Sponsored By

goobertron

Members
  • Content Count

    1
  • Joined

  • Last visited

About goobertron

  • Rank
    Member
  1. Hi.

    Welcome to the forum.

  2. Hi, When I try to open any malware removal program, I get the error message "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." Google redirects when I use the Google Toolbar, but not otherwise. I cannot access any malware removal program websites. Windows System Defender was also downloaded on my computer. The OTL logs are below. Thanks for your help! OTL logfile created on: 10/30/2009 2:05:09 PM - Run 2 OTL by OldTimer - Version 3.0.22.1 Folder = C:\Documents and Settings\kgleeson\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 77.42% Memory free 3.84 Gb Paging File | 3.65 Gb Available in Paging File | 95.03% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55.88 Gb Total Space | 4.40 Gb Free Space | 7.88% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DHFJ0SD1 Current User Name: kgleeson NOT logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\kgleeson\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Citrix\ICA Client\ssonsvr.exe (Citrix Systems, Inc.) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\notepad.exe (Microsoft Corporation) PRC - C:\WINDOWS\System32\igfxsrvc.exe (Intel Corporation) ========== Win32 Services (SafeList) ========== SRV - (6to4 [Auto | Stopped]) -- C:\WINDOWS\TEMP\VRT1F4.tmp () SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe () SRV - (CBA8 [Disabled | Stopped]) -- C:\Program Files\LANDesk\Shared Files\residentagent.exe (LANDesk Software, Ltd.) SRV - (ccEvtMgr [Disabled | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation) SRV - (ccSetMgr [Disabled | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation) SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe () SRV - (DefWatch [Disabled | Stopped]) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation) SRV - (Dot3svc [On_Demand | Stopped]) -- C:\WINDOWS\TEMP\VRT1F4.tmp () SRV - (fastnetsrv [Disabled | Stopped]) -- File not found SRV - (helpsvc [Disabled | Stopped]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation) SRV - (Ias [Auto | Stopped]) -- C:\WINDOWS\System32\Iasv32.dll () SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (Intel Local Scheduler Service [On_Demand | Stopped]) -- C:\Program Files\LANDesk\LDClient\LocalSch.EXE (LANDesk Software, Ltd.) SRV - (Intel PDS [On_Demand | Stopped]) -- C:\WINDOWS\System32\CBA\pds.exe (LANDesk Software Ltd.) SRV - (Intel Targeted Multicast [On_Demand | Stopped]) -- C:\Program Files\LANDesk\LDClient\tmcsvc.exe (LANDesk Software, Ltd.) SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) SRV - (Iprip [Auto | Stopped]) -- C:\WINDOWS\System32\Ipripex.dll () SRV - (ISSUSER [On_Demand | Stopped]) -- C:\Program Files\LANDesk\LDClient\issuser.exe (LANDesk Software, Ltd.) SRV - (LiveUpdate [Disabled | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE (Symantec Corporation) SRV - (McAfeeFramework [Auto | Stopped]) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.) SRV - (McTaskManager [Auto | Stopped]) -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe (McAfee, Inc.) SRV - (MDM [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) SRV - (Neoteris Setup Service [On_Demand | Stopped]) -- C:\Program Files\Neoteris\Installer Service\NeoterisSetupService.exe (Juniper Networks) SRV - (Net_Login [Auto | Stopped]) -- C:\WINDOWS\svchust.exe () SRV - (NetLogin [Auto | Stopped]) -- C:\WINDOWS\svchost.exe () SRV - (NVSvc [On_Demand | Stopped]) -- C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation) SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (SavRoam [Disabled | Stopped]) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec) SRV - (SNDSrvc [Disabled | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation) SRV - (Softmon [On_Demand | Stopped]) -- C:\Program Files\LANDesk\LDClient\softmon.exe (LANDesk Software, Ltd.) SRV - (SPBBCSvc [Disabled | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation) SRV - (spupdsvc [Auto | Stopped]) -- C:\WINDOWS\System32\spupdsvc.exe (Microsoft Corporation) SRV - (stllssvr [Disabled | Stopped]) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.) SRV - (Symantec AntiVirus [Disabled | Stopped]) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation) SRV - (Viewpoint Manager Service [On_Demand | Stopped]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) SRV - (WebrootCommAgentService [Auto | Stopped]) -- C:\Program Files\Webroot\Client\commagent.exe (Webroot Software, Inc.) SRV - (WebrootSpySweeperService [On_Demand | Stopped]) -- C:\Program Files\Webroot\Client\spysweeper.exe (Webroot Software, Inc.) SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (AliIde [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (amdagp [boot | Running]) -- C:\WINDOWS\System32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (asc [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.) DRV - (asc3550 [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.) DRV - (Avgfwdx [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\avgfwdx.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgfwfd [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\avgfwdx.sys (AVG Technologies CZ, s.r.o.) DRV - (b57w2k [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys (Broadcom Corporation) DRV - (BCM43XX [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys (Broadcom Corporation) DRV - (CmdIde [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (dac2w2k [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation) DRV - (daqdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\daqdrv.sys () DRV - (DLABMFSM [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLABMFSM.SYS (Roxio) DRV - (DLABOIOM [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLABOIOM.SYS (Roxio) DRV - (DLACDBHM [system | Running]) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Roxio) DRV - (DLADResM [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLADResM.SYS (Roxio) DRV - (DLAIFS_M [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (Roxio) DRV - (DLAOPIOM [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLAOPIOM.SYS (Roxio) DRV - (DLAPoolM [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLAPoolM.SYS (Roxio) DRV - (DLARTL_M [system | Running]) -- C:\WINDOWS\System32\Drivers\DLARTL_M.SYS (Roxio) DRV - (DLAUDF_M [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLAUDF_M.SYS (Roxio) DRV - (DLAUDFAM [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLAUDFAM.SYS (Roxio) DRV - (DRVMCDB [boot | Running]) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions) DRV - (DRVNDDM [Auto | Stopped]) -- C:\WINDOWS\System32\Drivers\DRVNDDM.SYS (Roxio) DRV - (eeCtrl [system | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (es1371 [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\es1371mp.sys (Creative Technology Ltd.) DRV - (gameenum [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys (Microsoft Corporation) DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.) DRV - (guardian2 [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\oz776.sys (O2Micro) DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider) DRV - (HSF_DPV [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (ialm [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\igxpmp32.sys (Intel Corporation) DRV - (iaStor [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (ldblank [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ldblank.sys (LANDesk Software, Ltd.) DRV - (ldmirror [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ldmirror.sys (LANDesk Software, Ltd.) DRV - (mdmxsdk [Auto | Stopped]) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys (Conexant) DRV - (mfeapfk [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\mfeapfk.sys (McAfee, Inc.) DRV - (mfeavfk [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfebopk [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mfehidk [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mferkdk [system | Stopped]) -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys (McAfee, Inc.) DRV - (mfetdik [system | Running]) -- C:\WINDOWS\System32\drivers\mfetdik.sys (McAfee, Inc.) DRV - (mirrorflt [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\mirrorflt.sys (LANDesk Software, Ltd.) DRV - (mraid35x [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.) DRV - (NAVENG [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090912.002\NAVENG.SYS (Symantec Corporation) DRV - (NAVEX15 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090912.002\NAVEX15.SYS (Symantec Corporation) DRV - (NEOFLTR_630_13725 [system | Running]) -- C:\WINDOWS\System32\Drivers\NEOFLTR_630_13725.SYS (Juniper Networks) DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation) DRV - (NWADI [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\NWADIenum.sys (Novatel Wireless Inc) DRV - (PCASp50 [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (PCnet [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\pcntpci5.sys (AMD Inc.) DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.) DRV - (ql1080 [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation) DRV - (ql12160 [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation) DRV - (ql1280 [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation) DRV - (SASDIFSV [system | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL [system | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SAVRT [system | Stopped]) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation) DRV - (SAVRTPEL [system | Stopped]) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation) DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (sisagp [boot | Running]) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (Sparrow [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.) DRV - (SPBBCDrv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation) DRV - (sptd [boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (SSFS0BB9 [boot | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\SSFS0BB9.SYS (Webroot Software Inc (www.webroot.com)) DRV - (SSHRMD [boot | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\SSHRMD.SYS (Webroot Software Inc (www.webroot.com)) DRV - (SSIDRV [boot | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\SSIDRV.SYS (Webroot Software Inc (www.webroot.com)) DRV - (STHDA [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\sthda.sys (SigmaTel, Inc.) DRV - (sym_hi [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic) DRV - (sym_u3 [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic) DRV - (symc810 [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.) DRV - (symc8xx [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic) DRV - (SymEvent [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (SYMTDI [system | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation) DRV - (ultra [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.) DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\usbaudio.sys (Microsoft Corporation) DRV - (USBCCID [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\usbccid.sys (Microsoft Corporation) DRV - (winachsf [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\kgleeson\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 CF AF 94 F0 51 CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AIM Search" FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=" FF - prefs.js..browser.search.selectedEngine: "search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://nytimes.com/" FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: {CD1A3A89-30B1-48D0-BA00-2660B77922B3}:1.9.1 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4 FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrab&query=" FF - prefs.js..network.proxy.autoconfig_url: "http://eweb/hmc.pac" FF - prefs.js..network.proxy.type: 2 FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/07/14 16:32:59 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{CD1A3A89-30B1-48D0-BA00-2660B77922B3}: C:\Documents and Settings\kgleeson\Local Settings\Application Data\{CD1A3A89-30B1-48D0-BA00-2660B77922B3} [2009/10/29 21:35:55 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/30 07:36:42 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/28 18:35:39 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/08/20 14:20:06 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/09/09 21:56:04 | 00,000,000 | ---D | M] [2009/04/21 17:59:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\mozilla\Extensions [2009/04/21 17:59:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/10/30 08:28:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\mozilla\Firefox\Profiles\sp0om3dn.default\extensions [2009/05/01 19:46:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\mozilla\Firefox\Profiles\sp0om3dn.default\extensions\[email protected] [2009/06/14 10:42:09 | 00,004,207 | ---- | M] () -- C:\Documents and Settings\kgleeson\Application Data\Mozilla\FireFox\Profiles\sp0om3dn.default\searchplugins\aim-search.xml [2009/04/21 17:58:49 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009/10/28 18:35:39 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/10/28 18:35:30 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009/10/28 18:35:30 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009/10/28 18:35:33 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2009/08/20 14:20:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009/08/20 14:20:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009/08/20 14:20:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009/08/20 14:20:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009/08/20 14:20:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009/08/20 14:20:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009/08/20 14:20:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2009/04/21 19:58:20 | 01,632,208 | ---- | M] (cedelia) -- C:\Program Files\mozilla firefox\plugins\NPStreamPlug.dll [2007/04/16 13:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll [2009/06/24 07:27:00 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml [2009/06/24 07:27:00 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml [2009/06/24 07:27:00 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2009/06/24 07:27:00 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml [2009/06/24 07:27:00 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009/10/29 22:05:53 | 00,001,210 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\search.xml [2009/06/24 07:27:00 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml [2009/06/24 07:27:00 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll (McAfee, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {44787348-495F-4553-9ACD-6B06A5692C91} - No CLSID value found. O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.) O4 - HKLM..\Run: [Dyixaqek] C:\WINDOWS\unokigeji.DLL (Apple Computer, Inc.) O4 - HKLM..\Run: [hmccdf] File not found O4 - HKLM..\Run: [hmcreg] c:\program files\hmc\userreg.vbs () O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [lsdefrag] C:\Documents and Settings\kgleeson\Local Settings\temp\wmrnaexocs.tmp () O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe () O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvHotkey.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [shStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.) O4 - HKLM..\Run: [sigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [Windows System Defender] File not found O4 - HKCU..\Run: [Desktop Calendar] C:\Program Files\Desktop Calendar\Desktop Calendar.exe (Tinnes Software) O4 - HKCU..\Run: [MalwareRemovalBot] C:\Program Files\MalwareRemovalBot\MalwareRemovalBot.exe File not found O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Program Neighborhood Agent.lnk = C:\Program Files\Citrix\ICA Client\pnagent.exe (Citrix Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 1200 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll (Sun Microsystems, Inc.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Program Files\Juniper Networks\Secure Application Manager\samnsp.dll (Juniper Networks) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Juniper Networks\Secure Application Manager\samnsp.dll (Juniper Networks) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: ampweb ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: cbayflo.com ([www] * in Trusted sites) O15 - HKCU\..Trusted Domains: csisecurecitrix.com ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: docimage ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: edgefcs.net ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: exammaster2.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: hccssun54.com ([client] * in Trusted sites) O15 - HKCU\..Trusted Domains: hersheymed.net ([]* in Local intranet) O15 - HKCU\..Trusted Domains: hersheymed.net ([connectedhelp] * in Trusted sites) O15 - HKCU\..Trusted Domains: infonet ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: itweb ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: mlb.com ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: mlb.com ([www] https in Trusted sites) O15 - HKCU\..Trusted Domains: mountnittany.org ([pacs] * in Trusted sites) O15 - HKCU\..Trusted Domains: nsfilms ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: psu.edu ([*.hmc] * in Local intranet) O15 - HKCU\..Trusted Domains: psu.edu ([cms] https in Trusted sites) O15 - HKCU\..Trusted Domains: psu.edu ([idx.hmc] * in Trusted sites) O15 - HKCU\..Trusted Domains: psu.edu ([idxradtweb.hmc] * in Trusted sites) O15 - HKCU\..Trusted Domains: psu.edu ([infonet.hmc] * in Trusted sites) O15 - HKCU\..Trusted Domains: psu.edu ([meeting.hmc] https in Trusted sites) O15 - HKCU\..Trusted Domains: psu.edu ([nursing.hmc] * in Trusted sites) O15 - HKCU\..Trusted Domains: tristans.com ([reports] https in Trusted sites) O15 - HKCU\..Trusted Domains: 5 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Ranges: Range997 ([*] in Trusted sites) O15 - HKCU\..Trusted Ranges: Range998 ([*] in Trusted sites) O15 - HKCU\..Trusted Ranges: Range999 ([*] in Trusted sites) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shock...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/pub/shock...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} http://www.hmc.psu.edu/ive/inc/wficat.cab (Citrix ICA Client) O16 - DPF: {46CF8BCA-84A1-4437-847A-DC29496E01A5} http://www.hmc.psu.edu/ive/inc/isite3.cab (ISiteNonVisual Control 3.3) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdat...b?1240187239390 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1240187215812 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...ows-i586-jc.cab (Java Plug-in 1.6.0_02) O16 - DPF: {99D2F95E-1989-48A7-A487-4D4BFF333B3B} http://www.hmc.psu.edu/ive/inc/idxichelp.cab (Imagecast RIS Online Help) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object) O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://access.hersheymed.net/dana-cached/s...perSetupSP1.cab (JuniperSetupControlXP Class) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.4.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = hersheymed.net O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\drivers\smss.exe) - C:\WINDOWS\System32\drivers\smss.exe File not found O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\sdra64.exe) - C:\WINDOWS\System32\sdra64.exe () O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\System32\NavLogon.dll (Symantec Corporation) O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNtf.DLL - C:\WINDOWS\System32\WRLogonNtf.DLL (Webroot Software, Inc.) O24 - Desktop Components:0 (My Current Home Page) - About:Home O27 - HKLM IFEO\_avp32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\_avpcc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\_avpm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\~1.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\~2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\a.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aAvgApi.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AAWTray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\About.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ackwin32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\adaware.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Ad-Aware.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\advxdwin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AdwarePrj.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\agent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\agentsvr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\agentw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\alertsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\alevir.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\alogserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AlphaAV: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AlphaAV.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AluSchedulerSvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\amon9x.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntispywarXP2009.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\anti-trojan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Anti-Virus Professional.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\antivirus.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntiVirus_Pro.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusPlus: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusPlus.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusPro_2010.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusXP: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AntivirusXP.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\antivirusxppro2009.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ants.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\apimonitor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aplica32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\apvxdwin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\arr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Arrakis3.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashAvast.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashBug.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashChest.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashCnsnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashDisp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashLogV.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashMaiSv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashPopWz.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashQuick.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashServ.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSimp2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSimpl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSkPcc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashSkPck.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashUpd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ashWebSv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswChLic.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswRegSvr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswRunDll.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aswUpdSv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atcon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atguard.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atro55en.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atupdater.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\atwatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\au.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\aupdate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\autodown.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\auto-protect.nav80try.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\autotrace.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\autoupdate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\av360.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avadmin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AVCare.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avcenter.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avciman.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avconfig.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avconsol.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ave32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AVENGINE.EXE: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgcc32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgchk.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgcmgr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgcsrvx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgctrl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgdumpx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgemc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgiproxy.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgnsx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgrsx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgscanx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgserv9.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgsrmax.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgtray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgupd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avgwdsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkpop.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkservice.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avkwctl9.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avltmain.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avmailc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avmcdlg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avnotify.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avp32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpcc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpdos32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avptc32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avpupd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avsched32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avsynmgr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avupgsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\AVWEBGRD.EXE: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwin95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwinnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwsc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwupd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwupd32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avwupsrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avxmonitor9x.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avxmonitornt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\avxquar.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\b.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\backweb.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bargains.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bd_professional.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdagent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdfvcl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdfvwiz.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\BDInProcPatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdmcon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\BDMsnScan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdreinit.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdsubwiz.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\BDSurvey.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdtkexec.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bdwizreg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\beagle.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\belt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bidef.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bidserver.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bipcp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bipcpevalsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bisp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blackd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blackice.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blink.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\blss.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bootconf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bootwarn.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\borg2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bpc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\brasil.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\brastk.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\brw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bs120.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bspatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bundle.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\bvt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\c.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cavscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccapp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccevtmgr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccpxysvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ccSvcHst.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cdp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfgwiz.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfiadmin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfiaudit.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfinet.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfinet32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfpconfg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfplogvw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cfpupdat.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Cl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\claw95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\claw95cf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\clean.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleaner.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleaner3.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleanIELow.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cleanpc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\click.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmd32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmdagent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmesys.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmgrdian.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cmon016.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\connectionmonitor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\control: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cpd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cpf9x206.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cpfnt206.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\crashrep.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\csc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cssconfg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cssupdat.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cssurf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ctrl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cwnb181.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\cwntdwmo.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\d.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\datemanager.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dcomx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\defalert.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\defscangui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\defwatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\deloeminfs.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\deputy.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\divx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dllcache.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dllreg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\doors.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dop.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dpf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dpfsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dpps2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\driverctrl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\drwatson.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\drweb32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\drwebupw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dssagent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dvp95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\dvp95_0.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ecengine.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\efpeadm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\egui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ekrn.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\emsw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\esafe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\escanhnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\escanv95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\espwatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ethereal.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\etrustcipe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\evpn.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\exantivirus-cnet.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\exe.avxw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\expert.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\explore.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fact.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-agnt95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fameh32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fast.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fch32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fih32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\findviru.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\firewall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fixcfg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fixfp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fnrb32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fprot.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-prot.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-prot95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fp-win.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fp-win_trial.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\frmwrk32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\frw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsaa.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav530stbyb.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav530wtbyb.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsav95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsgk32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsm32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsma32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\fsmb32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\f-stopw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gator.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gbmenu.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gbn976rl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gbpoll.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\generics.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\gmt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\guard.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\guarddog.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\guardgui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hacktracersetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hbinst.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hbsrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\History.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\homeav2010.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hotactio.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hotpatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\htlog.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\htpatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hwpe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hxdl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\hxiul.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iamapp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iamserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iamstats.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ibmasn.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ibmavsp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icload95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icloadnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icmon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icsupp95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\icsuppnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Identity.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\idle.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iedll.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iedriver.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\IEShow.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iface.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ifw2000.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\inetlnfo.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\infus.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\infwin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\init.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\init32.exe : Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\intdel.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\intren.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\iomon98.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\istsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\jammer.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\jdbgmrg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\jedi.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\JsRcGen.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kavlite40eng.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kavpers40eng.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kavpf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kazza.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\keenvalue.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kerio-pf-213-en-win.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kerio-wrl-421-en-win.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\kerio-wrp-421-en-win.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\killprocesssetup161.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\launcher.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldnetmon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldpro.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldpromenu.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ldscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\licmgr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\livesrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lnetinfo.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\loader.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\localnet.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lockdown.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lockdown2000.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lookout.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lordpe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luau.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\lucomserver.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luinit.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\luspt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\MalwareRemoval.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mapisvc32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcagent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcmnhdlr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcmscsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcnasvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcproxy.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\McSACore.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcshell.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcshield.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcsysmon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mctool.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcupdate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcvsrte.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mcvsshld.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\md.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mfin32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mfw2en.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mfweng3.02d30.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mgavrtcl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mgavrte.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mghtml.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mgui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\minilog.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mmod.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\monitor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\moolive.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mostat.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mpfagent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mpfservice.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\MPFSrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mpftray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mrflux.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msa.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msapp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\MSASCui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msbb.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msblast.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mscache.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msccn32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mscman.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msconfig: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msdm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msdos.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msiexec16.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mslaugh.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msmgt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msmsgri32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mssmmc32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mssys.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\msvxd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mu0311ad.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\mwatch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\n32scanw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navap.navapsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navapsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navapw32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navdx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navlu32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navstub.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navw32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\navwnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nc2000.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ncinst4.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ndd32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\neomonitor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\neowatchlog.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netarmor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netd32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netinfo.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netmon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netscanpro.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netspyhunter-1.2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\netutils.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nisserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nisum.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nmain.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nod32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\normist.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\norton_internet_secu_3.0_407.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\notstart.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npf40_tw_98_nt_me_2k.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npfmessenger.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nprotect.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npscheck.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\npssvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nsched32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nssys32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nstask32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nsupdate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ntrtscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ntvdm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ntxconfig.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nupgrade.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nvarch16.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nvc95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nvsvc32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nwinst4.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nwservice.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\nwtool16.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OAcat.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OAhlp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\OAReg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\oasrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\oaui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\oaview.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ODSW.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ollydbg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\onsrvr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\optimize.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ostronet.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\otfix.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\outpost.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\outpostinstall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\outpostproinstall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ozn695m5.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\padmin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\panixk.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\patch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavcl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PavFnSvr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavproxy.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavprsrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavsched.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavsrv51.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pavw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PC_Antispyware2010.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pccwin98.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pcfwallicon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pcip10117_0.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pcscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsAuxs.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsGui.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsSvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pctsTray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pdfndr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pdsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PerAvir.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\periscope.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\persfw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\personalguard: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\personalguard.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\perswf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pf2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pfwadmin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pgmonitr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pingscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\platin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pop3trap.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\poproxy.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\popscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\portdetective.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\portmonitor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\powerscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ppinupdt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pptbc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ppvstop.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\prizesurfer.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\prmt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\prmvr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\procdump.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\processmonitor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\procexplorerv1.0.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\programauditor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\proport.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\protector.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\protectx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSANCU.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSANHost.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSANToManager.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PsCtrls.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PsImSvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PskSvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\pspf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\PSUNMain.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\purge.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\qconsole.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\qh.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\qserver.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Quick Heal.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\QuickHealCleaner.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rapapp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rav7.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rav7win.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rav8win32eng.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rb32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rcsync.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\realmon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\reged.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\regedt32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rescue.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rescue32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rrguard.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rscdwld.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rshell.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rtvscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rtvscn95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rulaunch.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rwg: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\rwg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SafetyKeeper.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\safeweb.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sahagent.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Save.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SaveArmor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SaveDefense.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SaveKeep.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\savenow.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sbserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scam32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scan32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scan95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scanpm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\scrscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\seccenter.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Secure Veteran.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\secureveteran.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\Security Center.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SecurityFighter.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\securitysoldier.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\serv95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\setloadorder.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\setup_flowprotector_us.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\setupvameeval.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sgssfw32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sh.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\shellspyinstall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\shield.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\shn.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\showbehind.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\signcheck.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smart.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smartprotector.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smrtdefp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sms.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\smss32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\snetcfg.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\soap.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sofi.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\SoftSafeness.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sperm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spf.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sphinx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spoler.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spoolcv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spoolsv32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spywarexpguard.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\spyxx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\srexe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\srng.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ss3edit.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ssg_4104.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\ssgrate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\st2.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\start.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\stcloader.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\supftrl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\support.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\supporter5.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svchostc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svchosts.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\svshost.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sweep95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\symlcsvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\symproxysvc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\symtray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\system.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\system32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\sysupd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tapinstall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\taumon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tbscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tca.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tcm.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tds2-98.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tds2-nt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tds-3.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\teekids.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tfak.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tfak5.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tgbob.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\titanin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\titaninxp.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\TPSrv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trickler.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trjscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trjsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\trojantrap3.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\TrustWarrior.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tsadbot.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tsc.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tvmd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\tvtmd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\uiscan.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\undoboot.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\updat.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\upgrad.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\upgrepl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\utpost.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbcmserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbcons.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbust.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbwin9x.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vbwinntw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vcsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vet32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vet95.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vettray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vfsetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vir-help.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\virusmdpersonalfirewall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\VisthAux.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\VisthLic.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\VisthUpd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vnlan300.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vnpc3000.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vpc32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vpc42.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vpfw30s.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vptray.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vscan40.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vscenu6.02d30.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsched.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsecomr.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vshwin32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsisetup.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsmain.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsmon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsserv.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vsstat.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vswin9xe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vswinntse.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\vswinperse.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\w32dsm89.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\W3asbas.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\w9x.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\watchdog.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\webdav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\WebProxy.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\webscanx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\webtrap.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wfindv32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\whoswatchingme.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wimmun32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\win32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\win32us.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winactive.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\win-bugsfix.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\windll32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\window.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\windows Police Pro.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\windows.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wininetd.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wininitx.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winlogin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winmain.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winppr32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winrecon.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winservn.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winssk32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winstart.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winstart001.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wintsk32.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\winupdate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wkufind.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wnad.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wnt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wradmin.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wrctrl.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wsbgate.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wscfxas.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wscfxav.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wscfxfw.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wsctool.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wupdater.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wupdt.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\wyvernworksfirewall.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\xp_antispyware.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\xpdeluxe.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\xpf202en.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zapro.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zapsetup3001.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zatutor.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zonalm2601.exe: Debugger - svchost.exe (Microsoft Corporation) O27 - HKLM IFEO\zonealarm.exe: Debugger - svchost.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/27 14:35:41 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{eeb87eb4-8dd5-11de-b2d5-001c230fa519}\Shell\AutoRun\command - "" = WDSetup.exe O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found ========== Files/Folders - Created Within 30 Days ========== [23 C:\WINDOWS\System32\*.tmp files] [5 C:\WINDOWS\*.tmp files] [2009/10/29 21:31:18 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\2965df1 [2009/10/30 13:39:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files [2009/10/29 21:39:14 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\WSDDSys [2009/10/30 13:02:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kgleeson\Application Data\MalwareRemovalBot [2009/10/23 19:56:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kgleeson\Application Data\Viewpoint [2009/10/29 22:05:31 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\kgleeson\Application Data\Windows System Defender [2009/10/29 21:35:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kgleeson\Local Settings\Application Data\{CD1A3A89-30B1-48D0-BA00-2660B77922B3} [2009/10/13 17:29:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kgleeson\Local Settings\Application Data\AIM [8 C:\Documents and Settings\kgleeson\Desktop\*.tmp files] [2009/10/29 07:28:51 | 00,000,000 | ---D | C] -- C:\Program Files\Black Isle [2009/10/27 07:58:16 | 00,000,000 | ---D | C] -- C:\Program Files\Desktop Calendar [2009/10/30 14:05:02 | 00,542,208 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\kgleeson\Desktop\OTL.exe [2009/10/30 13:27:36 | 60,121,968 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\kgleeson\Desktop\kav2010_9.0.0.463EN.exe [2009/10/30 13:08:41 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2009/10/30 13:05:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2009/10/30 12:29:15 | 01,848,336 | ---- | C] (Trend Micro) -- C:\Documents and Settings\kgleeson\Desktop\HousecallLauncher.exe [2009/10/30 07:38:49 | 00,000,000 | -HSD | C] -- C:\WINDOWS\System32\lowsec [2009/10/29 22:39:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kgleeson\Desktop\BGII mods [2009/10/29 22:16:06 | 00,309,212 | ---- | C] (Andreas Hausladen) -- C:\WINDOWS\sv1.exe [2009/10/22 08:00:31 | 01,435,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll [2009/10/22 07:58:43 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll ========== Files - Modified Within 30 Days ========== [23 C:\WINDOWS\System32\*.tmp files] [5 C:\WINDOWS\*.tmp files] [8 C:\Documents and Settings\kgleeson\Desktop\*.tmp files] [2009/10/30 14:04:59 | 00,542,208 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kgleeson\Desktop\OTL.exe [2009/10/30 13:39:39 | 60,121,968 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\kgleeson\Desktop\kav2010_9.0.0.463EN.exe [2009/10/30 13:14:32 | 00,309,212 | ---- | M] (Andreas Hausladen) -- C:\WINDOWS\sv1.exe [2009/10/30 13:13:28 | 00,745,436 | ---- | M] () -- C:\WINDOWS\svchust.exe [2009/10/30 13:12:10 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009/10/30 13:12:05 | 01,168,384 | ---- | M] () -- C:\WINDOWS\svchost.exe [2009/10/30 13:11:27 | 00,600,026 | ---- | M] () -- C:\WINDOWS\isvchost.exe [2009/10/30 13:10:17 | 00,000,000 | ---- | M] () -- C:\WINDOWS\win32k.sys [2009/10/30 13:10:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009/10/30 13:09:12 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009/10/30 13:09:00 | 02,550,112 | -H-- | M] () -- C:\Documents and Settings\kgleeson\Local Settings\Application Data\IconCache.db [2009/10/30 13:02:32 | 00,000,550 | ---- | M] () -- C:\WINDOWS\tasks\MalwareRemovalBot Scheduled Scan.job [2009/10/30 13:00:00 | 00,000,290 | -H-- | M] () -- C:\WINDOWS\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job [2009/10/30 12:47:33 | 01,848,336 | ---- | M] (Trend Micro) -- C:\Documents and Settings\kgleeson\Desktop\HousecallLauncher.exe [2009/10/30 12:31:00 | 00,000,246 | -H-- | M] () -- C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job [2009/10/30 12:29:34 | 00,000,036 | ---- | M] () -- C:\Documents and Settings\kgleeson\Local Settings\Application Data\housecall.guid.cache [2009/10/30 12:26:14 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Fkitefedahem.dat [2009/10/30 07:38:28 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Sqaxepijovap.bin [2009/10/30 00:17:52 | 00,000,851 | ---- | M] () -- C:\WINDOWS\win.ini [2009/10/30 00:17:52 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009/10/30 00:17:52 | 00,000,210 | -H-- | M] () -- C:\boot.ini [2009/10/29 22:05:45 | 00,001,777 | ---- | M] () -- C:\Documents and Settings\kgleeson\Desktop\Windows System Defender.lnk [2009/10/29 22:05:30 | 00,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\host_new [2009/10/29 21:20:55 | 00,170,496 | ---- | M] () -- C:\WINDOWS\msa.exe [2009/10/28 08:02:48 | 00,026,602 | ---- | M] () -- C:\Documents and Settings\kgleeson\Desktop\5402872.jpg [2009/10/27 07:58:17 | 00,000,710 | ---- | M] () -- C:\Documents and Settings\kgleeson\Desktop\Desktop Calendar.lnk [2009/10/26 20:24:07 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\kgleeson\Desktop\Costs.doc [2009/10/26 19:14:13 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\kgleeson\Desktop\Working with children in China.doc [2009/10/24 10:37:56 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2009/10/22 08:51:44 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009/10/22 08:09:51 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\kgleeson\Desktop\things to do.doc [2009/10/22 00:08:26 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\kgleeson\Desktop\stuff to get.doc [2009/10/21 22:20:53 | 00,131,122 | ---- | M] () -- C:\Documents and Settings\kgleeson\Desktop\photo_33_hires.jpg [2009/10/19 17:43:43 | 03,275,909 | ---- | M] () -- C:\Documents and Settings\kgleeson\Desktop\pgd.pdf [2009/10/17 12:15:07 | 00,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2009/10/15 11:51:40 | 00,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2009/10/08 12:45:21 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\kgleeson\Desktop\Hi Ash.doc [2009/10/07 21:55:21 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\kgleeson\Desktop\workout.xls [2009/10/07 18:39:17 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\kgleeson\Desktop\Motorcycle gas tank.doc [2009/10/07 08:02:59 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\kgleeson\Desktop\~$Costs.doc [2009/10/06 19:40:09 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\kgleeson\Desktop\~$torcycle gas tank.doc [2009/10/06 16:05:46 | 00,049,664 | ---- | M] () -- C:\Documents and Settings\kgleeson\Desktop\CODING SHEET ENRICHED ENVIRONMENT.doc [2009/10/06 15:57:23 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\kgleeson\Desktop\~$DING SHEET ENRICHED ENVIRONMENT.doc [2009/10/02 21:29:56 | 00,003,584 | ---- | M] () -- C:\Documents and Settings\kgleeson\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/10/02 14:01:57 | 25,198,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe ========== Files - No Company Name ========== [2009/10/30 13:02:32 | 00,000,550 | ---- | C] () -- C:\WINDOWS\tasks\MalwareRemovalBot Scheduled Scan.job [2009/10/30 12:29:34 | 00,000,036 | ---- | C] () -- C:\Documents and Settings\kgleeson\Local Settings\Application Data\housecall.guid.cache [2009/10/30 08:17:58 | 00,752,640 | ---- | C] () -- C:\Documents and Settings\kgleeson\Desktop\avenger.exe [2009/10/29 22:15:11 | 00,745,436 | ---- | C] () -- C:\WINDOWS\svchust.exe [2009/10/29 22:14:12 | 01,168,384 | ---- | C] () -- C:\WINDOWS\svchost.exe [2009/10/29 22:05:45 | 00,001,777 | ---- | C] () -- C:\Documents and Settings\kgleeson\Desktop\Windows System Defender.lnk [2009/10/29 21:35:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Sqaxepijovap.bin [2009/10/29 21:35:58 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Fkitefedahem.dat [2009/10/29 21:32:33 | 00,600,026 | ---- | C] () -- C:\WINDOWS\isvchost.exe [2009/10/29 21:21:01 | 00,170,496 | ---- | C] () -- C:\WINDOWS\msa.exe [2009/10/29 21:20:57 | 00,000,246 | -H-- | C] () -- C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job [2009/10/29 21:20:50 | 00,000,290 | -H-- | C] () -- C:\WINDOWS\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job [2009/10/29 21:20:44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\win32k.sys [2009/10/28 08:02:47 | 00,026,602 | ---- | C] () -- C:\Documents and Settings\kgleeson\Desktop\5402872.jpg [2009/10/27 07:58:17 | 00,000,710 | ---- | C] () -- C:\Documents and Settings\kgleeson\Desktop\Desktop Calendar.lnk [2009/10/26 19:14:13 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\kgleeson\Desktop\Working with children in China.doc [2009/10/22 08:09:51 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\kgleeson\Desktop\things to do.doc [2009/10/21 22:20:50 | 00,131,122 | ---- | C] () -- C:\Documents and Settings\kgleeson\Desktop\photo_33_hires.jpg [2009/10/19 17:53:41 | 03,275,909 | ---- | C] () -- C:\Documents and Settings\kgleeson\Desktop\pgd.pdf [2009/10/08 12:45:20 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\kgleeson\Desktop\Hi Ash.doc [2009/10/07 08:02:59 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\kgleeson\Desktop\~$Costs.doc [2009/10/06 19:40:09 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\kgleeson\Desktop\~$torcycle gas tank.doc [2009/10/06 15:57:23 | 00,049,664 | ---- | C] () -- C:\Documents and Settings\kgleeson\Desktop\CODING SHEET ENRICHED ENVIRONMENT.doc [2009/10/06 15:57:23 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\kgleeson\Desktop\~$DING SHEET ENRICHED ENVIRONMENT.doc [2009/10/05 23:39:26 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\kgleeson\Desktop\Motorcycle gas tank.doc [2009/10/01 21:42:27 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\kgleeson\Desktop\Costs.doc [2009/09/14 13:30:51 | 00,069,120 | ---- | C] () -- C:\Documents and Settings\kgleeson\Local Settings\Application Data\CHOICE.exe [2009/07/08 14:54:32 | 00,000,122 | ---- | C] () -- C:\WINDOWS\WA.INI [2009/05/22 16:10:16 | 00,199,784 | ---- | C] () -- C:\Documents and Settings\kgleeson\Application Data\JuniperSetup.exe [2009/05/22 16:10:16 | 00,001,698 | ---- | C] () -- C:\Documents and Settings\kgleeson\Application Data\Neoteris_Secure_Application_Manager.ini [2009/05/16 13:47:55 | 00,003,584 | ---- | C] () -- C:\Documents and Settings\kgleeson\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/05/03 23:53:35 | 00,002,119 | ---- | C] () -- C:\Documents and Settings\kgleeson\Application Data\FuycXHJdat.gif [2009/05/03 23:53:35 | 00,000,607 | ---- | C] () -- C:\Documents and Settings\kgleeson\Application Data\FuycXHJdzn.gif [2009/05/03 23:53:35 | 00,000,598 | ---- | C] () -- C:\Documents and Settings\kgleeson\Application Data\FuycXHJdby.gif [2009/05/03 10:44:47 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009/04/19 20:24:27 | 00,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig [2007/11/01 12:08:08 | 00,008,074 | ---- | C] () -- C:\Documents and Settings\kgleeson\Local Settings\Application Data\WT61US.UWL [2007/10/19 12:03:11 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\kgleeson\Application Data\desktop.ini [2007/10/19 12:03:09 | 02,550,112 | -H-- | C] () -- C:\Documents and Settings\kgleeson\Local Settings\Application Data\IconCache.db [2007/10/19 12:03:09 | 00,068,352 | ---- | C] () -- C:\Documents and Settings\kgleeson\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2007/10/19 12:03:09 | 00,000,131 | ---- | C] () -- C:\Documents and Settings\kgleeson\Local Settings\Application Data\fusioncache.dat [2007/10/11 09:48:22 | 00,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL [2007/10/11 09:48:22 | 00,000,169 | ---- | C] () -- C:\WINDOWS\wininit.ini [2007/08/23 16:10:47 | 00,910,304 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll [2007/08/23 16:10:47 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4831.dll [2007/08/23 16:08:39 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4814.dll [2007/04/06 01:51:22 | 00,757,818 | ---- | C] () -- C:\WINDOWS\System32\gwadd1.dll [2007/04/06 01:49:34 | 00,303,166 | ---- | C] () -- C:\WINDOWS\System32\gwodm132.dll [2007/04/06 01:21:14 | 00,098,354 | ---- | C] () -- C:\WINDOWS\System32\GWLDO132.DLL [2007/01/29 17:25:32 | 00,000,025 | ---- | C] () -- C:\WINDOWS\ENABLING.INI [2006/11/09 17:07:44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2006/10/26 11:31:58 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006/10/26 11:31:57 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006/10/26 11:31:56 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006/10/26 11:31:55 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006/10/26 11:31:55 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006/10/26 10:18:41 | 00,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache [2006/10/23 15:05:20 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/10/20 12:53:15 | 00,000,031 | ---- | C] () -- C:\WINDOWS\opera.ini [2006/10/20 12:09:15 | 00,000,086 | ---- | C] () -- C:\WINDOWS\WPCMAPI.INI [2006/10/19 14:59:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI [2006/10/12 14:06:50 | 00,000,049 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2006/10/12 10:48:40 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/10/12 10:24:51 | 00,156,160 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll [2006/10/12 10:24:51 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2006/10/12 08:49:14 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\hgfs.dll [2006/09/27 10:23:26 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini [2006/09/16 23:36:50 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll [2006/09/16 23:36:50 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll [2005/04/14 13:29:16 | 00,000,445 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2004/12/19 20:26:52 | 00,425,984 | ---- | C] () -- C:\WINDOWS\System32\SSInstDll.dll [2004/08/17 20:00:00 | 00,073,728 | -H-- | C] () -- C:\WINDOWS\System32\Ipripex.dll [2004/08/17 20:00:00 | 00,073,728 | -H-- | C] () -- C:\WINDOWS\System32\6to4ex.dll [2004/07/09 10:31:18 | 00,155,700 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.DLL [2004/02/20 16:36:34 | 00,416,256 | ---- | C] () -- C:\WINDOWS\exchndl.dll [2002/08/29 03:40:52 | 00,061,952 | ---- | C] () -- C:\WINDOWS\System32\eventlog.dll [2001/08/23 08:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\Iasv32.dll [2001/08/23 08:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\BtwSrv32.dll [2001/08/23 08:00:00 | 00,002,304 | ---- | C] () -- C:\WINDOWS\System32\daqdrv.sys [2001/08/23 08:00:00 | 00,000,851 | ---- | C] () -- C:\WINDOWS\win.ini [2001/08/23 08:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [2001/08/23 08:00:00 | 00,000,008 | ---- | C] () -- C:\WINDOWS\System32\FInstall.sys ========== LOP Check ========== [2009/10/30 13:39:43 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data [2009/04/28 17:05:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009/10/29 22:12:19 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\2965df1 [2009/04/19 21:40:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore [2009/05/03 10:25:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus [2009/05/03 23:38:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2009/05/03 23:29:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro [2009/05/03 00:17:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ElectricSheep [2006/10/12 13:46:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hummingbird [2009/05/22 16:11:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks [2009/09/13 00:54:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan [2009/10/23 20:20:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek [2009/09/13 11:17:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2009/06/14 01:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2009/09/13 15:24:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vulScan [2009/10/29 21:39:14 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\WSDDSys [2009/10/30 13:02:31 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\kgleeson\Application Data [2009/05/03 23:47:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\acccore [2009/10/29 07:56:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\Azureus [2009/05/03 23:47:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\Citrix [2009/06/16 00:18:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\CyberLink [2009/05/03 23:47:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\DAEMON Tools Lite [2009/05/03 10:44:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\DAEMON Tools Pro [2009/10/06 23:20:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\Desktopicon [2009/05/22 16:20:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\Juniper Networks [2009/05/04 10:34:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\Leadertech [2009/10/30 13:03:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\MalwareRemovalBot [2009/06/09 11:04:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\Move Networks [2009/09/14 12:23:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\Roxio [2009/10/22 12:55:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\SystemRequirementsLab [2009/07/30 13:54:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\Thunderbird [2009/10/23 19:56:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kgleeson\Application Data\Viewpoint [2009/10/29 22:06:44 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\kgleeson\Application Data\Windows System Defender [2001/08/23 08:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009/10/30 13:02:32 | 00,000,550 | ---- | M] () -- C:\WINDOWS\Tasks\MalwareRemovalBot Scheduled Scan.job [2009/10/30 13:09:12 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [2009/10/30 12:31:00 | 00,000,246 | -H-- | M] () -- C:\WINDOWS\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job [2009/10/30 13:00:00 | 00,000,290 | -H-- | M] () -- C:\WINDOWS\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 < End of report > OTL Extras logfile created on: 10/30/2009 1:47:44 PM - Run 1 OTL by OldTimer - Version 3.0.22.1 Folder = C:\Documents and Settings\kgleeson\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 80.61% Memory free 3.84 Gb Paging File | 3.64 Gb Available in Paging File | 94.93% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55.88 Gb Total Space | 4.40 Gb Free Space | 7.88% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DHFJ0SD1 Current User Name: kgleeson NOT logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE () [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome () htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 () htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 () CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" () ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\cba\pds.exe" = C:\WINDOWS\system32\cba\pds.exe:*:Enabled:LANDesk Ping Discovery Service -- (LANDesk Software Ltd.) "C:\WINDOWS\system32\msgsys.exe" = C:\WINDOWS\system32\msgsys.exe:*:Enabled:LANDesk Message Service -- (LANDesk Software Ltd.) "C:\Program Files\LANDesk\LDClient\issuser.exe" = C:\Program Files\LANDesk\LDClient\issuser.exe:*:Enabled:LANDesk Remote Control Agent -- (LANDesk Software, Ltd.) "C:\Program Files\LANDesk\LDClient\tmcsvc.exe" = C:\Program Files\LANDesk\LDClient\tmcsvc.exe:*:Enabled:LANDesk Targeted Multicast -- (LANDesk Software, Ltd.) "C:\Novell\GroupWise\grpwise.exe" = C:\Novell\GroupWise\grpwise.exe:*:Enabled:Novell GroupWise -- (Novell, Inc.) "C:\Novell\GroupWise\notify.exe" = C:\Novell\GroupWise\notify.exe:*:Enabled:Novell Notify -- (Novell, Inc.) "C:\Program Files\LANDesk\Shared Files\residentagent.exe" = C:\Program Files\LANDesk\Shared Files\residentagent.exe:*:Enabled:LANDesk® Management Agent -- (LANDesk Software, Ltd.) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\McAfee\Common Framework\FrameworkService.exe" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service -- (McAfee, Inc.) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC) "C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Program Files\SoulseekNS\slsk.exe" = C:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- () "C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus -- (Vuze Inc.) "%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found "C:\Program Files\LANDesk\Shared Files\residentagent.exe" = C:\Program Files\LANDesk\Shared Files\residentagent.exe:*:Enabled:LANDesk® Management Agent -- (LANDesk Software, Ltd.) "C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com) "C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com) "C:\Program Files\TVAnts\Tvants.exe" = C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts -- (Zhejiang University) "C:\Program Files\Warcraft III\Warcraft III.exe" = C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- File not found "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35C03C04-3F1F-42C2-A989-A757EE691F65}" = McAfee VirusScan Enterprise "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module "{44787348-495F-4553-9ACD-6B06A5692C91}" = Star "{45734758-4041-4EA8-8E62-DE661FC3879C}" = LANDesk® Common Base Agent 8 "{50E125D1-88E5-48CE-80AE-98EC9698E639}" = Symantec AntiVirus "{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes "{608A014D-E253-43D8-A300-00A739BA802E}" = Juniper Installer Service "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy "{638787E3-ABAE-452C-9255-EC3E85B680F7}" = HyperLoad - NabiscoWorld MiniGolf "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7E8833A1-AF24-4CAE-82DF-CFE14C14B94D}" = LANDesk Advance Agent "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{AA20EF38-5DEC-4F20-A526-5D7F5D9CF9B8}" = Hummingbird HostExplorer 10 "{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2 "{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition "{DF1D5FEC-D67C-43C8-9230-41F5DF350196}" = MetaFrame Presentation Server Client "{F2B9E141-74C0-4167-87B2-52A5A27906D0}" = GroupWise "{FE7D7E78-B9FD-4CAE-B223-10C6E5B307E7}" = Webroot® Client "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AIM_6" = AIM 6 "Autobahn" = MLB.TV NexDef Plug-in "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem "Desktop Calendar_is1" = Desktop Calendar 0.43b "HijackThis" = HijackThis 1.99.1 "ie8" = Windows Internet Explorer 8 "LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "Mozilla Firefox (3.5.4)" = Mozilla Firefox (3.5.4) "Mozilla Thunderbird (2.0.0.22)" = Mozilla Thunderbird (2.0.0.22) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager "NVIDIA Drivers" = NVIDIA Drivers "RealPlayer 6.0" = RealPlayer "SopCast" = SopCast 3.2.4 "Soulseek2" = SoulSeek 157 NS 13d "SystemRequirementsLab" = System Requirements Lab "TUGZip_is1" = TUGZip 3.4 "TVAnts 1.0" = TVAnts 1.0 "Unlocker" = Unlocker 1.8.7 "ViewpointMediaPlayer" = Viewpoint Media Player "Vuze" = Vuze "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "WMS" = Windows NT Messaging "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Juniper_Networks_Cache_Cleaner 6.3.0" = Juniper Networks Cache Cleaner 6.3.0 "Neoteris_Host_Checker" = Juniper Networks Host Checker "StreamPlug Player 2.3.0" = StreamPlug Player 2.3.0 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 6/4/2009 10:47:55 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\SysVol\hersheymed.net\scripts\ntuser_kill.vbs. The network path was not found. . Error - 6/4/2009 10:48:07 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\SysVol\hersheymed.net\scripts\HEProfileUpdate.vbs. The network path was not found. . Error - 6/4/2009 10:48:18 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\SysVol\hersheymed.net\scripts\password.vbe. The network path was not found. . Error - 6/4/2009 10:48:25 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\SysVol\hersheymed.net\scripts\managed_workstations.vbs. The network path was not found. . Error - 6/4/2009 10:48:30 PM | Computer Name = DHFJ0SD1 | Source = AutoEnrollment | ID = 15 Description = Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted. Enrollment will not be performed. Error - 6/4/2009 10:49:59 PM | Computer Name = DHFJ0SD1 | Source = Userenv | ID = 1054 Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. Error - 6/4/2009 10:50:23 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\SysVol\hersheymed.net\scripts\idx_trusted_sites.vbs. The network path was not found. . Error - 6/4/2009 10:50:40 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\sysvol\hersheymed.net\dist\remap_printers.vbs. The network path was not found. . Error - 6/4/2009 10:50:46 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\SysVol\hersheymed.net\scripts\remap_drives.vbs. The network path was not found. . Error - 6/4/2009 10:50:58 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\sysvol\hersheymed.net\scripts\login_map_staff_directory_and_create_folder_icons.vbs. The network path was not found. . [ Application Events ] Error - 6/4/2009 10:47:55 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\SysVol\hersheymed.net\scripts\ntuser_kill.vbs. The network path was not found. . Error - 6/4/2009 10:48:07 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\SysVol\hersheymed.net\scripts\HEProfileUpdate.vbs. The network path was not found. . Error - 6/4/2009 10:48:18 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\SysVol\hersheymed.net\scripts\password.vbe. The network path was not found. . Error - 6/4/2009 10:48:25 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\SysVol\hersheymed.net\scripts\managed_workstations.vbs. The network path was not found. . Error - 6/4/2009 10:48:30 PM | Computer Name = DHFJ0SD1 | Source = AutoEnrollment | ID = 15 Description = Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted. Enrollment will not be performed. Error - 6/4/2009 10:49:59 PM | Computer Name = DHFJ0SD1 | Source = Userenv | ID = 1054 Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. Error - 6/4/2009 10:50:23 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\SysVol\hersheymed.net\scripts\idx_trusted_sites.vbs. The network path was not found. . Error - 6/4/2009 10:50:40 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\sysvol\hersheymed.net\dist\remap_printers.vbs. The network path was not found. . Error - 6/4/2009 10:50:46 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\SysVol\hersheymed.net\scripts\remap_drives.vbs. The network path was not found. . Error - 6/4/2009 10:50:58 PM | Computer Name = DHFJ0SD1 | Source = UserInit | ID = 1000 Description = Could not execute the following script \\hersheymed.net\sysvol\hersheymed.net\scripts\login_map_staff_directory_and_create_folder_icons.vbs. The network path was not found. . [ System Events ] Error - 10/30/2009 1:08:10 PM | Computer Name = DHFJ0SD1 | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the dmadmin service to connect. Error - 10/30/2009 1:08:10 PM | Computer Name = DHFJ0SD1 | Source = Service Control Manager | ID = 7000 Description = The dmadmin service failed to start due to the following error: %%1053 Error - 10/30/2009 1:08:44 PM | Computer Name = DHFJ0SD1 | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the dmserver service to connect. Error - 10/30/2009 1:08:44 PM | Computer Name = DHFJ0SD1 | Source = Service Control Manager | ID = 7000 Description = The dmserver service failed to start due to the following error: %%1053 Error - 10/30/2009 1:09:03 PM | Computer Name = DHFJ0SD1 | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 10/30/2009 1:11:47 PM | Computer Name = DHFJ0SD1 | Source = Service Control Manager | ID = 7001 Description = The System Event Notification service depends on the COM+ Event System service which failed to start because of the following error: %%1058 Error - 10/30/2009 1:11:47 PM | Computer Name = DHFJ0SD1 | Source = Service Control Manager | ID = 7001 Description = The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: %%1058 Error - 10/30/2009 1:11:47 PM | Computer Name = DHFJ0SD1 | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: eeCtrl Fips intelppm SASDIFSV SASKUTIL SAVRT SAVRTPEL SYMTDI Error - 10/30/2009 1:12:24 PM | Computer Name = DHFJ0SD1 | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 10/30/2009 1:12:48 PM | Computer Name = DHFJ0SD1 | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064} < End of report >