldscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\licmgr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\livesrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lnetinfo.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\loader.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\localnet.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lockdown.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lockdown2000.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lookout.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lordpe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\luall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\luau.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\lucomserver.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\luinit.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\luspt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\MalwareRemoval.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mapisvc32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcagent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcmnhdlr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcmscsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcnasvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcproxy.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\McSACore.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcshell.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcshield.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcsysmon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mctool.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcupdate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcvsrte.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mcvsshld.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\md.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mfin32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mfw2en.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mfweng3.02d30.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mgavrtcl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mgavrte.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mghtml.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mgui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\minilog.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mmod.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\monitor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\moolive.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mostat.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mpfagent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mpfservice.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\MPFSrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mpftray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mrflux.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mrt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msa.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msapp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msbb.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msblast.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mscache.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msccn32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mscman.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msconfig: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msdm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msdos.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msfwsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msiexec16.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mslaugh.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msmgt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msmsgri32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mssmmc32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mssys.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\msvxd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mu0311ad.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\mwatch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\n32scanw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navap.navapsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navapsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navapw32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navdx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navlu32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navstub.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navw32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\navwnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nc2000.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ncinst4.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ndd32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\neomonitor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\neowatchlog.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netarmor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netd32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netinfo.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netmon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netscanpro.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netspyhunter-1.2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\netutils.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nisserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nisum.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nmain.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nod32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\normist.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\norton_internet_secu_3.0_407.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\notstart.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\npf40_tw_98_nt_me_2k.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\npfmessenger.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nprotect.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\npscheck.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\npssvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nsched32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nssys32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nstask32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nsupdate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ntrtscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ntvdm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ntxconfig.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nupgrade.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nvarch16.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nvc95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nvsvc32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nwinst4.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nwservice.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\nwtool16.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\OAcat.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\OAhlp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\OAReg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\oasrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\oaui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\oaview.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\OcHealthMon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ODSW.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ollydbg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\OLT.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\onsrvr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\optimize.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ostronet.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\otfix.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\outpost.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\outpostinstall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\outpostproinstall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ozn695m5.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\padmin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\panixk.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\patch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pavcl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PavFnSvr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pavproxy.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pavprsrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pavsched.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pavsrv51.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pavw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PC_Antispyware2010.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pccwin98.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pcfwallicon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pcip10117_0.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pcscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pctsAuxs.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pctsGui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pctsSvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pctsTray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pdfndr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pdsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PerAvir.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\periscope.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\persfw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\personalguard: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\personalguard.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\perswf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pf2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pfwadmin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pgmonitr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pingscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\platin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pop3trap.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\poproxy.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\popscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\portdetective.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\portmonitor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\powerscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ppinupdt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pptbc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ppvstop.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\prizesurfer.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\prmt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\prmvr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\procdump.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\processmonitor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\procexplorerv1.0.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\programauditor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\proport.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\protector.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\protectx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PSANCU.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PSANHost.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PSANToManager.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PsCtrls.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PsImSvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PskSvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\pspf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\PSUNMain.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\purge.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\qconsole.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\qh.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\qserver.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Quick Heal.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\QuickHealCleaner.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rapapp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rav7.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rav7win.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rav8win32eng.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rb32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rcsync.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\realmon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\reged.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\regedt32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rescue.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rescue32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rrguard.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rscdwld.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rshell.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rtvscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rtvscn95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rulaunch.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rwg: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\rwg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\SafetyKeeper.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\safeweb.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sahagent.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Save.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\SaveArmor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\SaveDefense.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\SaveKeep.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\savenow.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sbserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\scam32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\scan32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\scan95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\scanpm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\scrscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\seccenter.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Secure Veteran.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\secureveteran.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\Security Center.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\SecurityFighter.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\securitysoldier.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\serv95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\setloadorder.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\setup_flowprotector_us.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\setupvameeval.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sgssfw32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sh.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\shellspyinstall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\shield.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\shn.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\showbehind.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\signcheck.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\smart.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\smartprotector.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\smc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\smrtdefp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sms.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\smss32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\snetcfg.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\soap.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sofi.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\SoftSafeness.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sperm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\spf.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sphinx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\spoler.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\spoolcv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\spoolsv32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\spywarexpguard.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\spyxx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\srexe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\srng.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ss3edit.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ssg_4104.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\ssgrate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\st2.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\start.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\stcloader.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\supftrl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\support.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\supporter5.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\svc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\svchostc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\svchosts.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\svshost.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sweep95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\symlcsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\symproxysvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\symtray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\system.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\system32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\sysupd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tapinstall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\taumon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tbscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tca.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tcm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tds2-98.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tds2-nt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tds-3.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\teekids.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tfak.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tfak5.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tgbob.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\titanin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\titaninxp.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\TPSrv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\trickler.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\trjscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\trjsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\trojantrap3.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\TrustWarrior.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tsadbot.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tsc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tvmd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\tvtmd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\uiscan.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\undoboot.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\updat.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\upgrad.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\upgrepl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\utpost.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vbcmserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vbcons.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vbust.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vbwin9x.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vbwinntw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vcsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vet32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vet95.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vettray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vfsetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vir-help.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\virusmdpersonalfirewall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\VisthAux.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\VisthLic.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\VisthUpd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vnlan300.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vnpc3000.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vpc32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vpc42.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vpfw30s.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vptray.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vscan40.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vscenu6.02d30.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsched.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsecomr.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vshwin32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsisetup.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsmain.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsmon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vsstat.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vswin9xe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vswinntse.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\vswinperse.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\w32dsm89.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\W3asbas.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\w9x.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\watchdog.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\webdav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\WebProxy.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\webscanx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\webtrap.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wfindv32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\whoswatchingme.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wimmun32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\win32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\win32us.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winactive.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\win-bugsfix.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\windll32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\window.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\windows Police Pro.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\windows.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wininetd.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wininitx.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winlogin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winmain.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winppr32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winrecon.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winservn.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winss.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winssk32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winssnotify.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\WinSSUI.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winstart.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winstart001.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wintsk32.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\winupdate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wkufind.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wnad.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wnt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wradmin.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wrctrl.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wsbgate.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wscfxas.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wscfxav.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wscfxfw.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wsctool.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wupdater.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wupdt.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\wyvernworksfirewall.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\xp_antispyware.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\xpdeluxe.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\xpf202en.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\zapro.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\zapsetup3001.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\zatutor.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\zonalm2601.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    O27 - HKLM IFEO\zonealarm.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
    [2012/02/03 18:45:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\D Rossiter\Application Data\AV Security Essentials
    [2012/02/03 18:45:29 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\AVMRQZFASE
    [2012/02/03 18:44:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\af5e44
    [2012/02/05 16:00:23 | 000,001,824 | ---- | M] () -- C:\Documents and Settings\D Rossiter\Application Data\Microsoft\Internet Explorer\Quick Launch\AV Security Essentials.lnk
    [2012/02/05 16:00:19 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\D Rossiter\Desktop\AV Security Essentials.lnk
    [2007/01/06 19:55:17 | 000,000,004 | ---- | C] () -- C:\WINDOWS\jknradee.sys
    [2010/10/24 18:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7d28bfa
    @Alternate Data Stream - 72 bytes -> C:\WINDOWS:8FC679A46E47B9AE
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post the OTL log


NEXT

Please delete the copy of ComboFix that you have on the desktop, download a fresh copy and try running it again

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#11 pleasehelp2012

pleasehelp2012
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 05 February 2012 - 01:49 PM

Hi CatBytes

Thanks for your reply.

When I run OTL.exe with the fix a pop-up from MalwareBytes appears stating 'MBAMservice terminated unexpectedly - see event log for details'. OTL.exe then appears to stall.

I have tried running OTL.exe with the fix with MalwareBytes deactivated but again the same pop-up appears and the fix stalls.

Any ideas?

Thank you

#12 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:46 PM

Posted 05 February 2012 - 02:15 PM

please uninstall malwarebytes for now,

we can re-install it when done

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#13 pleasehelp2012

pleasehelp2012
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 05 February 2012 - 03:08 PM

Hi CatByte

Thanks for your reply. I've had to attach the OTL log as it was too big to post in whole.

After rebooting I noticed the pop-up from AV Security Essentials saying I had been infected with Trojans has gone as has the desktop icon. It still appears in the Start menu but the icon is disfigured. I still can't get into AVG 2012 - message is the same as before, rights are restricted.

I tried running a new version of ComboFix both in normal mode and safe mode with the renamed filename but to no joy. I still get a message in safe mode saying AVG 2012 & AV Security Essentials have not been deactivated.

Thanks for your help once again.

Attached Files



#14 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:46 PM

Posted 05 February 2012 - 03:12 PM

ok

please re-install Malwarebytes and run a scan with it

post the resulting log

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#15 pleasehelp2012

pleasehelp2012
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 05 February 2012 - 05:34 PM

Hi CatByte

Malwarebytes scan log:

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.05.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
D Rossiter :: ROSSITER [administrator]

Protection: Disabled

05/02/2012 20:36:40
mbam-log-2012-02-05 (20-36-40).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 481206
Time elapsed: 1 hour(s), 54 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 11
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcsrvx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgdumpx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnsx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrsx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgscanx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgsrmax.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgtray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgwdsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fixcfg.exe (Security.Hijack) -> Quarantined and deleted successfully.

Registry Values Detected: 16
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|0 (Security.Hijack) -> Data: msseces.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|1 (Security.Hijack) -> Data: MSASCui.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|2 (Security.Hijack) -> Data: ekrn.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|3 (Security.Hijack) -> Data: egui.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|4 (Security.Hijack) -> Data: avgnt.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|5 (Security.Hijack) -> Data: avcenter.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|6 (Security.Hijack) -> Data: avscan.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|7 (Security.Hijack) -> Data: avgfrw.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|8 (Security.Hijack) -> Data: avgui.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|9 (Security.Hijack) -> Data: avgtray.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|10 (Security.Hijack) -> Data: avgscanx.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|11 (Security.Hijack) -> Data: avgcfgex.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|12 (Security.Hijack) -> Data: avgemc.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|13 (Security.Hijack) -> Data: avgchsvx.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|14 (Security.Hijack) -> Data: avgcmgr.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun|15 (Security.Hijack) -> Data: avgwdsvc.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKCR\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=8050&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\TDSSKiller_Quarantine\05.02.2012_15.54.27\rtkt0000\svc0000\tsk0000.dta (Virus.RLoader) -> Quarantined and deleted successfully.

(end)

Thank you




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users