XGraveX

February 4, 2009

Heres the pop up one.

OTViewIt logfile created on: 2/4/2009 6:29:48 PM - Run

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\KAGE\Desktop

Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6000.16764)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.94 Mb Total Physical Memory | 316.54 Mb Available Physical Memory | 35.41% Memory free

1.99 Gb Paging File | 1.24 Gb Available in Paging File | 61.92% Paging File free

Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 226.62 Gb Total Space | 148.94 Gb Free Space | 65.72% Space Free | Partition Type: NTFS

Drive D: | 6.26 Gb Total Space | 0.88 Gb Free Space | 14.09% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: KAGE-PC

Current User Name: KAGE

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Whitelist: On

File Age = 30 Days

========== Processes ==========

[2006/11/02 04:45:57 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe

[2006/11/02 04:45:21 | 00,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe

[2007/07/11 16:54:42 | 02,605,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe

[2006/10/24 16:08:20 | 00,107,624 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

[2006/09/20 12:05:16 | 00,046,736 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

[2006/09/14 07:56:06 | 00,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe

[2006/10/31 05:32:10 | 00,194,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

[2006/10/19 16:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Common Files\LightScribe\LSSrvc.exe

[2006/11/02 19:40:12 | 00,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe

[2006/11/02 07:34:46 | 00,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe

[2007/10/18 06:37:04 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe

[2006/11/02 04:46:02 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe

[2006/11/02 04:45:48 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2006/11/02 04:45:04 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe

[2006/11/02 04:45:48 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2006/09/28 08:42:24 | 00,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe

[2006/11/09 05:57:52 | 03,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

[2006/09/14 07:55:52 | 00,061,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe

[2008/03/18 14:58:08 | 00,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[2006/11/02 04:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe

[2008/01/09 18:20:24 | 01,232,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe

[2006/11/02 07:35:32 | 00,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe

[2009/01/09 00:41:00 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[2007/06/20 12:34:32 | 00,995,328 | ---- | M] (NETGEAR) -- C:\Program Files\NETGEAR\WPN111\WPN111.exe

[2008/11/30 15:04:11 | 00,153,104 | ---- | M] (PolderbitS Software) -- C:\Program Files\PolderbitS\Recorder\Driver\PBDriverMonitor_uk.exe

[2006/11/02 07:35:32 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe

[2005/02/02 10:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\hp\KBD\kbd.exe

[2008/10/16 16:09:43 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe

[2008/10/15 23:40:06 | 00,301,568 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieuser.exe

[2008/10/15 23:42:58 | 00,634,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe

[2006/11/07 12:48:18 | 00,214,688 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe

[2009/02/04 18:28:04 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\KAGE\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2006/09/14 07:56:06 | 00,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0 [Auto | Running])

[2006/10/31 05:32:10 | 00,194,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running])

[2006/10/24 16:08:20 | 00,107,624 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr [Auto | Running])

[2006/10/24 16:08:20 | 00,107,624 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr [Auto | Running])

File not found -- -- (CertPropSvc [unknown | Running])

[2006/11/02 01:34:11 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

[2006/10/24 16:08:20 | 00,107,624 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService [Auto | Running])

[2006/10/13 09:29:12 | 00,049,296 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost [On_Demand | Stopped])

File not found -- -- (DcomLaunch [unknown | Running])

[2006/11/02 07:36:25 | 02,089,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped])

[2007/09/04 09:32:07 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [unknown | Running])

[2006/11/02 07:35:28 | 00,291,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped])

[2006/11/02 07:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])

[2006/11/02 07:36:00 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

[2006/11/02 04:46:05 | 00,569,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc [unknown | Running])

[2009/01/09 00:40:55 | 00,137,200 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])

[2005/11/14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])

[2006/10/26 18:18:36 | 00,080,552 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc [On_Demand | Stopped])

[2006/10/19 16:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])

[2006/10/31 05:32:10 | 02,541,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate [On_Demand | Stopped])

[2006/12/14 02:21:20 | 00,045,056 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV [On_Demand | Stopped])

[2006/11/02 08:04:14 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [unknown | Stopped])

[2006/11/02 07:36:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

[2006/12/14 01:46:16 | 00,057,344 | ---- | M] () -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR [On_Demand | Stopped])

[2006/11/02 19:40:12 | 00,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing [Auto | Running])

[2006/11/02 04:46:12 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [unknown | Stopped])

File not found -- -- (Schedule [unknown | Running])

File not found -- -- (SCPolicySvc [unknown | Stopped])

[2007/07/11 16:54:42 | 02,605,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])

[2006/11/02 04:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])

[2007/02/05 10:11:16 | 00,112,184 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service [On_Demand | Stopped])

[2006/12/14 02:02:08 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV [On_Demand | Stopped])

[2007/02/05 10:11:18 | 00,075,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV [On_Demand | Stopped])

[2008/03/08 22:02:41 | 00,087,288 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service [On_Demand | Stopped])

[2006/11/01 14:58:02 | 00,078,752 | R--- | M] (MicroVision Development, Inc.) -- c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped])

[2007/01/11 23:34:30 | 01,174,152 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [On_Demand | Stopped])

[2006/09/20 12:05:16 | 00,046,736 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore [Auto | Running])

[2006/11/02 04:45:50 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])

[2006/11/02 04:45:50 | 00,392,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])

File not found -- -- (WdiServiceHost [unknown | Stopped])

File not found -- -- (WdiSystemHost [unknown | Running])

[2006/11/02 07:36:04 | 00,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[2006/11/02 07:34:46 | 00,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])

[2007/10/18 06:37:04 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService [Auto | Running])

========== Driver Services ==========

[2006/11/02 04:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])

[2006/11/02 04:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])

[2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])

[2006/11/02 04:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])

[2006/11/02 04:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])

[2006/11/02 04:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])

[2006/11/02 04:49:59 | 00,054,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])

[2006/11/02 04:49:26 | 00,015,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])

[2006/11/02 03:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])

[2006/11/02 03:30:18 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [On_Demand | Running])

[2006/11/02 04:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])

[2006/11/02 04:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])

[2006/11/02 03:31:12 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])

[2006/11/02 03:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])

[2006/11/02 03:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])

[2006/11/02 03:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [Disabled | Stopped])

[2006/11/02 03:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])

[2006/11/02 03:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])

[2006/11/02 03:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])

[2006/11/02 03:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [Disabled | Stopped])

[2006/11/02 03:55:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped])

[2007/12/05 23:14:53 | 00,224,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS [unknown | Running])

[2006/11/02 04:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])

[2006/11/02 04:49:43 | 00,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [boot | Running])

[2006/11/02 03:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])

[2006/11/02 03:31:04 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [system | Running])

[2006/11/16 13:36:18 | 00,021,504 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\System32\drivers\DNIMP50.sys -- (DNIMp50 [On_Demand | Stopped])

[2006/11/16 13:36:28 | 00,020,480 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\System32\drivers\DNISP50.sys -- (DNISp50 [On_Demand | Running])

[2007/09/04 09:32:08 | 00,619,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])

[2006/11/02 02:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])

[2006/11/02 07:34:35 | 00,132,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [boot | Running])

[2008/01/20 04:00:00 | 00,385,072 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [system | Running])

[2006/11/02 04:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])

[2008/11/20 04:00:00 | 00,099,376 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv [On_Demand | Running])

[2006/11/02 04:49:58 | 00,056,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [boot | Running])

[2006/11/02 03:32:55 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])

[2006/11/02 04:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])

[2006/11/02 02:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])

[2007/07/11 16:54:01 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])

[2006/11/02 03:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])

[2006/11/02 03:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped])

[2006/11/02 04:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])

[2008/05/08 04:03:18 | 00,980,992 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP [On_Demand | Running])

[2008/05/08 04:05:18 | 00,266,752 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2 [On_Demand | Running])

[2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped])

[2006/10/19 22:10:16 | 00,202,872 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20061025.029\IDSvix86.sys -- (IDSvix86 [On_Demand | Stopped])

[2004/03/29 16:28:24 | 00,014,531 | ---- | M] (iRiver, Inc.) -- C:\Windows\System32\drivers\Ifp700.sys -- (IFP700 [boot | Running])

[2006/11/02 04:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])

[2006/11/08 14:09:24 | 01,647,976 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])

[2006/11/02 03:42:03 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])

[2006/11/02 04:51:12 | 00,168,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running])

[2006/11/02 04:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])

[2006/11/02 04:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])

[2006/11/02 03:51:12 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [Disabled | Stopped])

[2006/11/02 03:56:49 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])

[2006/11/02 04:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])

[2006/11/02 04:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])

[2006/11/02 04:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])

[2006/11/02 03:33:07 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running])

[2006/06/19 08:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])

[2006/11/02 04:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])

[2007/12/16 04:56:45 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])

[2006/11/02 04:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])

[2007/07/11 16:56:55 | 00,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])

[2006/11/02 04:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])

[2008/08/25 20:11:59 | 00,211,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])

[2007/12/12 07:18:36 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])

[2006/11/02 04:49:44 | 00,023,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Disabled | Stopped])

[2006/11/02 04:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])

[2006/11/02 04:49:20 | 00,013,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [boot | Running])

[2006/11/02 04:51:09 | 00,160,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])

[2008/01/18 22:06:36 | 00,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Running])

[2006/11/05 20:00:00 | 00,079,240 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVENG.SYS -- (NAVENG [On_Demand | Stopped])

[2006/11/05 20:00:00 | 00,831,880 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVEX15.SYS -- (NAVEX15 [On_Demand | Stopped])

[2006/11/02 04:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])

[2006/11/02 03:57:30 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [system | Running])

[2006/11/02 02:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])

[2007/05/04 01:29:10 | 01,065,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD [On_Demand | Running])

[2007/07/06 20:15:00 | 07,568,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])

[2006/11/02 04:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])

[2007/01/05 20:59:42 | 00,035,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [boot | Running])

[2006/11/02 04:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])

[2008/11/30 15:04:11 | 00,106,768 | ---- | M] () -- C:\Windows\System32\drivers\pbsaudrv.sys -- (PbsAuDrv [On_Demand | Running])

[2006/11/02 04:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])

[2005/12/12 11:27:00 | 00,019,072 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\PS2.sys -- (Ps2 [On_Demand | Running])

[2007/09/04 09:32:10 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [system | Running])

[2006/10/18 02:00:00 | 00,036,624 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\drivers\pxhelp20.sys -- (PxHelp20 [boot | Running])

[2006/11/02 04:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])

[2006/11/02 04:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])

[2006/11/02 07:34:31 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])

[2006/11/02 04:02:01 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [system | Running])

[2006/11/02 03:56:49 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])

[2006/11/02 04:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])

[2006/11/02 01:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])

[2007/12/05 21:18:26 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])

[2006/11/02 03:51:38 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [Disabled | Stopped])

[2006/11/02 03:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])

[2006/11/02 03:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])

[2006/11/02 04:49:51 | 00,053,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped])

[2006/11/02 04:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])

[2006/11/02 04:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])

[2006/11/02 03:57:10 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [system | Running])

[2006/10/06 08:26:16 | 00,406,672 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv [On_Demand | Stopped])

[2006/11/02 04:49:35 | 00,018,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [boot | Running])

[2006/11/03 12:22:56 | 00,245,880 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP [On_Demand | Stopped])

[2006/11/03 12:23:02 | 00,275,576 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL [On_Demand | Stopped])

[2006/11/03 12:23:00 | 00,024,184 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX [system | Running])

[2007/12/12 07:18:30 | 00,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])

[2007/12/12 07:18:30 | 00,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])

[2005/08/17 06:45:00 | 00,058,352 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus [On_Demand | Stopped])

[2005/08/17 06:46:20 | 00,008,272 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl [On_Demand | Stopped])

[2005/08/17 06:46:26 | 00,093,872 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm [On_Demand | Stopped])

[2005/08/17 06:47:48 | 00,073,696 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd [On_Demand | Stopped])

[2006/11/02 04:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])

[2007/01/11 23:36:20 | 00,109,744 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])

[2006/10/24 07:40:22 | 00,026,384 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV [On_Demand | Stopped])

[2006/10/24 07:40:22 | 00,185,744 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI [system | Running])

[2006/11/02 04:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])

[2006/11/02 04:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])

[2006/11/02 03:57:47 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])

[2006/11/02 03:57:35 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [system | Running])

[2006/11/02 04:02:07 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Running])

[2007/07/11 16:56:53 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])

[2007/07/11 16:56:54 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running])

[2006/11/02 04:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped])

[2006/11/02 04:50:04 | 00,058,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])

[2006/11/02 04:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])

[2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])

[2006/11/02 04:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])

[2006/11/02 03:55:24 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])

[2006/11/02 03:55:22 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umpass.sys -- (UMPass [On_Demand | Stopped])

[2006/11/02 03:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [Disabled | Stopped])

[2006/11/02 03:53:56 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])

[2006/11/02 03:30:19 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])

[2006/11/02 04:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])

[2006/11/02 04:50:24 | 00,050,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [boot | Running])

[2006/11/02 04:51:30 | 00,290,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [boot | Running])

[2006/11/02 04:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])

[2006/11/02 03:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])

[2006/11/02 04:49:38 | 00,019,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])

[2007/12/05 23:13:53 | 00,495,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [boot | Running])

[2008/05/08 04:04:16 | 00,661,504 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf [On_Demand | Running])

[2006/11/02 03:35:03 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [Disabled | Stopped])

[2007/06/01 17:36:26 | 00,870,400 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\WPN111v.sys -- (WPN111 [On_Demand | Running])

[2006/11/02 03:58:26 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled | Stopped])

[2007/10/18 06:36:54 | 00,008,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio [Auto | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157

"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896

"Default_Secondary_Page_URL"=

"Extensions Off Page"=about:NoAdd-ons

"Local Page"=%SystemRoot%\system32\blank.htm

"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896

"Security Risk Page"=about:SecurityRisk

"Start Page"=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]

"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{d7df6ae0-d36c-4397-94ec-9f653bd4eda4}" (HKLM) -- C:\Program Files\PSP_Blender\tbPSP_.dll (Conduit Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\Windows\system32\blank.htm

"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896

"Start Page"=http://www.yahoo.com/

"StartPageCache"=

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (27 bytes) - C:\Windows\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{02478D38-C3F9-4EFB-9B51-7695ECA05670} (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

{1E8A6170-7264-4D0F-BEAE-D42A53123C75} (HKLM) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation)

{3049C3E9-B461-4BC5-8870-4C09146192CA} (HKLM) -- C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)

{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (HKLM) -- C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)

{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} (HKLM) -- C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)

{d7df6ae0-d36c-4397-94ec-9f653bd4eda4} (HKLM) -- C:\Program Files\PSP_Blender\tbPSP_.dll (Conduit Ltd.)

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{90222687-F593-4738-B738-FBEE9C7B26DF}" (HKLM) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{BFB5F154-9212-46F3-B547-AC6106030A54}" (HKLM) -- C:\Program Files\Search Enhancer Toolbar\NCL.dll File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{d7df6ae0-d36c-4397-94ec-9f653bd4eda4}" (HKLM) -- C:\Program Files\PSP_Blender\tbPSP_.dll (Conduit Ltd.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

"{BFB5F154-9212-46F3-B547-AC6106030A54}" (HKLM) -- C:\Program Files\Search Enhancer Toolbar\NCL.dll File not found

"{D7DF6AE0-D36C-4397-94EC-9F653BD4EDA4}" (HKLM) -- C:\Program Files\PSP_Blender\tbPSP_.dll (Conduit Ltd.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe" (Adobe Systems Incorporated)

"ccApp"=c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)

"hpsysdrv"=c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)

"iRiver Updater"=\Updater.exe File not found

"KBD"=C:\HP\KBD\KbdStub.EXE ()

"MSConfig"="C:\Windows\system32\msconfig.exe" /auto (Microsoft Corporation)

"NvCplDaemon"=RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)

"NvMediaCenter"=RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)

"NvSvc"=RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart (NVIDIA Corporation)

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)

"RtHDVCpl"=RtHDVCpl.exe (Realtek Semiconductor)

"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe (Microsoft Corporation)

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation)

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

========== (O4) RunOnce Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"=%WINDIR%\SMINST\launcher.exe (soft thinks)

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"ConsentPromptBehaviorAdmin"=2

"ConsentPromptBehaviorUser"=1

"EnableInstallerDetection"=1

"EnableLUA"=1

"EnableSecureUIAPaths"=1

"EnableVirtualization"=1

"PromptOnSecureDesktop"=1

"ValidateAdminCodeSignatures"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"scforceoption"=0

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"FilterAdministratorToken"=0

"DisableRegistryTools"=0

"HideLegacyLogonScripts"=0

"HideLogoffScripts"=0

"RunLogonScriptSync"=1

"RunStartupScriptSync"=0

"HideStartupScripts"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats]

"CF_TEXT"=1

"CF_BITMAP"=2

"CF_OEMTEXT"=7

"CF_DIB"=8

"CF_PALETTE"=9

"CF_UNICODETEXT"=13

"CF_DIBV5"=17

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDrives"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"HideLegacyLogonScripts"=0

"HideLogoffScripts"=0

"HideStartupScripts"=0

"RunLogonScriptSync"=1

"RunStartupScriptSync"=0

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{166B1BCA-3F9C-11CF-8075-444553540000}: http://download.macromedia.com/pub/shockwa...director/sw.cab -- Shockwave ActiveX Control

{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab -- Shockwave Flash Object

========== (O17) DNS Name Servers ==========

{32DCA009-134A-4293-8FB3-CA619C6D4E13} (Servers: | Description: NVIDIA nForce Networking Controller)

{F07E1D72-6FAC-4839-8B9C-8D938C6BD82F} (Servers: | Description: NETGEAR RangeMax Wireless USB 2.0 Adapter WPN111)

========== HKLM *SecurityProviders* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]

"SecurityProviders"=credssp.dll, msansspc.dll

>[2006/11/02 04:46:03 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll

>File not found --

========== LSA *Security Packages* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg,

>[2006/11/02 04:46:13 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

========== Autorun Files on Drives ==========

autoexec.bat [REM Dummy file for NTVDMPATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ]

[2007/01/11 23:11:06 | 00,000,074 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[2009/02/04 18:28:03 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Users\KAGE\Desktop\OTViewIt.exe

[2009/01/25 11:06:56 | 00,000,000 | ---D | C] -- C:\Users\KAGE\AppData\Local\Adobe

[2009/01/23 00:00:36 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SPWizUI.dll

[2009/01/23 00:00:36 | 00,047,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SPReview.exe

[2009/01/22 23:47:07 | 00,081,920 | ---- | C] () -- C:\Windows\SPInstall.etl

[2009/01/22 23:42:58 | 45,561,1504 | ---- | C] (Microsoft Corporation) -- C:\Users\KAGE\Desktop\Windows6.0-KB936330-X86-wave0.exe

[2009/01/21 18:27:40 | 00,000,206 | ---- | C] () -- C:\Users\KAGE\Desktop\Help and Support.url

@Alternate Data Stream - 3638 bytes -> C:\Users\KAGE\Desktop\Help and Support.url:favicon

[2009/01/19 06:56:26 | 02,905,533 | -H-- | C] () -- C:\Users\KAGE\AppData\Local\IconCache.db

[2009/01/19 06:48:05 | 22,718,496 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat

[2009/01/19 06:48:05 | 00,268,352 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.idx

[2009/01/18 23:14:46 | 00,000,000 | ---D | C] -- C:\ProgramData\is-SJ6MO

[2009/01/18 23:08:52 | 32,442,600 | ---- | C] ( ) -- C:\Users\KAGE\Desktop\setup_7.0.0.290_19.01.2009_04-49.exe

[2009/01/18 18:51:02 | 00,000,000 | ---D | C] -- C:\Users\KAGE\AppData\Local\Apple

[2009/01/14 18:21:59 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys

[2009/01/07 18:32:00 | 00,000,000 | ---D | C] -- C:\Users\KAGE\AppData\Local\Conduit

[2009/01/07 18:31:59 | 00,000,000 | ---D | C] -- C:\Users\KAGE\AppData\Local\PSP_Blender

========== Files - Modified Within 30 Days ==========

[2009/02/04 18:28:13 | 00,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2009/02/04 18:28:13 | 00,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2009/02/04 18:28:04 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\KAGE\Desktop\OTViewIt.exe

[2009/02/04 18:00:05 | 00,000,406 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for KAGE.job

[2009/02/04 13:28:15 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2009/02/04 13:28:10 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2009/02/03 23:29:06 | 02,905,533 | -H-- | M] () -- C:\Users\KAGE\AppData\Local\IconCache.db

[2009/01/24 13:33:41 | 00,081,920 | ---- | M] () -- C:\Windows\SPInstall.etl

[2009/01/22 23:47:07 | 00,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SPWizUI.dll

[2009/01/22 23:47:07 | 00,047,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SPReview.exe

[2009/01/22 23:42:57 | 45,561,1504 | ---- | M] (Microsoft Corporation) -- C:\Users\KAGE\Desktop\Windows6.0-KB936330-X86-wave0.exe

[2009/01/21 18:27:40 | 00,000,206 | ---- | M] () -- C:\Users\KAGE\Desktop\Help and Support.url

@Alternate Data Stream - 3638 bytes -> C:\Users\KAGE\Desktop\Help and Support.url:favicon

[2009/01/20 15:45:22 | 22,718,496 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat

[2009/01/20 15:45:22 | 00,268,352 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx

[2009/01/18 23:10:04 | 32,442,600 | ---- | M] ( ) -- C:\Users\KAGE\Desktop\setup_7.0.0.290_19.01.2009_04-49.exe

[2009/01/18 15:26:18 | 00,716,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2009/01/18 15:26:18 | 00,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2009/01/18 15:26:18 | 00,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2009/01/09 20:35:28 | 20,853,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe

< End of report >

And the Extras

OTViewIt Extras logfile created on: 2/4/2009 6:29:48 PM - Run

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\KAGE\Desktop

Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6000.16764)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.94 Mb Total Physical Memory | 316.54 Mb Available Physical Memory | 35.41% Memory free

1.99 Gb Paging File | 1.24 Gb Available in Paging File | 61.92% Paging File free

Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 226.62 Gb Total Space | 148.94 Gb Free Space | 65.72% Space Free | Partition Type: NTFS

Drive D: | 6.26 Gb Total Space | 0.88 Gb Free Space | 14.09% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: KAGE-PC

Current User Name: KAGE

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Whitelist: On

File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval"=1

"FirewallDisableNotify"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride"=0

"AntiSpywareOverride"=0

"FirewallOverride"=0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"DisableNotifications"=0

"EnableFirewall"=0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[2006/08/30 07:35:12 | 00,952,088 | ---- | M] (EarthLink, Inc.) -- C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]

NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] -- C:\Windows\System32\nlaapi.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\napinsp.dll,-1000] -- C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000005 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000006 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols

ldap -- 4 = Restricted sites (Not a Default Protocol)

news -- 4 = Restricted sites (Not a Default Protocol)

nntp -- 4 = Restricted sites (Not a Default Protocol)

oecmd -- 4 = Restricted sites (Not a Default Protocol)

snews -- 4 = Restricted sites (Not a Default Protocol)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2001/06/20 04:26:46 | 00,221,184 | ---- | M] (Microsoft Corporation) c:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0373779B-A362-4B2E-B8E9-7442F19F9394}"=HP Total Care Advisor

"{0394CDC8-FABD-4ed8-B104-03393876DFDF}"=Roxio Creator Tools

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}"=Steam

"{072D2077-9E22-4F7F-B817-A92CA6CCC843}"=iriver Music Manager

"{0D397393-9B50-4c52-84D5-77E344289F87}"=Roxio Creator Data

"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}"=Roxio Creator EasyArchive

"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}"=QuickTime

"{18D10072035C4515918F7E37EAFAACFC}"=AutoUpdate

"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}"=Rhapsody Player Engine

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer

"{25569723-DC5A-4467-A639-79535BF01B71}"=Adobe Help Center 2.1

"{26FB63F9-AD23-40E4-9B75-0E768AC04262}"=SAMSUNG Mobile USB DRIVER(4.40.1.0) v1.0

"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}"=SymNet

"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}"=Rhapsody Player Engine

"{3248F0A8-6813-11D6-A77B-00B0D0150010}"=J2SE Runtime Environment 5.0 Update 1

"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}"=Norton Internet Security

"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}"=ccCommon

"{3FADAA19-E595-44CA-A072-58B6B0851768}"=Norton Security Scan

"{40F7AED3-0C7D-4582-99F6-484A515C73F2}"=HP Easy Setup - Frontend

"{48185814-A224-447A-81DA-71BD20580E1B}"=Norton Internet Security

"{4843B611-8FCB-4428-8C23-31D0A5EAE164}"=Norton Confidential Browser Component

"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}"=HP Picasso Media Center Add-In

"{582E9125-32B6-4CBA-AB48-3E33CE3DB389}"=NETGEAR RangeMax Wireless USB 2.0 Adapter WPN111

"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}"=Norton Internet Security

"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}"=Roxio Creator Copy

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}"=Roxio Express Labeler 3

"{6D52C408-B09A-4520-9B18-475B81D393F1}"=Microsoft Works

"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable

"{75E71ADD-042C-4F30-BFAC-A9EC42351313}"=Python 2.4.3

"{77772678-817F-4401-9301-ED1D01A8DA56}"=SPBBC 32bit

"{789289CA-F73A-4A16-A331-54D498CE069F}"=Ventrilo Client

"{7B63B2922B174135AFC0E1377DD81EC2}"=DivX

"{81D2FECF-FB01-4120-828B-DB3213440356}"=EverQuest II: The Shadow Odyssey

"{830D8CBD-C668-49e2-A969-C2C2106332E0}"=Norton AntiVirus

"{83FFCFC7-88C6-41c6-8752-958A45325C82}"=Roxio Creator Audio

"{8C6027FD-53DC-446D-BB75-CACD7028A134}"=HP Update

"{93A1B09E-BAFA-4628-A5B6-921CB026955A}"=Corel Paint Shop Pro Photo XI

"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}"=Norton Protection Center

"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}"=HP Customer Feedback

"{A0EB195B-5876-48E6-879D-33D4B2102610}"=SonicStage 4.3

"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}"=Adobe Photoshop Elements 5.0

"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}"=HP Customer Experience Enhancements

"{AC76BA86-7AD7-1033-7B44-A70800000002}"=Adobe Reader 7.0.8

"{B2ED6DAA-31AA-49E4-BFA1-AF3388D90F7D}"=EverQuest II

"{B7050CBDB2504B34BC2A9CA0A692CC29}"=DivX Web Player

"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}"=Apple Software Update

"{B7C61755-DB48-4003-948F-3D34DB8EAF69}"=MSRedist

"{B83A15A7-2BD5-4416-BC43-AF5F9A4B08A9}"=muvee autoProducer 5.0

"{C3DC29BC-A8CF-4578-9DFC-37F049C44771}"=OcxSetup

"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}"=Roxio Creator Basic v9

"{CCD663AE-610D-4BDF-AAB0-E914B044527D}"=OpenMG Secure Module 4.7.00

"{CFF08881-43E4-4082-91C4-0E17F82E849D}"=ArcSoft MediaConverter 2

"{D050D7362D214723AD585B541FFB6C11}"=DivX Content Uploader

"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}"=Norton Confidential Web Protection Component

"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}"=Symantec Real Time Storage Protection Component

"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}"=LightScribe 1.4.124.1

"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}"=Norton Internet Security

"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}"=Norton Internet Security

"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}"=AppCore

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver

"{F4DB525F-A986-4249-B98B-42A8066251CA}"=AV

"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}"=HP Easy Setup - Core

"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX

"Adobe Photoshop Elements 5"=Adobe Photoshop Elements 5.0

"Adobe Shockwave Player"=Adobe Shockwave Player

"AIM_6"=AIM 6

"BitLord"=BitLord 1.1

"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1"=Soft Data Fax Modem with SmartCP

"EQ2MAP Updater"=EQ2MAP Updater 1.0.16

"HijackThis"=HijackThis 2.0.2

"HPOOVClient-6811507 Uninstaller"=HP Connections (remove only)

"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}"=OpenMG Secure Module 4.7.00

"LimeWire"=LimeWire PRO 4.8.0

"LiveUpdate"=LiveUpdate 3.2 (Symantec Corporation)

"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware

"Midi2Wav Recorder DEMO"=Midi2Wav Recorder DEMO 4.0

"MLUpdater"=iRiver Updater

"NSSSetup.{3FADAA19-E595-44CA-A072-58B6B0851768}"=Norton Security Scan (Symantec Corporation)

"NVIDIA Drivers"=NVIDIA Drivers

"OpenMG HotFix4.7-07-13-22-01"=OpenMG Limited Patch 4.7-07-14-05-01

"PC-Doctor 5 for Windows"=Hardware Diagnostic Tools

"PolderbitSRecorder"=PolderbitS Sound Recorder and Editor

"PSP_Blender Toolbar"=PSP_Blender Toolbar

"RealPlayer 6.0"=RealPlayer

"ShockwaveFlash"=Adobe Flash Player 9 ActiveX

"SprintMusicManagerA"=Sprint music manager

"Station Launcher"=Station Launcher

"Steam App 10"=Counter-Strike

"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}"=Norton Internet Security (Symantec Corporation)

"TBSB02751.TBSB02751Toolbar"=Search Enhancer Toolbar

"ViewpointMediaPlayer"=Viewpoint Media Player

"Warcraft III"=Warcraft III

"WildTangent hpdesktop Master Uninstall"=My HP Games

"WinRAR archiver"=WinRAR archiver

"Yahoo! Companion"=Yahoo! Toolbar for Internet Explorer

"Yahoo! Toolbar"=Yahoo! Toolbar

"YASA MP4 Video Converter v3.2 (build 0051)"=YASA MP4 Video Converter v3.2 (build 0051)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Steam App 10"=Counter-Strike

"uTorrent"=ÂµTorrent

"Warcraft III"=Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 1/21/2009 8:12:37 PM | Computer Name = KAGE-PC | Source = VSS | ID = 12293

Description =

Error - 1/21/2009 8:12:37 PM | Computer Name = KAGE-PC | Source = VSS | ID = 8194

Description =

Error - 1/23/2009 12:19:45 AM | Computer Name = KAGE-PC | Source = Application Error | ID = 1000

Description = Faulting application iexplore.exe, version 7.0.6000.16764, time stamp

0x48f6a2ed, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception

code 0xc0000005, fault offset 0xffffffff, process id 0xf6c, application start time

0x01c97d106b59960a.

Error - 1/24/2009 11:23:47 PM | Computer Name = KAGE-PC | Source = Application Hang | ID = 1002

Description = The program EverQuest2.exe version 1.0.0.1 stopped interacting with

Windows and was closed. To see if more information about the problem is available,

check the problem history in the Problem Reports and Solutions control panel. Process

ID: e74 Start Time: 01c97e8120285701 Termination Time: 4571

Error - 1/25/2009 11:50:42 AM | Computer Name = KAGE-PC | Source = Application Error | ID = 1000

Description = Faulting application KB12.exe, version 5.0.2169.1, time stamp 0x3ff6ff68,

faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code

0xc0000005, fault offset 0x7ffd4000, process id 0xb3c, application start time 0x01c97f04ad91f97a.

Error - 1/26/2009 12:31:23 AM | Computer Name = KAGE-PC | Source = Application Error | ID = 1000

Description = Faulting application KB73.exe, version 5.0.2169.1, time stamp 0x3ff6ff68,

faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code

0xc0000005, fault offset 0x7ffd6000, process id 0x1e38, application start time 0x01c97f6ef06d661d.

Error - 1/26/2009 12:34:32 AM | Computer Name = KAGE-PC | Source = Application Error | ID = 1000

Description = Faulting application realplay.exe, version 11.0.0.431, time stamp

0x4775c0a0, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,

exception code 0xc0000005, fault offset 0x00022a24, process id 0x185c, application

start time 0x01c97f6f60cfb16d.

Error - 1/26/2009 12:34:51 AM | Computer Name = KAGE-PC | Source = Application Error | ID = 1000

Description = Faulting application realplay.exe, version 11.0.0.431, time stamp

0x4775c0a0, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,

exception code 0xc0000005, fault offset 0x00022a24, process id 0x1ac4, application

start time 0x01c97f6f6d58ebed.

Error - 1/29/2009 12:34:42 AM | Computer Name = KAGE-PC | Source = Application Error | ID = 1000

Description = Faulting application iexplore.exe, version 7.0.6000.16764, time stamp

0x48f6a2ed, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception

code 0xc0000005, fault offset 0xffffffff, process id 0x1d4, application start time

0x01c981c58ef4d97f.

Error - 1/30/2009 6:13:49 PM | Computer Name = KAGE-PC | Source = Application Hang | ID = 1002

Description = The program iexplore.exe version 7.0.6000.16764 stopped interacting

with Windows and was closed. To see if more information about the problem is available,

check the problem history in the Problem Reports and Solutions control panel. Process

ID: 6bc Start Time: 01c9831f9f17ea3a Termination Time: 125

[ Media Center Events ]

Error - 12/20/2007 10:13:41 AM | Computer Name = KAGE-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/22/2007 11:10:35 AM | Computer Name = KAGE-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/29/2008 7:45:23 PM | Computer Name = KAGE-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/31/2008 12:43:19 PM | Computer Name = KAGE-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 6/2/2008 4:13:23 PM | Computer Name = KAGE-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

[ System Events ]

Error - 2/2/2009 12:44:47 PM | Computer Name = KAGE-PC | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot

2, function 0. Please contact your system vendor for technical assistance.

Error - 2/2/2009 12:44:47 PM | Computer Name = KAGE-PC | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot

4, function 0. Please contact your system vendor for technical assistance.

Error - 2/3/2009 4:58:59 PM | Computer Name = KAGE-PC | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot

2, function 0. Please contact your system vendor for technical assistance.

Error - 2/3/2009 4:58:59 PM | Computer Name = KAGE-PC | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot

4, function 0. Please contact your system vendor for technical assistance.

Error - 2/3/2009 5:01:00 PM | Computer Name = KAGE-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 2/3/2009 11:16:16 PM | Computer Name = KAGE-PC | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot

2, function 0. Please contact your system vendor for technical assistance.

Error - 2/3/2009 11:16:16 PM | Computer Name = KAGE-PC | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot

4, function 0. Please contact your system vendor for technical assistance.

Error - 2/3/2009 11:16:45 PM | Computer Name = KAGE-PC | Source = Dhcp | ID = 1002

Description = The IP address lease 192.168.1.101 for the Network Card with network

address 001F33E17AD1 has been denied by the DHCP server 0.0.0.0 (The DHCP Server

sent a DHCPNACK message).

Error - 2/4/2009 2:27:51 PM | Computer Name = KAGE-PC | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot

2, function 0. Please contact your system vendor for technical assistance.

Error - 2/4/2009 2:27:51 PM | Computer Name = KAGE-PC | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot

4, function 0. Please contact your system vendor for technical assistance.

< End of report >

February 2, 2009

Sorry it took so long to get back to you. I was touring a college.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:46:32 AM, on 2/2/2009

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16764)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\mobsync.exe

C:\hp\support\hpsysdrv.exe

C:\hp\KBD\KbdStub.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\NETGEAR\WPN111\wpn111.exe

C:\Program Files\PolderbitS\Recorder\Driver\PBDriverMonitor_uk.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O2 - BHO: PSP Blender Toolbar - {d7df6ae0-d36c-4397-94ec-9f653bd4eda4} - C:\Program Files\PSP_Blender\tbPSP_.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll

O3 - Toolbar: Search Enhancer Toolbar - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\Search Enhancer Toolbar\NCL.dll (file missing)

O3 - Toolbar: PSP Blender Toolbar - {d7df6ae0-d36c-4397-94ec-9f653bd4eda4} - C:\Program Files\PSP_Blender\tbPSP_.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [iRiver Updater] \Updater.exe

O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-18\..\RunOnce: [shockwave Updater] C:\Windows\System32\Macromed\SHOCKW~1\SWHELP~1.EXE -Update -1030024 -udxfytw.sys2.1 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [shockwave Updater] C:\Windows\System32\Macromed\SHOCKW~1\SWHELP~1.EXE -Update -1030024 -udxfytw.sys2.1 (User 'Default user')

O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?

O4 - Global Startup: PolderbitS Audio Driver Monitor.lnk = C:\Program Files\PolderbitS\Recorder\Driver\PBDriverMonitor_uk.exe

O13 - Gopher Prefix:

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 8479 bytes

January 23, 2009

Hello?

January 20, 2009

Hi. I've been away from the whole best techie thing for quite sometime. I was hoping that someone would be able to help me in my endeavors. I have windows vista. I've ran through things here before but i never got to finish the whole thing. So I'm going to copy my previous reports and my virus log as well.

Symptoms-

1. Whenever I go to certain websites the windows will turn white like it won't respond and then my internet explorer will restart itself. Megaupload.com is where I have the problem.

2. I can't seem to install the sevice pack 1 update either. ( Strange )

3. Overall slow performance after I ran Kapersky (Even Stranger )

Heres is the logs for my previous run through this.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:27:23 AM, on 12/19/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16764)

Boot mode: Normal

Running processes:

C:\Windows\Explorer.EXE

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\hp\support\hpsysdrv.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\NETGEAR\WPN111\wpn111.exe

C:\Program Files\PolderbitS\Recorder\Driver\PBDriverMonitor_uk.exe

C:\Windows\System32\rundll32.exe

C:\hp\kbd\kbd.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: PSP Blender Toolbar - {d7df6ae0-d36c-4397-94ec-9f653bd4eda4} - C:\Program Files\PSP_Blender\tbPSP_.dll

O1 - Hosts: ::1 localhost

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll

O2 - BHO: TBSB02751 - {25875464-7327-417C-8264-902D99CF6FD1} - C:\Program Files\Search Enhancer Toolbar\NCL.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: PSP Blender Toolbar - {d7df6ae0-d36c-4397-94ec-9f653bd4eda4} - C:\Program Files\PSP_Blender\tbPSP_.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Search Enhancer Toolbar - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\Search Enhancer Toolbar\NCL.dll

O3 - Toolbar: PSP Blender Toolbar - {d7df6ae0-d36c-4397-94ec-9f653bd4eda4} - C:\Program Files\PSP_Blender\tbPSP_.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide