Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Problems with 'permissions'

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Problems with 'permissions'

Unread postby blackngold86 » July 22nd, 2012, 1:39 am

Hello out there,

Tried installing DDS with no luck, after a seemingly successful download. Received the error "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." This is not MY primary computer, so I'm not sure when the problems started, but I noticed it after multiple failed updates in Windows Update and Norton AV two weeks ago. Tried McAfee to find the error and found/deleted a few trojans, thinking the problem had been found, but no such luck. Just continuously having problems with updates and installs. With using the new McAfee, I set everything to max protection and have been checking each blocked task in the logs but nothing has stuck out to me. Need some help please! Here is the Extras log. I tried to paste both OTL and Extras but it said the post contained too many characters so I will save the OTL for once I get a response(since it was the biggest). Hope that was best since it said not to reply to your own post before you get a response!


OTL Extras logfile created on: 7/22/2012 12:58:46 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Bob\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.93 Gb Total Physical Memory | 2.39 Gb Available Physical Memory | 60.68% Memory free
8.07 Gb Paging File | 5.83 Gb Available in Paging File | 72.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.62 Gb Total Space | 167.53 Gb Free Space | 58.65% Space Free | Partition Type: NTFS
Drive D: | 12.47 Gb Total Space | 1.98 Gb Free Space | 15.84% Space Free | Partition Type: NTFS

Computer Name: BOB-PC | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 0B 84 C2 22 98 E4 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2178579362-4275671455-3174961323-1000]
"EnableNotificationsRef" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03ADE511-723A-45B2-B842-1DFA9DAE55D4}" = lport=137 | protocol=17 | dir=in | app=system |
"{08A29531-8374-445F-BFD5-F89F066780C4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{099D14A7-8271-43E1-BFBA-877DCA0E8DB9}" = rport=138 | protocol=17 | dir=out | app=system |
"{0A95F1B9-E0B1-4BA6-B12A-75A70D72812E}" = lport=3390 | protocol=6 | dir=in | app=system |
"{0FE76C67-7481-4722-AD36-E43F1060297F}" = lport=10244 | protocol=6 | dir=in | app=system |
"{1E6F41DD-3E8D-4434-B80F-BCA832C54AE6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3168001A-2B17-48B4-ACF9-18528F937E9B}" = lport=443 | protocol=17 | dir=in | name=oovoo udp port 443 |
"{3227975F-CD65-4815-B367-707837D1D81F}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{361DD4CA-CC9B-4757-8ADA-25693A887D9F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3D661526-3E5B-425E-9B53-81FE3BEE15A0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{46602961-DCAD-442C-8492-1E41F256C084}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{47790BD3-4ACD-431B-9862-DEFBE98D2DB7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4FE357DA-EE1D-4290-A3F6-66D3FE65CEBB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5A0AFCE2-DEEF-49F6-A35B-BC615AB1A85F}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{5A25F8CD-E649-434D-8DFF-12B281AC3EEF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5A970217-1897-4386-9BA7-B0232246B33A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5C6EBE26-E872-415B-85FD-815F4E45E5C0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{697D3D2B-F30C-4373-A5BD-296A0A2CE642}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6994CCED-5B4E-4F9E-B6A8-6657D082618A}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{6B16E967-97D3-4ED1-B724-47E953A3E094}" = lport=3390 | protocol=6 | dir=in | app=system |
"{6D6B1783-04DB-4A4C-AEE8-3DBCEF6A527A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6FCBAD56-0691-476C-8C05-75A618E94474}" = lport=37674 | protocol=17 | dir=in | name=oovoo udp port 37674 |
"{7B01CA73-8593-4DC0-851D-3F1F66FBE37C}" = rport=139 | protocol=6 | dir=out | app=system |
"{7C31FEDE-04F0-4404-A0AF-3502850904F8}" = lport=37675 | protocol=17 | dir=in | name=oovoo udp port 37675 |
"{84E9EEEC-4EF7-4B5C-9A6C-3ABDCAB8A779}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9ACD50AC-F1AD-45B7-809C-C94ECF5D71B8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9BDBE627-A16E-4E6A-9205-62AAF778B5B0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A5961A0B-DFB2-4014-B7B1-4F18C9F4467C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B5A097FD-8409-4DAE-AEBB-52D772057088}" = lport=139 | protocol=6 | dir=in | app=system |
"{C5D0AAEF-6288-4880-9A41-5E865BA3ACB1}" = rport=10244 | protocol=6 | dir=out | app=system |
"{C5F3CAB1-1144-4990-BE5E-DBE20DFEF4B0}" = rport=10244 | protocol=6 | dir=out | app=system |
"{CA91F9D7-CD40-4E0A-BC49-F14BC396CD59}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CF36AEF1-39E8-4F6A-8609-6942FAEE6F85}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D14574DF-7486-461D-AFC9-B9B155AF7E67}" = rport=445 | protocol=6 | dir=out | app=system |
"{D7592868-FE01-4AD8-841A-75C7D419CDAE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DB843EA5-091F-47F4-8D60-2DEF1F72E2A2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD408D89-5A77-45F9-AD7A-8ED60C43559D}" = rport=137 | protocol=17 | dir=out | app=system |
"{E2DC9D38-9694-4922-B128-5E103ACFBB36}" = lport=10244 | protocol=6 | dir=in | app=system |
"{E7E060FA-56A4-4FEC-9040-A85520DADE33}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EA3A4836-2158-4D94-A441-1D1CBA5AB9B0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EFB64991-2C48-498B-89E5-D333559EB671}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{F20640F7-D3BB-40F9-8373-9B35CFA10A66}" = lport=445 | protocol=6 | dir=in | app=system |
"{F584EB09-184B-413F-9699-3303CA80F3A0}" = lport=443 | protocol=6 | dir=in | name=oovoo tcp port 443 |
"{F7CA4E0C-CCF3-46B2-BFCF-45BCDC31E003}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FAC6FF99-F7C3-4C19-9B68-70312186186C}" = lport=138 | protocol=17 | dir=in | app=system |
"{FC361DE2-CA2F-49BC-8E08-C038C5C1D2D9}" = lport=37674 | protocol=6 | dir=in | name=oovoo tcp port 37674 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00EE8BC7-8125-4F79-9235-663F4BFABFEC}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{01788F0C-D503-4AAB-9841-8450CC155B67}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{02352358-7D7D-47B2-B051-3A81928C4EF2}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{043CDEDD-41E1-4D67-AC26-56BAFAB5A917}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{04717C13-4795-4491-839C-49058A905E7E}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe |
"{04A7876A-8B14-4B3C-8A85-542BAD31B2C0}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{0D12D67E-B60A-4324-A58B-F11711959484}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{141635B0-B058-4306-A008-36A590D4A3B6}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{1BFC16B8-4251-4200-B9F5-ACF900580B7C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{1F1B2353-6C35-4170-A3FC-DFB402FD9339}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{22271130-351C-4672-BB4A-7AA3CBD8A2C7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{24765911-4DBF-425C-8E5C-FE41291D788C}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qpservice.exe |
"{25D11076-C0AC-4DDA-8FF0-758D8280EBCD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{294F7201-7116-426F-A6A3-48C39839188F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2960233D-16BB-4B38-8EDC-27326D14D6BE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2B2534D4-3256-47D1-AA5D-B16ACE58D2B6}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{2E4F2F4F-695C-4187-9F85-D3DFAD99B8EF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{32F1AE85-A207-43CB-B30B-1ACDD150F029}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{34D2571B-9CC2-449C-9B8E-BAB1564252E7}" = protocol=6 | dir=in | app=c:\users\bob\appdata\local\temp\7zsbbf1.tmp\symnrt.exe |
"{3C5F3CAA-F752-4A6F-93FA-98A1E476DB60}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{42CCC3B5-F622-4007-B979-007AA2A7C6F2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{49580B8F-6774-42B1-AB3F-042A65B96383}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4B34ECBE-715E-4B9C-85F8-D0A722970D45}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{4D0A8CCD-F141-49ED-BD2B-DC3918AA6A1F}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{5A4CCC8E-B027-4AF1-8971-225F5EAAE9AA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5CBC5809-46B0-451E-817A-1BA43072C986}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{6172531D-BCF3-4A75-A861-A30738991113}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{6742CB15-E837-4539-A449-0A9A0C1933AA}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe |
"{750DCD2F-689E-4690-BCB3-E4FDEAB18521}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe |
"{7650AB97-653A-4F1D-9E88-79A9F424F0F9}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{77FBFEDB-FD87-4646-9249-AD2BBF0EB392}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{867B33D1-C2D4-4277-B76E-7300F6BD1AB2}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe |
"{8E0B0396-3EBC-4264-989D-1CD2F6AFC410}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{8E4782B7-7A0A-40CA-BEE1-3769D70AEE71}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{9049F272-56D5-4FEA-86E0-971F7128307B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{967D6372-760B-4457-82CF-398EA08EDFCF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9C9BF4C1-9A42-4CD6-9872-2A3416DFFEDD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9F830E23-F8E5-4F53-A4F7-ADD594DF42B3}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{9FCAB167-B599-4105-8BC2-AA520F4AD403}" = protocol=17 | dir=in | app=c:\users\bob\appdata\local\temp\7zsbbf1.tmp\symnrt.exe |
"{A0117F36-14DF-4B6B-AEFF-897807AF846A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AE21BA6B-441F-41EB-8187-1DBCCD78F429}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qp.exe |
"{AF2DEF63-A612-4592-8D82-453961DF6DA4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B303C4E1-8DB6-4BB5-90D3-2C204FF67BED}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{B5D101C3-5636-42E0-A3A8-F5D13AE04240}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BCA289CD-4CD4-4995-A720-C728C7F33655}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE24FFEC-AB36-4CE9-AAEE-0460125A037B}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{BF883995-4971-4DC2-BF93-6657ECF8CD17}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{C20491DA-5EF8-404B-9B6D-1A2ACC8F80F4}" = protocol=6 | dir=out | app=system |
"{CB12E750-E34F-4319-B37C-793AC37B4318}" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{CB8DBE8F-35E6-4EC7-8B1E-782AFEC7A50F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{CE74CD8C-19F9-4A5F-921B-F922677600A3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D0A7FDB9-4438-49CA-8E5D-66583B4529AF}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{DA39068F-09CB-43BE-90DC-E1EE0EF206BD}" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{DCBA163B-2AE4-466B-991B-D6972222033F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{DD727AE4-9A5E-4AFA-B14D-4BBC45B64793}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E70451C9-A2DF-46F4-B724-1DC2EBA5F33F}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{EB5B809D-0EDA-4BCA-B0CD-2F339A21B0DA}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{EE2AEB60-640C-4136-B310-8D22E72C2385}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe |
"{F3ECA7D9-D1EF-455C-B407-C699829142FE}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe |
"{FE24E6E6-8706-4EC9-BC99-86752F6455C6}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{FE7161B4-3863-4378-BB89-87B5F3D52E3D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{2F4353A7-82B1-4F2A-A740-CBADDBC08C38}C:\windows\system32\mmc.exe" = protocol=6 | dir=in | app=c:\windows\system32\mmc.exe |
"TCP Query User{357B7B6D-EC0B-46A4-8CBA-EF23FAEEA2E5}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{3AC8AE1B-073C-4219-8526-5F5102C64718}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"TCP Query User{439B261E-CC11-4657-B847-D8D7EDC9983B}C:\programdata\f62252\pif62_289.exe" = protocol=6 | dir=in | app=c:\programdata\f62252\pif62_289.exe |
"TCP Query User{DFBACFA5-9399-42A9-AAB3-9797F6EC97D9}C:\users\bob\downloads\bittorrent9.exe" = protocol=6 | dir=in | app=c:\users\bob\downloads\bittorrent9.exe |
"TCP Query User{E184346E-5B78-41BE-928A-3757E21DDA8C}C:\program files (x86)\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"TCP Query User{EECA25AD-0FA0-4BEA-AB00-1217C9E1D825}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{28F0EC91-E8E6-4F15-912A-68275B4C890F}C:\program files (x86)\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"UDP Query User{57D921E8-AAD3-41FB-8A9A-06ECBA14C58A}C:\programdata\f62252\pif62_289.exe" = protocol=17 | dir=in | app=c:\programdata\f62252\pif62_289.exe |
"UDP Query User{7E65D052-DE46-48D9-8271-4537989E96F5}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{82783DD3-F327-42E1-A7FF-9AEF0F0F941D}C:\windows\system32\mmc.exe" = protocol=17 | dir=in | app=c:\windows\system32\mmc.exe |
"UDP Query User{8D81E0A1-52B6-4C75-AD8C-6CDA9BAB08EF}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{E37F5BCD-D956-448B-8C38-7E1FAFC593EA}C:\users\bob\downloads\bittorrent9.exe" = protocol=17 | dir=in | app=c:\users\bob\downloads\bittorrent9.exe |
"UDP Query User{FAE2D022-3A33-4297-9786-DE20843D4C06}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6204
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2F7994F-661E-46D1-A1DF-67F2887AAA7E}" = HP MediaSmart SmartMenu
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"07B260955637F1FF7587ED2AA87459040DD09BF7" = Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}" = McAfee Agent
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4221094E-82B8-43C4-94F4-A6760FC1842A}" = H&R Block Premium + Efile + State 2011
"{45A136EC-88BF-4B95-99F5-C45D3930E1CC}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A9849CA-E11C-4F24-8BB1-97C717A1C898}" = LightScribe System Software
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B798B31-2F33-4DC8-BDA4-D36488E86636}" = Slingbox - Watch Your TV Anywhere
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A86D7D30-194C-49AF-BAC3-212715B9E547}" = H&R Block West Virginia 2011
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{BE78F458-88D3-4894-87E9-54B96D1FFAB6}" = HP User Guides 0126
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}" = McAfee VirusScan Enterprise
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F522E59E-7168-4B4A-885E-1030009BEE56}" = DBsign Web Signer
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"FrostWire" = FrostWire 4.20.7
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"NSS" = Norton Security Scan
"TomTom HOME" = TomTom HOME 2.8.3.2499
"WildTangent hp Master Uninstall" = My HP Games

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ca996af32b15a664" = Bully Dog Update Agent
"Move Media Player" = Move Media Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/21/2012 11:34:47 PM | Computer Name = Bob-PC | Source = VSS | ID = 12289
Description =

Error - 7/21/2012 11:34:54 PM | Computer Name = Bob-PC | Source = VSS | ID = 12289
Description =

Error - 7/21/2012 11:34:54 PM | Computer Name = Bob-PC | Source = VSS | ID = 12289
Description =

Error - 7/21/2012 11:34:54 PM | Computer Name = Bob-PC | Source = VSS | ID = 12289
Description =

Error - 7/22/2012 12:10:12 AM | Computer Name = Bob-PC | Source = WinMgmt | ID = 5601
Description =

Error - 7/22/2012 12:10:12 AM | Computer Name = Bob-PC | Source = WinMgmt | ID = 28
Description =

Error - 7/22/2012 12:10:42 AM | Computer Name = Bob-PC | Source = VSS | ID = 12289
Description =

Error - 7/22/2012 12:13:40 AM | Computer Name = Bob-PC | Source = VSS | ID = 12289
Description =

Error - 7/22/2012 12:13:44 AM | Computer Name = Bob-PC | Source = HP AdvisorUpdate | ID = 0
Description = Could not find a part of the path 'C:\_pack6\hp-advisor\src\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd'.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String
path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare
share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize) at System.Xml.XmlDownloadManager.GetStream(Uri
uri, ICredentials credentials) at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri,
String role, Type ofObjectToReturn) at System.Xml.XmlReader.Create(String inputUri,
XmlReaderSettings settings, XmlParserContext inputContext) at System.Xml.Schema.XmlSchemaSet.Add(String
targetNamespace, String schemaUri) at HPAdvisor.Common.Content.CategoryCollection.ValidateDocument(String
path) ValidateDocument failed Business\SearchTargets.xml

Error - 7/22/2012 12:13:51 AM | Computer Name = Bob-PC | Source = SecurityCenter | ID = 3
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

[ Media Center Events ]
Error - 7/21/2012 9:36:58 PM | Computer Name = Bob-PC | Source = Mcx2Dvcs | ID = 405
Description =

Error - 7/21/2012 9:39:21 PM | Computer Name = Bob-PC | Source = Mcx2Dvcs | ID = 405
Description =

[ System Events ]
Error - 7/22/2012 12:22:06 AM | Computer Name = Bob-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.129.1744.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.8502.0 Error code: 0x80070005 Error description: Access
is denied.

Error - 7/22/2012 12:22:06 AM | Computer Name = Bob-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.129.1744.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.8502.0 Error code: 0x80070005 Error description: Access
is denied.

Error - 7/22/2012 12:22:06 AM | Computer Name = Bob-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.129.1744.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.8502.0 Error code: 0x80070005 Error description: Access
is denied.

Error - 7/22/2012 12:22:06 AM | Computer Name = Bob-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.129.1744.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.8502.0 Error code: 0x80070005 Error description: Access
is denied.

Error - 7/22/2012 12:22:06 AM | Computer Name = Bob-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.129.1744.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.8502.0 Error code: 0x80070005 Error description: Access
is denied.

Error - 7/22/2012 12:22:06 AM | Computer Name = Bob-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.129.1744.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.8502.0 Error code: 0x80070005 Error description: Access
is denied.

Error - 7/22/2012 12:22:06 AM | Computer Name = Bob-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.129.1744.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.8502.0 Error code: 0x80070005 Error description: Access
is denied.

Error - 7/22/2012 12:22:06 AM | Computer Name = Bob-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.129.1744.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.8502.0 Error code: 0x80070005 Error description: Access
is denied.

Error - 7/22/2012 12:22:34 AM | Computer Name = Bob-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 7/22/2012 12:34:56 AM | Computer Name = Bob-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.10 for the Network Card with network
address 002100BBF5D6 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).


< End of report >
blackngold86
Regular Member
 
Posts: 20
Joined: July 22nd, 2012, 12:46 am
Advertisement
Register to Remove

Re: Problems with 'permissions'

Unread postby Gary R » July 24th, 2012, 1:46 am

Please post your OTL.txt log.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Problems with 'permissions'

Unread postby blackngold86 » July 24th, 2012, 11:48 am

OTL PART 1

OTL logfile created on: 7/22/2012 12:58:46 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Bob\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.93 Gb Total Physical Memory | 2.39 Gb Available Physical Memory | 60.68% Memory free
8.07 Gb Paging File | 5.83 Gb Available in Paging File | 72.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.62 Gb Total Space | 167.53 Gb Free Space | 58.65% Space Free | Partition Type: NTFS
Drive D: | 12.47 Gb Total Space | 1.98 Gb Free Space | 15.84% Space Free | Partition Type: NTFS

Computer Name: BOB-PC | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/22 00:29:19 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Bob\Desktop\OTL.exe
PRC - [2012/06/07 04:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/01/23 00:43:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012/01/23 00:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/14 20:08:00 | 000,215,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe
PRC - [2011/09/14 20:08:00 | 000,209,760 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2011/09/14 20:08:00 | 000,033,648 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2011/01/12 16:05:00 | 000,185,664 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
PRC - [2011/01/12 16:05:00 | 000,161,088 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
PRC - [2011/01/12 16:05:00 | 000,120,128 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
PRC - [2011/01/12 16:05:00 | 000,075,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
PRC - [2009/04/29 22:13:50 | 001,328,424 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2009/04/29 22:11:58 | 000,185,640 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/04/22 23:06:52 | 000,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
PRC - [2009/04/22 22:53:22 | 000,296,320 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
PRC - [2009/04/22 22:53:22 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2009/03/11 11:42:08 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/10/06 13:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008/06/19 18:04:50 | 000,014,376 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/14 03:02:52 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:02:41 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012/06/14 03:02:25 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll
MOD - [2012/06/14 03:01:57 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll
MOD - [2012/06/07 04:14:43 | 000,441,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppgooglenaclpluginchrome.dll
MOD - [2012/06/07 04:14:42 | 003,922,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012/06/07 04:13:16 | 000,134,696 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012/06/07 04:13:15 | 000,250,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012/06/07 04:13:14 | 002,375,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2012/05/10 03:42:13 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/05/10 03:41:11 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/10 03:41:09 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b6d83a652c94b32fc8f99a6df0acd7f4\System.Transactions.ni.dll
MOD - [2012/05/10 03:41:08 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.ni.dll
MOD - [2012/05/10 03:41:08 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.Wrapper.dll
MOD - [2012/05/10 03:41:03 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/05/10 03:34:58 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/10 03:34:14 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll
MOD - [2012/05/10 03:34:01 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c8c3ab08933fef9fb6657da871395c46\PresentationFramework.Aero.ni.dll
MOD - [2012/05/10 03:33:20 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll
MOD - [2012/05/10 03:33:16 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/10 03:33:07 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/05/02 19:52:17 | 004,050,944 | ---- | M] () -- C:\Users\Bob\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.2\libGLESv2.dll
MOD - [2012/05/02 19:52:17 | 000,100,864 | ---- | M] () -- C:\Users\Bob\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.2\libEGL.dll
MOD - [2009/04/29 22:11:58 | 000,906,536 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/04/22 22:53:22 | 000,267,656 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapEngine.dll
MOD - [2009/04/22 22:53:22 | 000,124,288 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLSchMgr.dll
MOD - [2009/04/22 22:53:22 | 000,038,184 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapSvcps.dll
MOD - [2009/04/22 22:53:20 | 000,349,480 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLTinyDB.dll
MOD - [2009/04/11 02:28:21 | 000,368,640 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009/04/10 22:04:15 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009/03/30 00:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/30 00:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/01/27 21:37:20 | 007,331,840 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2009/01/27 21:37:20 | 002,023,424 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2009/01/27 21:37:10 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2008/09/30 20:56:06 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
MOD - [2008/09/30 20:52:02 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2008/09/30 20:52:00 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2008/09/30 20:51:52 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\ECLibrary.dll
MOD - [2008/09/30 20:51:52 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2008/09/30 20:51:36 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2008/09/30 20:51:36 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2008/09/30 20:51:36 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2007/04/18 19:30:46 | 000,471,040 | ---- | M] () -- C:\Program Files (x86)\McAfee\Common Framework\ccme_base.dll
MOD - [2007/04/18 19:30:46 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/07/02 04:16:17 | 000,158,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/07/02 04:16:08 | 000,199,008 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/06/03 20:43:18 | 000,239,104 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe -- (STacSV)
SRV:64bit: - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/11 16:11:30 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/01/23 00:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/09/14 20:08:00 | 000,209,760 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2011/01/12 16:05:00 | 000,120,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2009/04/22 22:53:22 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS)
SRV - [2009/04/22 22:53:22 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/10/06 13:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/02 04:16:18 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/07/02 04:16:16 | 000,100,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/07/02 04:16:14 | 000,642,952 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/07/02 04:16:11 | 000,228,752 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/07/02 04:16:10 | 000,158,712 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/02/29 09:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2010/09/03 23:05:19 | 002,685,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2009/06/03 20:43:18 | 000,486,400 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/04/29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009/02/13 15:02:51 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/12/10 08:37:52 | 000,184,832 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/11/21 22:05:22 | 001,253,376 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/10/27 16:33:30 | 008,039,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/09/21 13:49:58 | 000,126,464 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2008/09/19 21:43:58 | 000,068,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2008/09/04 13:48:00 | 000,064,000 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir)
DRV:64bit: - [2008/06/23 07:54:02 | 000,099,368 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2008/06/23 07:54:02 | 000,091,176 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2008/06/23 07:54:02 | 000,019,752 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2008/04/16 15:49:34 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008/01/20 22:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64) Intel(R)
DRV:64bit: - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2006/10/03 21:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV - [2008/08/05 15:24:54 | 000,024,568 | ---- | M] (Insyde Software) [Kernel | On_Demand | Stopped] -- C:\SwSetup\sp44138\iscflashx64.sys -- (iscFlash)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {C299A347-D117-4200-8C95-A0A570E62019}
IE:64bit: - HKLM\..\SearchScopes\{47737E1B-4C2E-4A26-A6F9-03C36CD369FF}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
IE:64bit: - HKLM\..\SearchScopes\{C299A347-D117-4200-8C95-A0A570E62019}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{47737E1B-4C2E-4A26-A6F9-03C36CD369FF}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2857572
IE - HKLM\..\SearchScopes\{C299A347-D117-4200-8C95-A0A570E62019}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\URLSearchHook: {38542454-dfb6-44f5-b052-d4e071a3d073} - No CLSID value found
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\URLSearchHook: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - No CLSID value found
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\SearchScopes,DefaultScope = {C299A347-D117-4200-8C95-A0A570E62019}
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\SearchScopes\{47737E1B-4C2E-4A26-A6F9-03C36CD369FF}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2857572
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\SearchScopes\{C299A347-D117-4200-8C95-A0A570E62019}: "URL" = http://findgala.com/?&uid=289&q={searchTerms}
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25496

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Bob\AppData\Roaming\Move Networks\plugins\npqmp071502000008.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/03 00:27:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/07/02 04:17:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Bob\AppData\Roaming\Move Networks [2009/12/15 23:54:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/03 00:27:05 | 000,000,000 | ---D | M]

[2010/07/22 20:22:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions
[2010/07/22 20:22:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2012/02/21 00:42:47 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES (X86)\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Live Search (Enabled)
CHR - default_search_provider: search_url = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF&src=IE-SearchBox
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Bob\AppData\Roaming\Move Networks\plugins\npqmp071502000008.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Oovoo Toolbar = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanijiojpcccpkjdjjmjghddcgcbfj\7.14.1.20560_0\
CHR - Extension: YouTube = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/03/15 03:03:38 | 000,000,822 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120702041738.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120702041738.dll (McAfee, Inc.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\Toolbar\WebBrowser: (no name) - {38542454-DFB6-44F5-B052-D4E071A3D073} - No CLSID value found.
O3 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\Toolbar\WebBrowser: (no name) - {B9D63C58-90CC-428B-8D3B-CBB88EB07E7E} - No CLSID value found.
O3 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\Toolbar\WebBrowser: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TVAgent] C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000..\Run: [Personal Internet Security 2011] "C:\ProgramData\f62252\PIf62_289.exe" /s /d File not found
O4 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 0 = msseces.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = MSASCui.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 2 = ekrn.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 3 = egui.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 4 = avgnt.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 5 = avcenter.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 6 = avscan.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 7 = avgfrw.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 8 = avgui.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 9 = avgtray.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 10 = avgscanx.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 11 = avgcfgex.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 12 = avgemc.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 13 = avgchsvx.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 14 = avgcmgr.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 15 = avgwdsvc.exe
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/Shar ... /cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launch ... wwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.microsoft.com/mats/DiagWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://samsclubus.pnimedia.com/upload/a ... ontrol.cab (Photo Upload Plugin Class)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex ... 0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91CCA174-7E37-44D3-A9D7-B8684C62E1E8}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O27 - HKLM IFEO\_avp32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\_avpcc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\_avpm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\a.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aAvgApi.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AAWTray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\About.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ackwin32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\adaware.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Ad-Aware.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\advxdwin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agentsvr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agentw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alertsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alevir.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alogserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AluSchedulerSvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\amon9x.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\anti-trojan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\antivirus.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ants.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\apimonitor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aplica32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\apvxdwin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\arr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Arrakis3.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashAvast.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashBug.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashChest.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashCnsnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashDisp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashLogV.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashMaiSv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashPopWz.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashQuick.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashServ.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSimp2.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSimpl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSkPcc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSkPck.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashUpd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashWebSv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswChLic.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswRegSvr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswRunDll.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswUpdSv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atcon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atguard.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atro55en.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atupdater.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atwatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\au.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aupdate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autodown.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\auto-protect.nav80try.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autotrace.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autoupdate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avadmin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avcenter.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avciman.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconfig.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconsol.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ave32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVENGINE.EXE: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcc32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgchk.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcmgr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcsrvx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgctrl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgdumpx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgemc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgiproxy.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgnsx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgrsx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgscanx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgserv9.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgsrmax.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgtray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgupd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgwdsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkpop.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkservice.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkwctl9.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avltmain.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avmailc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avmcdlg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avnotify.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avp32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpcc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpdos32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avptc32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpupd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avsched32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avsynmgr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avupgsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVWEBGRD.EXE: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwin95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwinnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwsc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupd32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupsrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxmonitor9x.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxmonitornt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxquar.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\b.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\backweb.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bargains.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bd_professional.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdagent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdfvcl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdfvwiz.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDInProcPatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdmcon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDMsnScan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdreinit.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdsubwiz.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDSurvey.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdtkexec.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdwizreg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\beagle.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\belt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bidef.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bidserver.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bipcp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bipcpevalsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bisp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blackd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blackice.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blink.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blss.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bootconf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bootwarn.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\borg2.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brasil.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bs120.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bspatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bundle.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bvt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\c.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cavscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccapp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccevtmgr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccpxysvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccSvcHst.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cdp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfgwiz.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfiadmin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfiaudit.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfinet.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfinet32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpconfg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfplogvw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpupdat.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\claw95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\claw95cf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\clean.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleaner.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleaner3.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleanIELow.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleanpc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\click.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmd32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmdagent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmesys.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmgrdian.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmon016.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\connectionmonitor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\control: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpf9x206.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpfnt206.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\crashrep.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssconfg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssupdat.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssurf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ctrl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cwnb181.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cwntdwmo.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\d.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\datemanager.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dcomx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defalert.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defscangui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defwatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\deloeminfs.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\deputy.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\divx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dllcache.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dllreg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\doors.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpfsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpps2.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\driverctrl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwatson.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drweb32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwebupw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dssagent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dvp95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dvp95_0.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ecengine.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\efpeadm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\egui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ekrn.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\emsw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\esafe.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\escanhnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\escanv95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\espwatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ethereal.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\etrustcipe.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\evpn.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\exantivirus-cnet.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\exe.avxw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\expert.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\explore.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fact.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-agnt95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fameh32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fast.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fch32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fih32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\findviru.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\firewall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fixcfg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fixfp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fnrb32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fprot.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-prot.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-prot95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fp-win.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fp-win_trial.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\frw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsaa.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav530stbyb.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav530wtbyb.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsgk32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsm32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsma32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsmb32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-stopw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gator.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbmenu.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbpoll.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\generics.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gmt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guard.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guarddog.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guardgui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hacktracersetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hbinst.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hbsrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\History.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hotactio.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hotpatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\htlog.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\htpatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hwpe.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hxdl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hxiul.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamapp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamstats.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ibmasn.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ibmavsp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icload95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icloadnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icmon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icsupp95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icsuppnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Identity.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\idle.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iedll.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iedriver.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\IEShow.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iface.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ifw2000.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\inetlnfo.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\infus.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\infwin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\init.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\init32.exe : Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[1].exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[2].exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[3].exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[4].exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[5].exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\intdel.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\intren.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iomon98.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\istsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jammer.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jdbgmrg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jedi.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\JsRcGen.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavlite40eng.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavpers40eng.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavpf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kazza.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\keenvalue.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-pf-213-en-win.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-wrl-421-en-win.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-wrp-421-en-win.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\killprocesssetup161.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldnetmon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldpro.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldpromenu.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\licmgr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\livesrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lnetinfo.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\loader.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\localnet.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lockdown.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lockdown2000.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lookout.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lordpe.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luau.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lucomserver.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luinit.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luspt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mapisvc32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcagent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcmnhdlr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcmscsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcnasvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcproxy.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\McSACore.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcshell.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcshield.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcsysmon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mctool.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcupdate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcvsrte.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcvsshld.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\md.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfin32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfw2en.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfweng3.02d30.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgavrtcl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgavrte.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mghtml.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\minilog.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mmod.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\monitor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\moolive.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mostat.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpfagent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpfservice.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MPFSrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpftray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mrflux.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mrt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msa.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msapp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MSASCui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msbb.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msblast.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mscache.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msccn32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mscman.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msconfig: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msdm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msdos.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msiexec16.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mslaugh.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msmgt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msmsgri32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msseces.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mssmmc32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mssys.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msvxd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mu0311ad.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mwatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\n32scanw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nav.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navap.navapsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navapsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navapw32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navdx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navlu32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navstub.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navw32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navwnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nc2000.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ncinst4.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ndd32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\neomonitor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\neowatchlog.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netarmor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netd32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netinfo.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netmon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netscanpro.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netspyhunter-1.2.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netutils.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nisserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nisum.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nmain.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nod32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\normist.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\norton_internet_secu_3.0_407.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\notstart.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npf40_tw_98_nt_me_2k.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npfmessenger.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nprotect.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npscheck.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npssvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nsched32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nssys32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nstask32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nsupdate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntrtscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntvdm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntxconfig.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nupgrade.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvarch16.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvc95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvsvc32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwinst4.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwservice.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwtool16.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAcat.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAhlp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAReg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oasrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oaui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oaview.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ODSW.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ollydbg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\onsrvr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\optimize.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ostronet.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\otfix.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpost.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpostinstall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpostproinstall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\padmin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\panixk.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\patch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavcl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PavFnSvr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavproxy.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavprsrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavsched.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavsrv51.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pccwin98.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcfwallicon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcip10117_0.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pdsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\periscope.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\persfw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\perswf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pf2.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pfwadmin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pgmonitr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pingscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\platin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pop3trap.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\poproxy.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\popscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\portdetective.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\portmonitor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\powerscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ppinupdt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pptbc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ppvstop.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prizesurfer.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prmt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prmvr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\procdump.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\processmonitor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\procexplorerv1.0.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\programauditor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\proport.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANCU.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANHost.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANToManager.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PsCtrls.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PsImSvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PskSvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pspf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSUNMain.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\purge.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qconsole.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qserver.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rapapp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav7.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav7win.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav8win32eng.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rb32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rcsync.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\realmon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\reged.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\regedt32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rescue.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rescue32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rrguard.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rscdwld.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rshell.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rtvscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rtvscn95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rulaunch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\safeweb.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sahagent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\savenow.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sbserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scam32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scanpm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scrscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\seccenter.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\serv95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setloadorder.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setup_flowprotector_us.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setupvameeval.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sgssfw32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sh.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shellspyinstall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shield.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shn.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\showbehind.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\signcheck.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sms.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smss32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\snetcfg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\soap.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sofi.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sperm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sphinx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoler.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoolcv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoolsv32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spyxx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\srexe.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\srng.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ss3edit.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
blackngold86
Regular Member
 
Posts: 20
Joined: July 22nd, 2012, 12:46 am

Re: Problems with 'permissions'

Unread postby blackngold86 » July 24th, 2012, 11:49 am

OTL PART 2

O27 - HKLM IFEO\ssg_4104.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ssgrate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\st2.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\start.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\stcloader.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\supftrl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\support.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\supporter5.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svchostc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svchosts.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svshost.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweep95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symlcsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symproxysvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symtray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\system.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\system32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sysupd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\taumon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tbscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tca.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tcm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds2-98.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds2-nt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds-3.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\teekids.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tfak.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tfak5.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tgbob.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\titanin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\titaninxp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\TPSrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trickler.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trjscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trjsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trojantrap3.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tsadbot.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tvmd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tvtmd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\uiscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\undoboot.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\updat.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\upgrad.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\upgrepl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\utpost.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbcmserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbcons.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbust.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbwin9x.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbwinntw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vcsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vet32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vet95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vettray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vfsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vir-help.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\virusmdpersonalfirewall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthAux.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthLic.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthUpd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vnlan300.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vnpc3000.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpc32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpc42.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpfw30s.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vptray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vscan40.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vscenu6.02d30.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsched.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsecomr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vshwin32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsisetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsmain.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsmon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsstat.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswin9xe.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswinntse.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswinperse.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\w32dsm89.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\w9x.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\watchdog.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webdav.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\WebProxy.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webscanx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webtrap.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wfindv32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\whoswatchingme.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wimmun32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win32us.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winactive.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win-bugsfix.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\window.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windows.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wininetd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wininitx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winlogin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winmain.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winppr32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winrecon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winservn.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winssk32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winstart.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winstart001.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wintsk32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winupdate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wkufind.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wnad.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wradmin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wrctrl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wsbgate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxas.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxav.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxfw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wsctool.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wupdater.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wupdt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wyvernworksfirewall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xpf202en.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapro.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapsetup3001.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zatutor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonalm2601.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonealarm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9c1fc32b-f766-11df-978b-00247e2fdbf9}\Shell - "" = AutoRun
O33 - MountPoints2\{cbb76cb9-e6f6-11de-9d13-00247e2fdbf9}\Shell - "" = AutoRun
O33 - MountPoints2\{f441fea6-a6ab-11df-a249-00247e2fdbf9}\Shell - "" = AutoRun
O33 - MountPoints2\{f441fea6-a6ab-11df-a249-00247e2fdbf9}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/22 00:29:15 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Bob\Desktop\OTL.exe
[2012/07/21 21:57:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012/07/21 21:51:05 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\BitTorrent
[2012/07/14 03:02:23 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012/07/05 17:25:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/07/02 14:01:14 | 000,000,000 | ---D | C] -- C:\QUARANTINE
[2012/07/02 04:18:43 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\McAfee
[2012/07/02 04:17:39 | 000,074,848 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysWow64\MfeOtlkAddin.dll
[2012/07/02 04:17:39 | 000,022,816 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysWow64\MFEOtlk.dll
[2012/07/02 04:17:38 | 000,099,056 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\MfeOtlkAddin.dll
[2012/07/02 04:17:35 | 000,009,984 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2012/07/02 04:17:34 | 000,100,904 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2012/07/02 04:17:33 | 000,158,712 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeapfk.sys
[2012/07/02 04:17:32 | 000,228,752 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2012/07/02 04:17:29 | 000,642,952 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys
[2012/07/02 04:17:01 | 000,283,744 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2012/07/02 04:16:59 | 000,158,832 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2012/07/02 04:16:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2012/07/02 04:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/07/02 04:14:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2012/07/02 04:14:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2012/07/02 04:12:25 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\V
[2012/07/02 03:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/07/02 03:13:42 | 000,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/07/02 02:05:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Cleaners
[2012/07/01 22:59:36 | 000,318,088 | ---- | C] (Symantec Corp.) -- C:\Users\Bob\Desktop\Setup.exe
[2012/07/01 22:59:26 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
[2012/07/01 22:59:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64
[2012/07/01 22:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2012/07/01 22:59:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0307020.005
[2012/07/01 22:59:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/07/01 15:00:01 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\I Want This
[2012/07/01 14:59:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\I Want This
[2012/07/01 14:43:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/07/01 14:28:57 | 003,710,865 | ---- | C] (Microsoft Corporation) -- C:\Users\Bob\Desktop\mseinstall.exe.bzhlugc.partial

========== Files - Modified Within 30 Days ==========

[2012/07/22 01:08:01 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/22 00:29:19 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Bob\Desktop\OTL.exe
[2012/07/22 00:12:38 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/22 00:10:01 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/22 00:10:01 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/22 00:09:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/22 00:09:31 | 4222,820,352 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/22 00:08:21 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/07/21 21:01:02 | 000,005,632 | ---- | M] () -- C:\Users\Bob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/21 17:34:54 | 000,000,444 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Bob.job
[2012/07/21 15:50:31 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForBob.job
[2012/07/11 03:26:22 | 000,316,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/02 04:16:18 | 000,283,744 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2012/07/02 04:16:17 | 000,158,832 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2012/07/02 04:16:16 | 000,100,904 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2012/07/02 04:16:16 | 000,099,056 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\MfeOtlkAddin.dll
[2012/07/02 04:16:14 | 000,642,952 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys
[2012/07/02 04:16:12 | 000,009,984 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2012/07/02 04:16:11 | 000,228,752 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2012/07/02 04:16:10 | 000,158,712 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeapfk.sys
[2012/07/02 04:15:56 | 000,074,848 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysWow64\MfeOtlkAddin.dll
[2012/07/02 04:15:56 | 000,022,816 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysWow64\MFEOtlk.dll
[2012/07/02 03:15:37 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/07/02 03:14:55 | 000,707,710 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/07/02 03:14:55 | 000,596,798 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/02 03:14:55 | 000,101,766 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/02 02:47:07 | 000,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/02 01:34:24 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/02 01:34:24 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/07/02 01:27:13 | 000,920,096 | ---- | M] () -- C:\Users\Bob\Desktop\Norton_Removal_Tool.exe
[2012/07/01 23:23:24 | 000,001,768 | ---- | M] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2012/07/01 22:59:36 | 000,318,088 | ---- | M] (Symantec Corp.) -- C:\Users\Bob\Desktop\Setup.exe
[2012/07/01 22:59:35 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2012/07/01 14:29:02 | 003,710,865 | ---- | M] (Microsoft Corporation) -- C:\Users\Bob\Desktop\mseinstall.exe.bzhlugc.partial
[2012/07/01 13:39:35 | 000,000,631 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\result.db

========== Files Created - No Company Name ==========

[2012/07/03 00:14:00 | 4222,820,352 | -HS- | C] () -- C:\hiberfil.sys
[2012/07/02 03:15:37 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/07/02 03:15:13 | 000,001,826 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/07/02 03:14:55 | 000,707,710 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/07/02 01:27:12 | 000,920,096 | ---- | C] () -- C:\Users\Bob\Desktop\Norton_Removal_Tool.exe
[2012/07/01 22:59:38 | 000,000,444 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Bob.job
[2012/07/01 22:59:35 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2012/07/01 22:59:26 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0307020.005\isolate.ini
[2012/07/01 13:39:35 | 000,000,631 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\result.db
[2010/07/02 22:22:07 | 000,004,239 | ---- | C] () -- C:\Users\Bob\AppData\Local\tmpGRAN TORINO MAIN SCREEN.5
[2010/07/02 22:22:02 | 000,003,685 | ---- | C] () -- C:\Users\Bob\AppData\Local\tmpGRAN TORINO MAIN SCREEN.4
[2010/07/02 22:22:00 | 000,004,214 | ---- | C] () -- C:\Users\Bob\AppData\Local\tmpGRAN TORINO MAIN SCREEN.3
[2010/07/02 22:21:59 | 000,004,203 | ---- | C] () -- C:\Users\Bob\AppData\Local\tmpGRAN TORINO MAIN SCREEN.2
[2010/07/02 22:21:57 | 000,004,232 | ---- | C] () -- C:\Users\Bob\AppData\Local\tmpGRAN TORINO MAIN SCREEN.1
[2010/07/02 22:21:56 | 000,004,193 | ---- | C] () -- C:\Users\Bob\AppData\Local\tmpGRAN TORINO MAIN SCREEN.JPG
[2010/07/02 22:21:56 | 000,003,685 | ---- | C] () -- C:\Users\Bob\AppData\Local\tmpGRAN TORINO MAIN SCREEN.0
[2010/06/13 02:22:03 | 001,348,608 | -HS- | C] () -- C:\Users\Bob\ehthumbs_vista.db
[2009/08/12 22:00:06 | 000,005,632 | ---- | C] () -- C:\Users\Bob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/12 22:30:00 | 000,000,680 | ---- | C] () -- C:\Users\Bob\AppData\Local\d3d9caps.dat
[2009/05/06 20:10:50 | 000,001,758 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\wklnhst.dat

========== LOP Check ==========

[2012/07/21 22:26:30 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\BitTorrent
[2010/06/28 21:20:57 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/02/19 14:47:06 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\DriverCure
[2012/02/19 14:49:05 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\FrostWire
[2010/06/13 16:32:26 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\muvee Technologies
[2012/03/04 22:40:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\ooVoo Details
[2012/02/19 14:34:29 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\PC Cleaners
[2012/07/01 21:29:50 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\PCPro
[2011/01/11 21:34:50 | 000,000,000 | -HSD | M] -- C:\Users\Bob\AppData\Roaming\Personal Internet Security 2011
[2012/02/19 14:47:04 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\SpeedyPC Software
[2012/04/04 21:47:47 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TaxCut
[2009/05/06 20:11:05 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Template
[2010/07/22 20:22:22 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TomTom
[2010/06/13 15:29:14 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Ulead Systems
[2012/07/22 00:08:20 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
blackngold86
Regular Member
 
Posts: 20
Joined: July 22nd, 2012, 12:46 am

Re: Problems with 'permissions'

Unread postby Gary R » July 24th, 2012, 12:48 pm

  • Download FRST64 to a USB flash drive.
  • Plug the USB drive into the infected machine.

Boot your computer into Recovery Environment

  • Restart the computer and press F8 repeatedly until the Advanced Options Menu appears.
  • Select Repair your computer.
  • Select Language and click Next
  • Enter password (if necessary) and click OK, you should now see the screen below ...

Image

  • Select the Command Prompt option.
  • A command window will open.
    • Type notepad then hit Enter.
    • Notepad will open.
      • Click File > Open then select Computer.
      • Note down the drive letter for your USB Drive.
      • Close Notepad.
  • Back in the command window ....
    • Type e:/frst64.exe and hit Enter (where e: is replaced by the drive letter for your USB drive)
    • FRST will start to run.
      • When the tool opens click Yes to disclaimer.
      • Press Scan button.
      • When finished scanning it will make a log FRST.txt on the flash drive.
  • Next
    • Type Explorer.exe;Services.exe into the Search: field in FRST then click the Search File(s) button.
    • FRST will search your computer for files and when finished it will produce a log Search.txt on the flash drive.
    • Exit FRST.
  • Close the command window.
  • Boot back into normal mode and post me the FRST.txt and Search.txt logs please.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Problems with 'permissions'

Unread postby blackngold86 » July 24th, 2012, 6:42 pm

Thanks for helping Gary! The logs are posted below. Just to update you, while waiting for a reply I did download Malwarebytes and run the scan since it is one of the recommended programs on this site. I couldn't tell if any of the flagged items could be causing my problems so I saved the logs if you want those as well!

FRST log

Scan result of Farbar Recovery Scan Tool Version: 24-07-2012 02
Ran by SYSTEM at 24-07-2012 18:20:07
Running from G:\
Windows Vista (TM) Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [912688 2008-09-23] (Hewlett-Packard)
HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [153624 2008-10-27] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [225816 2008-10-27] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [200216 2008-10-27] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [442368 2009-06-03] (IDT, Inc.)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [210216 2008-09-26] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe" [206120 2009-04-22] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam" [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [1328424 2009-04-29] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [185640 2009-04-29] (CyberLink)
HKLM-x32\...\Run: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [1148200 2009-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" [x]
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [1391272 2012-01-03] (Ask)
HKLM-x32\...\Run: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey [161088 2011-01-12] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE [215360 2011-09-14] (McAfee, Inc.)
HKU\Bob\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2387968 2009-01-27] (Hewlett-Packard Company)
HKU\Bob\...\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-09-30] (Hewlett-Packard)
HKU\Bob\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\Bob\...\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [247728 2012-01-22] (TomTom)
HKU\Bob\...\Run: [Personal Internet Security 2011] "C:\ProgramData\f62252\PIf62_289.exe" /s /d [x]
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1555968 2009-04-10] (Microsoft Corporation)
HKU\Default\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-09-30] (Hewlett-Packard)
HKU\Default\...\Run: [ooVoo] C\ooVoo.exe /minimized [x]
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1555968 2009-04-10] (Microsoft Corporation)
HKU\Default User\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-09-30] (Hewlett-Packard)
HKU\Default User\...\Run: [ooVoo] C\ooVoo.exe /minimized [x]
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent [462920 2012-07-03] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Services (Whitelisted) ======

2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
3 GameConsoleService; "C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe" [165416 2008-05-05] (WildTangent, Inc.)
2 McAfeeFramework; "C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe" /ServiceStart [120128 2011-01-12] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [199008 2012-07-02] (McAfee, Inc.)
2 McTaskManager; "C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe" [209760 2011-09-14] (McAfee, Inc.)
2 mfevtp; "C:\Windows\system32\mfevtps.exe" [158832 2012-07-02] (McAfee, Inc.)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation)
2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365952 2008-10-06] ()
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe [239104 2009-06-03] (IDT, Inc.)
2 TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92592 2012-01-22] (TomTom)
2 TVCapSvc; "C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe" [296320 2009-04-22] ()
2 TVSched; "C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe" [116104 2009-04-22] ()

========================== Drivers (Whitelisted) =============

3 iscFlash; \??\C:\SwSetup\sp44138\iscflashx64.sys [24568 2008-08-05] (Insyde Software)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [158712 2012-07-02] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [228752 2012-07-02] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [642952 2012-07-02] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [100904 2012-07-02] (McAfee, Inc.)
1 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [283744 2012-07-02] (McAfee, Inc.)
4 eabfiltr; [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 mfeavfk01; [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-07-24 14:12 - 2012-07-24 14:12 - 01438363 ____A (Farbar) C:\Users\Bob\Downloads\FRST64.exe
2012-07-23 13:49 - 2012-07-23 13:49 - 00000000 ____D C:\Users\Bob\Application Data\Malwarebytes
2012-07-23 13:49 - 2012-07-23 13:49 - 00000000 ____D C:\Users\Bob\AppData\Roaming\Malwarebytes
2012-07-23 13:48 - 2012-07-23 13:48 - 00000948 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-07-23 13:48 - 2012-07-23 13:48 - 00000948 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2012-07-23 13:47 - 2012-07-23 13:47 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-07-23 13:47 - 2012-07-23 13:47 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2012-07-23 13:47 - 2012-07-03 09:46 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-07-23 13:46 - 2012-07-23 13:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-23 13:38 - 2012-07-23 13:39 - 10651816 ____A (Malwarebytes Corporation ) C:\Users\Bob\Desktop\mbam-setup.exe
2012-07-22 19:51 - 2012-06-02 04:05 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-07-22 19:51 - 2012-06-02 04:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-07-22 19:51 - 2012-06-02 04:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-07-22 19:51 - 2012-06-02 04:03 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-07-22 19:51 - 2012-06-02 04:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-07-22 19:51 - 2012-06-02 03:59 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-07-22 19:51 - 2012-06-02 03:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-07-22 19:51 - 2012-06-02 03:57 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-07-22 19:51 - 2012-06-02 03:54 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-07-22 19:51 - 2012-06-02 00:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-07-22 19:51 - 2012-06-02 00:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-07-22 19:51 - 2012-06-02 00:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-07-22 19:51 - 2012-06-02 00:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-07-22 19:51 - 2012-06-02 00:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-07-22 19:51 - 2012-06-02 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-07-22 19:51 - 2012-06-02 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-07-22 19:51 - 2012-06-02 00:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-07-22 19:50 - 2012-06-02 04:49 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-07-22 19:50 - 2012-06-02 04:17 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-07-22 19:50 - 2012-06-02 04:12 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-07-22 19:50 - 2012-06-02 04:05 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-07-22 19:50 - 2012-06-02 04:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-07-22 19:50 - 2012-06-02 01:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-07-22 19:50 - 2012-06-02 00:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-07-22 19:50 - 2012-06-02 00:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-07-22 19:50 - 2012-06-02 00:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-07-22 19:50 - 2012-06-02 00:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-07-22 19:50 - 2012-06-02 00:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-07-21 21:21 - 2012-07-21 21:21 - 00083226 ____A C:\Users\Bob\Desktop\Extras.Txt
2012-07-21 21:19 - 2012-07-21 21:19 - 00241480 ____A C:\Users\Bob\Desktop\OTL.Txt
2012-07-21 20:29 - 2012-07-21 20:29 - 00596480 ____A (OldTimer Tools) C:\Users\Bob\Desktop\OTL.exe
2012-07-21 20:27 - 2012-07-21 20:27 - 00607260 ____A (Swearware) C:\Users\Bob\Downloads\dds.com
2012-07-21 19:17 - 2012-07-21 19:17 - 00347424 ____A (Microsoft Corporation) C:\Users\Bob\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2012-07-21 19:16 - 2012-07-21 19:16 - 00347424 ____A (Microsoft Corporation) C:\Users\Bob\Downloads\MicrosoftFixit.wu.LB.134266357790396004.1.1.Run.exe
2012-07-21 17:57 - 2012-07-21 17:57 - 00000000 ____D C:\Program Files (x86)\BitTorrent
2012-07-21 17:51 - 2012-07-21 18:26 - 00000000 ____D C:\Users\Bob\Application Data\BitTorrent
2012-07-21 17:51 - 2012-07-21 18:26 - 00000000 ____D C:\Users\Bob\AppData\Roaming\BitTorrent
2012-07-21 13:55 - 2012-07-21 13:56 - 03503224 ____A (McAfee, Inc.) C:\Users\Bob\Downloads\SecurityScan_Release (1).exe
2012-07-21 12:03 - 2012-07-21 12:04 - 03503224 ____A (McAfee, Inc.) C:\Users\Bob\Downloads\SecurityScan_Release.exe
2012-07-13 23:02 - 2012-07-13 23:02 - 00000000 ____D C:\Windows\CheckSur
2012-07-13 21:53 - 2012-06-05 08:47 - 01401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-07-13 21:53 - 2012-06-05 08:47 - 01248768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-07-13 21:53 - 2012-06-05 08:22 - 01869824 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-07-13 21:53 - 2012-06-05 08:22 - 01797120 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-07-10 23:01 - 2012-06-13 05:58 - 02769408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-10 19:24 - 2012-06-08 09:59 - 12899840 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-07-10 19:24 - 2012-06-08 09:47 - 11586048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-07-02 10:01 - 2012-07-03 06:22 - 00000000 ____D C:\QUARANTINE
2012-07-02 00:18 - 2012-07-02 00:18 - 00000000 ____D C:\Users\Bob\Application Data\McAfee
2012-07-02 00:18 - 2012-07-02 00:18 - 00000000 ____D C:\Users\Bob\AppData\Roaming\McAfee
2012-07-02 00:17 - 2012-07-02 00:16 - 00642952 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfehidk.sys
2012-07-02 00:17 - 2012-07-02 00:16 - 00283744 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfewfpk.sys
2012-07-02 00:17 - 2012-07-02 00:16 - 00228752 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys
2012-07-02 00:17 - 2012-07-02 00:16 - 00158712 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeapfk.sys
2012-07-02 00:17 - 2012-07-02 00:16 - 00100904 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys
2012-07-02 00:17 - 2012-07-02 00:16 - 00099056 ____A (McAfee, Inc.) C:\Windows\System32\MfeOtlkAddin.dll
2012-07-02 00:17 - 2012-07-02 00:16 - 00009984 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys
2012-07-02 00:17 - 2012-07-02 00:15 - 00074848 ____A (McAfee, Inc.) C:\Windows\SysWOW64\MfeOtlkAddin.dll
2012-07-02 00:17 - 2012-07-02 00:15 - 00022816 ____A (McAfee, Inc.) C:\Windows\SysWOW64\MFEOtlk.dll
2012-07-02 00:16 - 2012-07-02 00:16 - 00158832 ____A (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
2012-07-02 00:16 - 2012-07-02 00:16 - 00000000 ____D C:\Program Files\Common Files\McAfee
2012-07-02 00:14 - 2012-07-02 00:14 - 00000000 ____D C:\Program Files (x86)\McAfee
2012-07-02 00:12 - 2012-07-02 00:12 - 00000000 ____D C:\Users\Bob\My Documents\V
2012-07-02 00:12 - 2012-07-02 00:12 - 00000000 ____D C:\Users\Bob\Documents\V
2012-07-01 23:15 - 2012-07-01 23:15 - 00002154 ____A C:\Windows\epplauncher.mif
2012-07-01 23:14 - 2012-07-01 23:14 - 00707710 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-07-01 23:14 - 2012-07-01 23:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-07-01 23:13 - 2010-04-06 00:34 - 00345984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-07-01 22:05 - 2012-07-01 22:05 - 00000000 ____D C:\Program Files (x86)\PC Cleaners
2012-07-01 21:27 - 2012-07-01 21:27 - 00920096 ____A C:\Users\Bob\Desktop\Norton_Removal_Tool.exe
2012-07-01 18:59 - 2012-07-24 12:47 - 00000444 ___AH C:\Windows\Tasks\Norton Security Scan for Bob.job
2012-07-01 18:59 - 2012-07-01 18:59 - 00318088 ____A (Symantec Corp.) C:\Users\Bob\Desktop\Setup.exe
2012-07-01 18:59 - 2012-07-01 18:59 - 00001170 ____A C:\Users\Public\Desktop\Norton Security Scan.lnk
2012-07-01 18:59 - 2012-07-01 18:59 - 00001170 ____A C:\Users\All Users\Desktop\Norton Security Scan.lnk
2012-07-01 18:59 - 2012-07-01 18:59 - 00000000 ____D C:\Windows\System32\Drivers\NSSx64
2012-07-01 18:59 - 2012-07-01 18:59 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2012-07-01 18:40 - 2012-07-01 18:40 - 01029064 ____A (Symantec Corporation) C:\Users\Bob\Downloads\Sevinst64x86.exe
2012-07-01 18:40 - 2012-07-01 18:40 - 00000000 ____A C:\Users\Bob\Downloads\Unconfirmed 62085.crdownload
2012-07-01 18:36 - 2012-07-01 18:36 - 01563080 ____A (Symantec Corporation) C:\Users\Bob\Downloads\Sevinst64.exe
2012-07-01 18:36 - 2012-07-01 18:36 - 00832968 ____A (Symantec Corporation) C:\Users\Bob\Downloads\Sevinst (1).exe
2012-07-01 18:27 - 2012-07-01 18:27 - 00832968 ____A (Symantec Corporation) C:\Users\Bob\Downloads\Sevinst.exe
2012-07-01 11:00 - 2012-07-01 11:00 - 00000000 ____D C:\Users\Bob\Local Settings\I Want This
2012-07-01 11:00 - 2012-07-01 11:00 - 00000000 ____D C:\Users\Bob\Local Settings\Application Data\I Want This
2012-07-01 11:00 - 2012-07-01 11:00 - 00000000 ____D C:\Users\Bob\AppData\Local\I Want This
2012-07-01 10:59 - 2012-07-01 11:00 - 00000000 ____D C:\Program Files (x86)\I Want This
2012-07-01 10:43 - 2012-07-01 23:14 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-07-01 10:33 - 2012-07-01 10:34 - 03839681 ____A (Microsoft Corporation) C:\Users\Bob\Downloads\mseinstall (3).exe.umxs2jq.partial
2012-07-01 10:33 - 2012-07-01 10:33 - 01595425 ____A (Microsoft Corporation) C:\Users\Bob\Downloads\mseinstall (2).exe.dhxd359.partial
2012-07-01 10:28 - 2012-07-01 10:29 - 03710865 ____A (Microsoft Corporation) C:\Users\Bob\Desktop\mseinstall.exe.bzhlugc.partial
2012-07-01 10:27 - 2012-07-01 10:28 - 04277945 ____A (Microsoft Corporation) C:\Users\Bob\Downloads\mseinstall (1).exe.31yotut.partial
2012-07-01 10:24 - 2012-07-01 10:25 - 03655525 ____A (Microsoft Corporation) C:\Users\Bob\Downloads\mseinstall.exe.ima0i1i.partial
2012-07-01 09:39 - 2012-07-01 09:39 - 00000631 ____A C:\Users\Bob\Application Data\result.db
2012-07-01 09:39 - 2012-07-01 09:39 - 00000631 ____A C:\Users\Bob\AppData\Roaming\result.db


============ 3 Months Modified Files ========================

2012-07-24 14:16 - 2008-12-16 02:39 - 02095668 ____A C:\Windows\WindowsUpdate.log
2012-07-24 14:16 - 2008-12-16 02:39 - 00001076 ____A C:\Windows\bthservsdp.dat
2012-07-24 14:16 - 2006-11-02 07:42 - 00032568 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-07-24 14:16 - 2006-11-02 07:42 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-07-24 14:16 - 2006-11-02 07:22 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2012-07-24 14:16 - 2006-11-02 07:22 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2012-07-24 14:13 - 2012-03-07 16:07 - 00024883 ____A C:\Windows\setupact.log
2012-07-24 14:12 - 2012-07-24 14:12 - 01438363 ____A (Farbar) C:\Users\Bob\Downloads\FRST64.exe
2012-07-24 14:08 - 2010-03-06 14:08 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-07-24 12:47 - 2012-07-01 18:59 - 00000444 ___AH C:\Windows\Tasks\Norton Security Scan for Bob.job
2012-07-23 17:08 - 2010-03-06 14:08 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-07-23 13:48 - 2012-07-23 13:48 - 00000948 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-07-23 13:48 - 2012-07-23 13:48 - 00000948 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2012-07-23 13:39 - 2012-07-23 13:38 - 10651816 ____A (Malwarebytes Corporation ) C:\Users\Bob\Desktop\mbam-setup.exe
2012-07-21 21:21 - 2012-07-21 21:21 - 00083226 ____A C:\Users\Bob\Desktop\Extras.Txt
2012-07-21 21:19 - 2012-07-21 21:19 - 00241480 ____A C:\Users\Bob\Desktop\OTL.Txt
2012-07-21 20:29 - 2012-07-21 20:29 - 00596480 ____A (OldTimer Tools) C:\Users\Bob\Desktop\OTL.exe
2012-07-21 20:27 - 2012-07-21 20:27 - 00607260 ____A (Swearware) C:\Users\Bob\Downloads\dds.com
2012-07-21 19:17 - 2012-07-21 19:17 - 00347424 ____A (Microsoft Corporation) C:\Users\Bob\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2012-07-21 19:16 - 2012-07-21 19:16 - 00347424 ____A (Microsoft Corporation) C:\Users\Bob\Downloads\MicrosoftFixit.wu.LB.134266357790396004.1.1.Run.exe
2012-07-21 17:01 - 2009-08-12 18:00 - 00005632 ____A C:\Users\Bob\Local Settings\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-21 17:01 - 2009-08-12 18:00 - 00005632 ____A C:\Users\Bob\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-21 17:01 - 2009-08-12 18:00 - 00005632 ____A C:\Users\Bob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-21 13:56 - 2012-07-21 13:55 - 03503224 ____A (McAfee, Inc.) C:\Users\Bob\Downloads\SecurityScan_Release (1).exe
2012-07-21 12:04 - 2012-07-21 12:03 - 03503224 ____A (McAfee, Inc.) C:\Users\Bob\Downloads\SecurityScan_Release.exe
2012-07-21 11:50 - 2012-03-16 13:39 - 00000326 ____A C:\Windows\Tasks\HPCeeScheduleForBob.job
2012-07-10 23:26 - 2006-11-02 07:21 - 00316280 ____A C:\Windows\System32\FNTCACHE.DAT
2012-07-10 23:05 - 2006-11-02 04:35 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-07-03 09:46 - 2012-07-23 13:47 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-07-02 02:31 - 2006-11-02 04:33 - 66060288 ____A C:\Windows\System32\config\software_previous
2012-07-02 02:31 - 2006-11-02 04:33 - 21495808 ____A C:\Windows\System32\config\system_previous
2012-07-02 02:27 - 2006-11-02 04:33 - 54788096 ____A C:\Windows\System32\config\components_previous
2012-07-02 02:27 - 2006-11-02 04:33 - 00262144 ____A C:\Windows\System32\config\sam_previous
2012-07-02 00:16 - 2012-07-02 00:17 - 00642952 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfehidk.sys
2012-07-02 00:16 - 2012-07-02 00:17 - 00283744 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfewfpk.sys
2012-07-02 00:16 - 2012-07-02 00:17 - 00228752 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys
2012-07-02 00:16 - 2012-07-02 00:17 - 00158712 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeapfk.sys
2012-07-02 00:16 - 2012-07-02 00:17 - 00100904 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys
2012-07-02 00:16 - 2012-07-02 00:17 - 00099056 ____A (McAfee, Inc.) C:\Windows\System32\MfeOtlkAddin.dll
2012-07-02 00:16 - 2012-07-02 00:17 - 00009984 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys
2012-07-02 00:16 - 2012-07-02 00:16 - 00158832 ____A (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
2012-07-02 00:15 - 2012-07-02 00:17 - 00074848 ____A (McAfee, Inc.) C:\Windows\SysWOW64\MfeOtlkAddin.dll
2012-07-02 00:15 - 2012-07-02 00:17 - 00022816 ____A (McAfee, Inc.) C:\Windows\SysWOW64\MFEOtlk.dll
2012-07-01 23:15 - 2012-07-01 23:15 - 00002154 ____A C:\Windows\epplauncher.mif
2012-07-01 23:14 - 2012-07-01 23:14 - 00707710 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-07-01 22:47 - 2006-11-02 04:46 - 00690960 ____A C:\Windows\System32\PerfStringBackup.INI
2012-07-01 22:24 - 2006-11-02 04:33 - 00262144 ____A C:\Windows\System32\config\security_previous
2012-07-01 22:24 - 2006-11-02 04:33 - 00262144 ____A C:\Windows\System32\config\default_previous
2012-07-01 22:12 - 2012-02-19 13:40 - 00029510 ____A C:\Windows\PFRO.log
2012-07-01 21:34 - 2012-04-15 17:15 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-07-01 21:34 - 2011-05-13 02:44 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-07-01 21:27 - 2012-07-01 21:27 - 00920096 ____A C:\Users\Bob\Desktop\Norton_Removal_Tool.exe
2012-07-01 19:23 - 2012-03-04 18:34 - 00001768 ____A C:\Users\Public\Desktop\ooVoo.lnk
2012-07-01 19:23 - 2012-03-04 18:34 - 00001768 ____A C:\Users\All Users\Desktop\ooVoo.lnk
2012-07-01 18:59 - 2012-07-01 18:59 - 00318088 ____A (Symantec Corp.) C:\Users\Bob\Desktop\Setup.exe
2012-07-01 18:59 - 2012-07-01 18:59 - 00001170 ____A C:\Users\Public\Desktop\Norton Security Scan.lnk
2012-07-01 18:59 - 2012-07-01 18:59 - 00001170 ____A C:\Users\All Users\Desktop\Norton Security Scan.lnk
2012-07-01 18:40 - 2012-07-01 18:40 - 01029064 ____A (Symantec Corporation) C:\Users\Bob\Downloads\Sevinst64x86.exe
2012-07-01 18:40 - 2012-07-01 18:40 - 00000000 ____A C:\Users\Bob\Downloads\Unconfirmed 62085.crdownload
2012-07-01 18:36 - 2012-07-01 18:36 - 01563080 ____A (Symantec Corporation) C:\Users\Bob\Downloads\Sevinst64.exe
2012-07-01 18:36 - 2012-07-01 18:36 - 00832968 ____A (Symantec Corporation) C:\Users\Bob\Downloads\Sevinst (1).exe
2012-07-01 18:27 - 2012-07-01 18:27 - 00832968 ____A (Symantec Corporation) C:\Users\Bob\Downloads\Sevinst.exe
2012-07-01 10:34 - 2012-07-01 10:33 - 03839681 ____A (Microsoft Corporation) C:\Users\Bob\Downloads\mseinstall (3).exe.umxs2jq.partial
2012-07-01 10:33 - 2012-07-01 10:33 - 01595425 ____A (Microsoft Corporation) C:\Users\Bob\Downloads\mseinstall (2).exe.dhxd359.partial
2012-07-01 10:29 - 2012-07-01 10:28 - 03710865 ____A (Microsoft Corporation) C:\Users\Bob\Desktop\mseinstall.exe.bzhlugc.partial
2012-07-01 10:28 - 2012-07-01 10:27 - 04277945 ____A (Microsoft Corporation) C:\Users\Bob\Downloads\mseinstall (1).exe.31yotut.partial
2012-07-01 10:25 - 2012-07-01 10:24 - 03655525 ____A (Microsoft Corporation) C:\Users\Bob\Downloads\mseinstall.exe.ima0i1i.partial
2012-07-01 09:39 - 2012-07-01 09:39 - 00000631 ____A C:\Users\Bob\Application Data\result.db
2012-07-01 09:39 - 2012-07-01 09:39 - 00000631 ____A C:\Users\Bob\AppData\Roaming\result.db
2012-06-29 13:14 - 2012-02-24 14:39 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
2012-06-18 19:50 - 2012-06-18 19:50 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2012-06-18 19:37 - 2009-04-26 11:45 - 00076632 ____A C:\Users\Bob\Local Settings\GDIPFONTCACHEV1.DAT
2012-06-18 19:37 - 2009-04-26 11:45 - 00076632 ____A C:\Users\Bob\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-06-18 19:37 - 2009-04-26 11:45 - 00076632 ____A C:\Users\Bob\AppData\Local\GDIPFONTCACHEV1.DAT
2012-06-18 19:29 - 2012-06-18 19:29 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2012-06-13 05:58 - 2012-07-10 23:01 - 02769408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-08 09:59 - 2012-07-10 19:24 - 12899840 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 09:47 - 2012-07-10 19:24 - 11586048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-05 08:47 - 2012-07-13 21:53 - 01401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-05 08:47 - 2012-07-13 21:53 - 01248768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-05 08:22 - 2012-07-13 21:53 - 01869824 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-05 08:22 - 2012-07-13 21:53 - 01797120 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-02 14:19 - 2012-06-21 06:38 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-21 06:38 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-21 06:38 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-21 06:37 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-21 06:37 - 00577048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2012-06-02 14:19 - 2012-06-21 06:37 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:19 - 2012-06-21 06:37 - 00035864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2012-06-02 14:15 - 2012-06-21 06:38 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-06-21 06:37 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 14:12 - 2012-06-21 06:37 - 00088576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2012-06-02 11:19 - 2012-06-21 06:37 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 11:19 - 2012-06-21 06:37 - 00171904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2012-06-02 11:15 - 2012-06-21 06:37 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-02 11:12 - 2012-06-21 06:37 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2012-06-02 04:49 - 2012-07-22 19:50 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-02 04:17 - 2012-07-22 19:50 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-02 04:12 - 2012-07-22 19:50 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-02 04:05 - 2012-07-22 19:51 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-02 04:05 - 2012-07-22 19:50 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-02 04:04 - 2012-07-22 19:51 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-02 04:04 - 2012-07-22 19:51 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-02 04:03 - 2012-07-22 19:51 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-02 04:01 - 2012-07-22 19:51 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-02 04:00 - 2012-07-22 19:50 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-02 03:59 - 2012-07-22 19:51 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-02 03:57 - 2012-07-22 19:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-02 03:57 - 2012-07-22 19:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-02 03:54 - 2012-07-22 19:51 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-02 01:07 - 2012-07-22 19:50 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-02 00:43 - 2012-07-22 19:50 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-02 00:33 - 2012-07-22 19:50 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-02 00:26 - 2012-07-22 19:51 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-02 00:25 - 2012-07-22 19:51 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-02 00:25 - 2012-07-22 19:50 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-02 00:23 - 2012-07-22 19:51 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-02 00:21 - 2012-07-22 19:50 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-02 00:20 - 2012-07-22 19:51 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-02 00:19 - 2012-07-22 19:51 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-02 00:19 - 2012-07-22 19:50 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-02 00:17 - 2012-07-22 19:51 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-02 00:16 - 2012-07-22 19:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-02 00:14 - 2012-07-22 19:51 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-05-09 17:33 - 2012-05-09 17:33 - 00026456 ____A C:\Users\Bob\Desktop\Convergence.htm
2012-05-04 21:34 - 2012-05-04 21:34 - 08769696 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2012-05-02 15:42 - 2012-05-02 15:42 - 00090624 ____A C:\Users\Bob\Downloads\jeff sandy final excel spreadsheet for mailing list 5-10.xls
2012-05-01 06:29 - 2012-06-13 19:06 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 17%
Total physical RAM: 4026.25 MB
Available physical RAM: 3336.29 MB
Total Pagefile: 3703.46 MB
Available Pagefile: 3311.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:285.62 GB) (Free:167.33 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (RECOVERY) (Fixed) (Total:12.47 GB) (Free:1.98 GB) NTFS ==>[System with boot components (obtained from reading drive)]
5 Drive g: (HP v100w) (Removable) (Total:1.89 GB) (Free:1.61 GB) FAT
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 298 GB 1024 KB
Disk 1 No Media 0 B 0 B
Disk 2 Online 1937 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 286 GB 1024 KB
Partition 2 Primary 12 GB 286 GB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 286 GB Healthy

==================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D RECOVERY NTFS Partition 12 GB Healthy

==================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1933 MB 4032 KB

==================================================================================

Disk: 2
Partition 1
Type : 0E
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G HP v100w FAT Removable 1933 MB Healthy

==================================================================================

==========================================================

Last Boot: 2012-07-24 08:18

======================= End Of Log ==========================



SEARCH log

Farbar Recovery Scan Tool Version: 24-07-2012 02
Ran by SYSTEM at 2012-07-24 18:22:10
Running from G:\

================== Search: "Explorer.exe;Services.exe" ===================

C:\Windows\explorer.exe
[2010-03-17 15:41] - [2009-04-10 23:10] - 3079168 ____A (Microsoft Corporation) 6B08E54A451B3F95E4109DBA7E594270

C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2010-03-17 15:41] - [2009-04-10 22:27] - 0279552 ____A (Microsoft Corporation) D4E6D91C1349B7BFB3599A6ADA56851B

C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2008-01-20 18:50] - [2008-01-20 18:50] - 0279040 ____A (Microsoft Corporation) 2B336AB6286D6C81FA02CBAB914E3C6C

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2010-03-17 15:41] - [2009-04-10 22:27] - 2926592 ____A (Microsoft Corporation) D07D4C3038F3578FFCE1C0237F2A1253

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009-04-26 12:18] - [2008-10-29 19:59] - 2927616 ____A (Microsoft Corporation) 50BA5850147410CDE89C523AD3BC606E

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2009-04-26 12:18] - [2008-10-28 22:29] - 2927104 ____A (Microsoft Corporation) 4F554999D7D5F05DAAEBBA7B5BA1089D

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
[2008-01-20 18:49] - [2008-01-20 18:49] - 2927104 ____A (Microsoft Corporation) FFA764631CB70A30065C12EF8E174F9F

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2009-04-26 12:18] - [2008-10-27 18:15] - 2923520 ____A (Microsoft Corporation) E7156B0B74762D9DE0E66BDCDE06E5FB

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2009-04-26 12:18] - [2008-10-28 22:20] - 2923520 ____A (Microsoft Corporation) 37440D09DEAE0B672A04DCCF7ABF06BE

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[2010-03-17 15:41] - [2009-04-10 23:10] - 0384512 ____A (Microsoft Corporation) 934E0B7D77FF78C18D9F8891221B6DE3

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe
[2008-01-20 18:49] - [2008-01-20 18:49] - 0384512 ____A (Microsoft Corporation) DFAC660F0F139276CC9299812DE42719

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2010-03-17 15:41] - [2009-04-10 23:10] - 3079168 ____A (Microsoft Corporation) 6B08E54A451B3F95E4109DBA7E594270

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2009-04-26 12:18] - [2008-10-29 21:30] - 3081216 ____A (Microsoft Corporation) E404A65EF890140410E9F3D405841C95

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009-04-26 12:18] - [2008-10-28 22:49] - 3080704 ____A (Microsoft Corporation) BBD8E74F23D7605CB0CDB57A1B25D826

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008-01-20 18:48] - [2008-01-20 18:48] - 3080704 ____A (Microsoft Corporation) F6D765FB6B457542D954682F50C26E4F

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2009-04-26 12:18] - [2008-10-27 18:30] - 3086848 ____A (Microsoft Corporation) 72B9990E45C25AA3C75C4FB50A9D6CE0

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2009-04-26 12:18] - [2008-10-28 22:15] - 3087360 ____A (Microsoft Corporation) 50514057C28A74BAC2BD04B7B990D615

C:\Windows\SysWOW64\explorer.exe
[2010-03-17 15:41] - [2009-04-10 22:27] - 2926592 ____A (Microsoft Corporation) D07D4C3038F3578FFCE1C0237F2A1253

C:\Windows\SysWOW64\services.exe
[2010-03-17 15:41] - [2009-04-10 22:27] - 0279552 ____A (Microsoft Corporation) D4E6D91C1349B7BFB3599A6ADA56851B

C:\Windows\System32\services.exe
[2010-03-17 15:41] - [2009-04-10 23:10] - 0384512 ____A (Microsoft Corporation) 934E0B7D77FF78C18D9F8891221B6DE3

====== End Of Search ======
blackngold86
Regular Member
 
Posts: 20
Joined: July 22nd, 2012, 12:46 am

Re: Problems with 'permissions'

Unread postby Gary R » July 24th, 2012, 7:18 pm

OK, I'm not seeing what I expected I'd see in your FRST log, which is good, but there's still things in your OTL log that need taking care of.

Please don't run any scans of your own until I get back to you.

It's turned midnight where I am, so it will be tomorrow morning before I get chance to create a fix for you.

In the meantime, are you for any reason running a debugger on your computer ? There's a whole bundle of debug processes running, and if you're not debugging your computer then I'll need to include them in the fix.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Problems with 'permissions'

Unread postby blackngold86 » July 24th, 2012, 10:51 pm

Ok! The only things to "clean" that are on this computer are McAfee, Windows Security Essentials, Malwarebytes, and the Norton Security Scan off Norton's site. Not sure if any of those would be considered a debugger. But not to my knowledge am I running a debugger!
blackngold86
Regular Member
 
Posts: 20
Joined: July 22nd, 2012, 12:46 am

Re: Problems with 'permissions'

Unread postby Gary R » July 25th, 2012, 1:49 am

OK, quite a bit of work to do.

First

Please go to Control Panel > Programs > Uninstall a program and Uninstall the following:

Microsoft Security Essentials
Java(TM) 6 Update 24
Ask Toolbar
FrostWire 4.20.7


You appear to be using McAfee as your Anti-Virus, so MSE needs to be removed or they will conflict with each other.
Old versions of java can be exploited, we'll update java later.
Ask Toolbar is a worthless piece of junk that comes bundled with a lot of programs as a "cash cow" for the developers.
Frostwire is a P2P program. Use of P2P is the single quickest way to pick up an infection that I know of. In return for our help this forum insists on the removal of all P2P programs.

Reboot your computer when they have all been removed.

Next

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2857572
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\URLSearchHook: {38542454-dfb6-44f5-b052-d4e071a3d073} - No CLSID value found
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\URLSearchHook: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - No CLSID value found
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2857572
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\SearchScopes\{C299A347-D117-4200-8C95-A0A570E62019}: "URL" = http://findgala.com/?&uid=289&q={searchTerms}
IE - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25496
O2 - BHO: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\Toolbar\WebBrowser: (no name) - {38542454-DFB6-44F5-B052-D4E071A3D073} - No CLSID value found.
O3 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\Toolbar\WebBrowser: (no name) - {B9D63C58-90CC-428B-8D3B-CBB88EB07E7E} - No CLSID value found.
O3 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..\Toolbar\WebBrowser: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000..\Run: [Personal Internet Security 2011] "C:\ProgramData\f62252\PIf62_289.exe" /s /d File not found
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 0 = msseces.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = MSASCui.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 2 = ekrn.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 3 = egui.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 4 = avgnt.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 5 = avcenter.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 6 = avscan.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 7 = avgfrw.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 8 = avgui.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 9 = avgtray.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 10 = avgscanx.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 11 = avgcfgex.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 12 = avgemc.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 13 = avgchsvx.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 14 = avgcmgr.exe
O7 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 15 = avgwdsvc.exe
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-2178579362-4275671455-3174961323-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O27 - HKLM IFEO\_avp32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\_avpcc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\_avpm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\a.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aAvgApi.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AAWTray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\About.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ackwin32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\adaware.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Ad-Aware.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\advxdwin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agentsvr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\agentw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alertsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alevir.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\alogserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AluSchedulerSvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\amon9x.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\anti-trojan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\antivirus.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ants.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\apimonitor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aplica32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\apvxdwin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\arr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Arrakis3.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashAvast.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashBug.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashChest.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashCnsnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashDisp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashLogV.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashMaiSv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashPopWz.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashQuick.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashServ.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSimp2.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSimpl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSkPcc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashSkPck.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashUpd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ashWebSv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswChLic.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswRegSvr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswRunDll.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aswUpdSv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atcon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atguard.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atro55en.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atupdater.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\atwatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\au.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\aupdate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autodown.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\auto-protect.nav80try.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autotrace.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\autoupdate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avadmin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avcenter.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avciman.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconfig.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avconsol.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ave32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVENGINE.EXE: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcc32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgchk.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcmgr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgcsrvx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgctrl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgdumpx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgemc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgiproxy.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgnsx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgrsx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgscanx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgserv9.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgsrmax.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgtray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgupd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avgwdsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkpop.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkservice.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avkwctl9.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avltmain.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avmailc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avmcdlg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avnotify.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avp32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpcc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpdos32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avptc32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avpupd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avsched32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avsynmgr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avupgsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\AVWEBGRD.EXE: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwin95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwinnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwsc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupd32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avwupsrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxmonitor9x.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxmonitornt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avxquar.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\b.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\backweb.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bargains.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bd_professional.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdagent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdfvcl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdfvwiz.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDInProcPatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdmcon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDMsnScan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdreinit.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdsubwiz.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\BDSurvey.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdtkexec.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bdwizreg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\beagle.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\belt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bidef.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bidserver.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bipcp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bipcpevalsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bisp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blackd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blackice.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blink.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\blss.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bootconf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bootwarn.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\borg2.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brasil.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\brw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bs120.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bspatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bundle.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\bvt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\c.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cavscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccapp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccevtmgr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccpxysvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ccSvcHst.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cdp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfgwiz.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfiadmin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfiaudit.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfinet.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfinet32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpconfg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfplogvw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cfpupdat.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\claw95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\claw95cf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\clean.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleaner.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleaner3.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleanIELow.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cleanpc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\click.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmd32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmdagent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmesys.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmgrdian.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cmon016.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\connectionmonitor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\control: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpf9x206.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cpfnt206.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\crashrep.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssconfg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssupdat.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cssurf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ctrl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cwnb181.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\cwntdwmo.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\d.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\datemanager.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dcomx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defalert.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defscangui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\defwatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\deloeminfs.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\deputy.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\divx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dllcache.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dllreg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\doors.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpfsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dpps2.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\driverctrl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwatson.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drweb32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\drwebupw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dssagent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dvp95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\dvp95_0.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ecengine.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\efpeadm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\egui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ekrn.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\emsw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\esafe.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\escanhnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\escanv95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\espwatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ethereal.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\etrustcipe.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\evpn.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\exantivirus-cnet.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\exe.avxw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\expert.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\explore.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fact.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-agnt95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fameh32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fast.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fch32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fih32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\findviru.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\firewall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fixcfg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fixfp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fnrb32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fprot.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-prot.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-prot95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fp-win.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fp-win_trial.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\frw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsaa.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav530stbyb.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav530wtbyb.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsav95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsgk32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsm32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsma32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\fsmb32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\f-stopw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gator.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbmenu.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gbpoll.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\generics.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\gmt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guard.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guarddog.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\guardgui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hacktracersetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hbinst.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hbsrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\History.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hotactio.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hotpatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\htlog.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\htpatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hwpe.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hxdl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\hxiul.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamapp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iamstats.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ibmasn.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ibmavsp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icload95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icloadnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icmon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icsupp95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\icsuppnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\Identity.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\idle.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iedll.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iedriver.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\IEShow.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iface.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ifw2000.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\inetlnfo.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\infus.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\infwin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\init.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\init32.exe : Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[1].exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[2].exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[3].exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[4].exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\install[5].exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\intdel.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\intren.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\iomon98.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\istsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jammer.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jdbgmrg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\jedi.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\JsRcGen.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavlite40eng.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavpers40eng.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kavpf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kazza.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\keenvalue.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-pf-213-en-win.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-wrl-421-en-win.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\kerio-wrp-421-en-win.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\killprocesssetup161.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldnetmon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldpro.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldpromenu.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ldscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\licmgr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\livesrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lnetinfo.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\loader.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\localnet.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lockdown.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lockdown2000.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lookout.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lordpe.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luau.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\lucomserver.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luinit.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\luspt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mapisvc32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcagent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcmnhdlr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcmscsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcnasvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcproxy.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\McSACore.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcshell.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcshield.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcsysmon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mctool.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcupdate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcvsrte.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mcvsshld.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\md.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfin32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfw2en.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mfweng3.02d30.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgavrtcl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgavrte.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mghtml.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mgui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\minilog.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mmod.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\monitor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\moolive.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mostat.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpfagent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpfservice.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MPFSrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mpftray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mrflux.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mrt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msa.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msapp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\MSASCui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msbb.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msblast.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mscache.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msccn32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mscman.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msconfig: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msdm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msdos.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msiexec16.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mslaugh.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msmgt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msmsgri32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msseces.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mssmmc32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mssys.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msvxd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mu0311ad.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\mwatch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\n32scanw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nav.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navap.navapsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navapsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navapw32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navdx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navlu32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navstub.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navw32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\navwnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nc2000.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ncinst4.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ndd32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\neomonitor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\neowatchlog.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netarmor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netd32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netinfo.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netmon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netscanpro.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netspyhunter-1.2.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\netutils.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nisserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nisum.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nmain.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nod32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\normist.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\norton_internet_secu_3.0_407.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\notstart.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npf40_tw_98_nt_me_2k.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npfmessenger.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nprotect.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npscheck.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\npssvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nsched32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nssys32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nstask32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nsupdate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntrtscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntvdm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ntxconfig.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nupgrade.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvarch16.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvc95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nvsvc32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwinst4.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwservice.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\nwtool16.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAcat.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAhlp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\OAReg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oasrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oaui.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\oaview.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ODSW.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ollydbg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\onsrvr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\optimize.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ostronet.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\otfix.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpost.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpostinstall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\outpostproinstall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\padmin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\panixk.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\patch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavcl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PavFnSvr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavproxy.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavprsrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavsched.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavsrv51.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pavw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pccwin98.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcfwallicon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcip10117_0.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pcscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pdsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\periscope.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\persfw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\perswf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pf2.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pfwadmin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pgmonitr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pingscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\platin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pop3trap.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\poproxy.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\popscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\portdetective.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\portmonitor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\powerscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ppinupdt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pptbc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ppvstop.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prizesurfer.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prmt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\prmvr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\procdump.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\processmonitor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\procexplorerv1.0.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\programauditor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\proport.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANCU.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANHost.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSANToManager.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PsCtrls.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PsImSvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PskSvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\pspf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\PSUNMain.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\purge.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qconsole.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\qserver.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rapapp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav7.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav7win.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rav8win32eng.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rb32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rcsync.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\realmon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\reged.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\regedt32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rescue.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rescue32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rrguard.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rscdwld.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rshell.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rtvscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rtvscn95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\rulaunch.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\safeweb.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sahagent.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\savenow.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sbserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scam32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scan95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scanpm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\scrscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\seccenter.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\serv95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setloadorder.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setup_flowprotector_us.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\setupvameeval.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sgssfw32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sh.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shellspyinstall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shield.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\shn.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\showbehind.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\signcheck.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sms.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\smss32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\snetcfg.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\soap.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sofi.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sperm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spf.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sphinx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoler.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoolcv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spoolsv32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\spyxx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\srexe.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\srng.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ss3edit.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ssg_4104.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ssgrate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\st2.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\start.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\stcloader.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\supftrl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\support.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\supporter5.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svchostc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svchosts.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\svshost.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweep95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symlcsvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symproxysvc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\symtray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\system.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\system32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\sysupd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\taumon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tbscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tc.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tca.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tcm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds2-98.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds2-nt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tds-3.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\teekids.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tfak.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tfak5.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tgbob.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\titanin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\titaninxp.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\TPSrv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trickler.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trjscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trjsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\trojantrap3.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tsadbot.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tvmd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\tvtmd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\uiscan.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\undoboot.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\updat.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\upgrad.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\upgrepl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\utpost.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbcmserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbcons.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbust.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbwin9x.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vbwinntw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vcsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vet32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vet95.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vettray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vfsetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vir-help.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\virusmdpersonalfirewall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthAux.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthLic.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\VisthUpd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vnlan300.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vnpc3000.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpc32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpc42.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vpfw30s.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vptray.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vscan40.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vscenu6.02d30.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsched.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsecomr.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vshwin32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsisetup.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsmain.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsmon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsserv.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vsstat.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswin9xe.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswinntse.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\vswinperse.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\w32dsm89.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\w9x.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\watchdog.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webdav.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\WebProxy.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webscanx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\webtrap.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wfindv32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\whoswatchingme.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wimmun32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win32us.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winactive.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\win-bugsfix.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\window.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\windows.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wininetd.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wininitx.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winlogin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winmain.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winppr32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winrecon.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winservn.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winssk32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winstart.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winstart001.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wintsk32.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\winupdate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wkufind.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wnad.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wnt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wradmin.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wrctrl.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wsbgate.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxas.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxav.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wscfxfw.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wsctool.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wupdater.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wupdt.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\wyvernworksfirewall.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\xpf202en.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapro.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zapsetup3001.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zatutor.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonalm2601.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\zonealarm.exe: Debugger - C:\Windows\SysWow64\svchost.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9c1fc32b-f766-11df-978b-00247e2fdbf9}\Shell - "" = AutoRun
O33 - MountPoints2\{cbb76cb9-e6f6-11de-9d13-00247e2fdbf9}\Shell - "" = AutoRun
O33 - MountPoints2\{f441fea6-a6ab-11df-a249-00247e2fdbf9}\Shell - "" = AutoRun
O33 - MountPoints2\{f441fea6-a6ab-11df-a249-00247e2fdbf9}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
[2012/07/21 21:57:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012/07/21 21:51:05 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\BitTorrent
[2012/02/19 14:49:05 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\FrostWire
[2011/01/11 21:34:50 | 000,000,000 | -HSD | M] -- C:\Users\Bob\AppData\Roaming\Personal Internet Security 2011

:Files
ipconfig /flushdns /c
c:\program files (x86)\frostwire
C:\users\bob\downloads\bittorrent9.exe


:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02352358-7D7D-47B2-B051-3A81928C4EF2}"=-
"{E70451C9-A2DF-46F4-B724-1DC2EBA5F33F}"=-
"TCP Query User{DFBACFA5-9399-42A9-AAB3-9797F6EC97D9}C:\users\bob\downloads\bittorrent9.exe"=-
"TCP Query User{E184346E-5B78-41BE-928A-3757E21DDA8C}C:\program files (x86)\frostwire\frostwire.exe"=-
"UDP Query User{28F0EC91-E8E6-4F15-912A-68275B4C890F}C:\program files (x86)\frostwire\frostwire.exe"=-
"UDP Query User{E37F5BCD-D956-448B-8C38-7E1FAFC593EA}C:\users\bob\downloads\bittorrent9.exe"=

:Commands
[resethosts]
[emptytemp]
[createrestorepoint]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Problems with 'permissions'

Unread postby blackngold86 » July 25th, 2012, 12:11 pm

Ask toolbar will not uninstall. It keeps telling me to close all browser windows before it can finish, even though none are open. Even went into IE under toolbars but the remove option is not highlighted. I went ahead and rebooted. Still proceed with OTL?
blackngold86
Regular Member
 
Posts: 20
Joined: July 22nd, 2012, 12:46 am

Re: Problems with 'permissions'

Unread postby Gary R » July 25th, 2012, 1:22 pm

Don't worry about the Ask Toolbar, just continue with the rest of the fix.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Problems with 'permissions'

Unread postby blackngold86 » July 25th, 2012, 9:11 pm

While running OTL, a box popped up saying "Cannot create file C:\Windows\System32\drivers\etc\Hosts." Only option was OK, so I clicked it. Since then it has sat for going on 3 hrs saying "Resetting HOSTS file. DO NOT INTERRUPT..." Should I do anything to it? I haven't been using it at all, on another computer now to send this.
blackngold86
Regular Member
 
Posts: 20
Joined: July 22nd, 2012, 12:46 am

Re: Problems with 'permissions'

Unread postby Gary R » July 26th, 2012, 12:38 am

  • Right click in your task bar and select Start Task Manager
  • Click on the Processes tab.
  • Scroll down to OTL.exe
  • Click on it to highlight it.
  • Now click End Process

If that doesn't stop OTL then hard shutdown your computer.

When OTL has stopped, or if you had to do a hard shutdown when you've rebooted, please do the following .....

  • Go to C:\_OTL\MovedFiles
  • Here you should find a file (or files) named mmddyyyy_hhmmss.log (where mdyhms are replaced by numbers representing the date and time you ran a fix)
  • Open the log from the fix you've just run by double clicking on it.
  • Post me the contents of the log.

If there's no log file, then please run a new scan with OTL, and post me the new log from that please.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Problems with 'permissions'

Unread postby blackngold86 » July 26th, 2012, 3:11 am

Yea, there is no log. Do you want me to run the custom scan/fix again or just a regular scan? Also, when I re-opened OTL, it opened up a log saying:

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
blackngold86
Regular Member
 
Posts: 20
Joined: July 22nd, 2012, 12:46 am

Re: Problems with 'permissions'

Unread postby blackngold86 » July 26th, 2012, 3:13 am

Don't know if it's relevant, but OTL ended fine through taskmgr so there was never a reboot done since the failed OTL fix scan. And should I turn off McAfee while running any future scans? I noticed it blocked OTL around the time when I got the first error, one of those included an attempt to terminate McAfee, but there were no problems encountered after that!
blackngold86
Regular Member
 
Posts: 20
Joined: July 22nd, 2012, 12:46 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 18 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware