Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

CJR74

18 Posts

12222

December 7th, 2009 22:00

Malware causing computer to lock up

The infected computer is locking up as  well as having antiviral advertising pop ups, to the extent that I am having to use another computer for Forum Posts.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:26:52 PM, on 12/7/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Application Data\Wyeke\wyeke127.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\SYSTEM32\userinit.exe
C:\WINDOWS\SYSTEM32\PRISMSVR.EXE
C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Wyeke\wyeke.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
C:\PROGRA~1\MYWEBS~1\bar\3.bin\m3SrchMn.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\DOCUME~1\Carlton\LOCALS~1\Temp\richtx64.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\DOCUME~1\Carlton\LOCALS~1\Temp\wscsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070723
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL
R3 - URLSearchHook: NetAssistantBHO Class - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: TBSB00781 - {B5DB3E09-CA5B-4419-A3F3-B559708244C9} - C:\Program Files\Profile Pimp\tbcore3.dll
O2 - BHO: NetAssistantBHO - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\My.Freeze.com Toolbar\freeze_control2_phase1_new.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: My.Freeze.com Toolbar - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - C:\Program Files\My.Freeze.com Toolbar\freeze_control2_phase1_new.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\3.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKCU\..\Run: [richtx64.exe] C:\DOCUME~1\Carlton\LOCALS~1\Temp\richtx64.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Desktop Manager.lnk = C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=GRxdm020VPUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: vzTCPConfig - https://www.verizon.net/WhatsNext/CheckMyPc/vzTCPConfig.CAB
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/sdcCommon/download/FIOS/tgctlcm.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1221704517145&h=1fda7bac32ce5a5e4ba90074b4bf05d1/&filename=jinstall-6u7-windows-i586-jc.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwssvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: ThreatFire - PC Tools - C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
O23 - Service: Wyeke Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Wyeke\wyeke127.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
O24 - Desktop Component 0: Privacy Protection - (no file)

--
End of file - 15642 bytes

bamajim

10.4K Posts

December 24th, 2009 06:00


CJR74

How's your PC running at this point?

Please perform a BitDefender Online Virus and Malware Scan here:
* Click on I Agree.
* An ActiveX warning box will appear, click on Install.
* Under Select What You Want To Check For Viruses.
* Please Check My Computer and Click Ok
* Now Click On Click Here To Scan
* Next, Click on Click here to export the scan report
* Save it to your Desktop.
* In your next reply, please include the BitDefender log.

CJR74

18 Posts

December 28th, 2009 06:00

Computer Update: it is not "locking up" like it once was, it is still having the issue of not having anything on the desktop when I initially sign on.

I tried several times but was unable to get BIT DEFENDER to scan, I kept getting failed notices during the scanning process.

bamajim

10.4K Posts

December 28th, 2009 16:00

 

CJR74

O.k.

Go HERE and Download System Repair Engineer by smallfrogs
Select local download
  • Save it to your Desktop
    Rt Click sreng2.zip->>Extract all->>Extract it to your desktop
    Open the sreng folder
    Double click SREngPS.exe->>Click Run
    At the main Window, in the left Pane,Select Smart Scan
    At the next window make sure all of the boxes are checked and Select Scan
    When the scan is complete Select Save reports
    Save it to your desktop and Close the tool
    Double Click SREngLog.txt copy and paste that log as a reply to this thread


Do not run any other options with this tool unless instructed to do so.

 

CJR74

18 Posts

December 29th, 2009 21:00



2009-12-29,23:15:07


System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)


Windows XP Home Edition Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed


Follow item(s) have been selected:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Running Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File
    Process Privileges Scan
    Scheduled Tasks
    Windows Security Update Check
    API HOOK
    Hidden Process



Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    
   
    <"C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe">  [(Verified)Google Inc]
    
    
    
     
        [(Verified)Microsoft Windows Publisher]
      
    
      
       <"C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler>  [(Verified)Macrovision Corporation]
       
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
       
    
       
        
           [(Verified)Microsoft Windows Hardware Compatibility Publisher]
         
    
         
          
             [SigmaTel, Inc.]
           
    
           
            
               [Intel Corporation]
             
    
             
              
                 []
               
    
               
                
                   [Sonic Solutions]
                 
    
                 
                  
                     [(Verified)Macrovision Corporation]
                   
    
                   
                    <"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start>  [(Verified)Macrovision Corporation]
                    
    
                    
                     <"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup>  [(Verified)Google Inc]
                     
    
                     
                      
                         [Hewlett-Packard]
                       
    
                       
                        <"C:\Program Files\Spyware Doctor\pctsTray.exe">  [(Verified)PC Tools]
                        
    
                        
                         
                            [Hewlett-Packard]
                          
    
                          
                           <"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [(Verified)"RealNetworks, Inc."]
                           
    
                           
                            <"C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe">  [(Verified)"Sun Microsystems, Inc."]
                            
    
                            
                             <"C:\Program Files\QuickTime\qttask.exe" -atboottime>  [Apple Inc.]
                             
    
                             
                              <"C:\Program Files\iTunes\iTunesHelper.exe">  [(Verified)Apple Inc.]
                              
    
                              
                               
                                  [(Verified)Apple Inc.]
                                
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
                                
    
                                
                                 
                                    [(Verified)Microsoft Windows Component Publisher]
                                  
    
                                  
                                   
                                      [(Verified)Microsoft Windows Publisher]
                                    
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
                                    
    
                                    
                                     
                                        [Google]
                                      
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
                                      
    
                                      
                                       
                                          [(Verified)Microsoft Windows Publisher]
                                        
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
                                        
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}>
                                        
                                           [(Verified)Microsoft Windows Component Publisher]
                                         
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
                                         
    
                                         
                                          <%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
                                          
    
                                          
                                           <%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
                                           
    
                                           
                                            
                                               [(Verified)Microsoft Windows]
                                             
    
                                             
                                              <%systemroot%\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
                                              
    
                                              
                                               
                                                  [(Verified)Microsoft Windows Publisher]
                                                
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
                                                
    
                                                
                                                 
                                                    [(Verified)Microsoft Windows Publisher]
                                                  
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
                                                  
    
                                                  
                                                   
                                                      [(Verified)Microsoft Windows Publisher]
                                                    
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
                                                    
    
                                                    
                                                     
                                                        [(Verified)Microsoft Windows Publisher]
                                                      
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
                                                      
    
                                                      
                                                       
                                                          [(Verified)Microsoft Windows Publisher]
                                                        
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
                                                        
    
                                                        
                                                         
                                                            [(Verified)Microsoft Windows Publisher]
                                                          
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
                                                          
    
                                                          
                                                           
                                                              [(Verified)Microsoft Windows Publisher]
                                                            
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
                                                            
    
                                                            
                                                             
                                                                [(Verified)Microsoft Windows Publisher]
                                                              
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
                                                              
    
                                                              
                                                               
                                                                  [(Verified)Microsoft Windows Publisher]
                                                                
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
                                                                
    
                                                                
                                                                 
                                                                    [(Verified)Microsoft Windows Publisher]
                                                                  
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
                                                                  
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
                                                                  
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
                                                                  
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
                                                                  
    
                                                                  
                                                                   
                                                                      [(Verified)Microsoft Windows]
                                                                    
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{19FB76C6-DBEF-44B5-A053-ECDF5F855A07}]
                                                                    
    
                                                                    
                                                                     
                                                                        [(Verified)Microsoft Windows Component Publisher]
                                                                      
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
                                                                      
    
                                                                      
                                                                       
                                                                          [(Verified)Microsoft Windows Component Publisher]
                                                                        
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
                                                                        
    
                                                                        
                                                                         
                                                                            [(Verified)Microsoft Windows Component Publisher]
                                                                          
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
                                                                          
    
                                                                          
                                                                           <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
                                                                           
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
                                                                           
    
                                                                           
                                                                            <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
                                                                            
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
                                                                            
    
                                                                            
                                                                             <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
                                                                             
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
                                                                             
    
                                                                             
                                                                              
                                                                                 [(Verified)Microsoft Windows Publisher]
                                                                               
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
                                                                               
    
                                                                               
                                                                                
                                                                                   [(Verified)Microsoft Windows Publisher]
                                                                                 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
                                                                                 
    
                                                                                 
                                                                                  
                                                                                     [(Verified)Microsoft Windows Component Publisher]
                                                                                   
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
                                                                                   
    
                                                                                  
                                                                                 
                                                                                
                                                                               
                                                                              
                                                                             
                                                                            
                                                                           
                                                                          
                                                                         
                                                                        
                                                                       
                                                                      
                                                                     
                                                                    
                                                                   
                                                                  
                                                                 
                                                                
                                                               
                                                              
                                                             
                                                            
                                                           
                                                          
                                                         
                                                        
                                                       
                                                      
                                                     
                                                    
                                                   
                                                  
                                                 
                                                
                                               
                                              
                                             
                                            
                                           
                                          
                                         
                                        
                                       
                                      
                                     
                                    
                                   
                                  
                                 
                                
                               
                              
                             
                            
                           
                          
                         
                        
                       
                      
                     
                    
                   
                  
                 
                
               
              
             
            
           
          
         
        
       
      
     
    
   
<"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    
   
    
       [(Verified)Microsoft Windows Publisher]
     
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
     
    
     
      
         [(Verified)Microsoft Windows Component Publisher]
       
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
       
    
       
        
           [(Verified)Microsoft Corporation]
         
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}]
         
    
         
          
             [(Verified)Microsoft Windows Publisher]
           
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
           
    
           
            
               [File is missing]
             
 
             
==================================
Startup Folders
[Adobe Reader Speed Launch]
  
              
                C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]>
               
                
[Digital Line Detect]
                
  
                
                  C:\PROGRA~1\DIGITA~1\DLG.exe [BVRP Software]>
                 
                  
[HP Digital Imaging Monitor]
                  
  
                  
                    C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [Hewlett-Packard Co.]>
                   
                    
[LaunchU3.exe]
                    
  
                    
                      C:\WINDOWS\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe [N/A]>
                     
                      
[Wireless USB 2.0 WLAN Card Utility]
                      
  
                      
                        C:\PROGRA~1\DELLWI~1\PRISMCFG.exe [Dell Inc.]>
                       
                        
[HotSync Manager]
                        
  
                        
                          C:\PROGRA~1\palmOne\HOTSYNC.EXE [Palm, Inc.]>
                         
                        
                       
                      
                     
                    
                   
                  
                 
                
               
              
 
             
==================================
Services
[Application Management / AppMgmt][Stopped/Manual Start]
  
              
               %SystemRoot%\System32\appmgmts.dll>
               
                
[Bonjour Service / Bonjour Service][Running/Auto Start]
                
  <"C:\Program Files\Bonjour\mDNSResponder.exe">
                
                 
[Symantec Event Manager / ccEvtMgr][Stopped/Auto Start]
                 
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><(File is missing)>
                 
[Symantec Settings Manager / ccSetMgr][Stopped/Auto Start]
                 
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><(File is missing)>
                 
[DSBrokerService / DSBrokerService][Stopped/Manual Start]
                 
  <"C:\Program Files\DellSupport\brkrsvc.exe"><>
                 
[dvpapi / dvpapi][Running/Auto Start]
                 
  <"C:\Program Files\Common Files\Command Software\dvpapi.exe">
                 
                 
[getPlus(R) Helper / getPlus(R) Helper][Stopped/Manual Start]
                 
  
                 
                  
                   
[Google Desktop Manager 5.9.911.3589 / GoogleDesktopManager-110309-193829][Stopped/Manual Start]
                   
  <"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe">
                   
                    
[Google Software Updater / gusvc][Stopped/Manual Start]
                    
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe">
                    
                     
[hpqcxs08 / hpqcxs08][Running/Manual Start]
                     
  
                     
                      C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll>
                      
                       
[HP CUE DeviceDiscovery Service / hpqddsvc][Running/Auto Start]
                       
  
                       
                        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll>
                        
                         
[Intel(R) Matrix Storage Event Monitor / IAANTMON][Running/Auto Start]
                         
  
                         
                          
                           
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
                           
  <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe">
                           
                            
[iPod Service / iPod Service][Running/Manual Start]
                            
  <"C:\Program Files\iPod\bin\iPodService.exe">
                            
                             
[LiveUpdate Notice Service / LiveUpdate Notice Service][Stopped/Disabled]
                             
  <"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll"><(File is missing)>
                             
[Net Driver HPZ12 / Net Driver HPZ12][Running/Auto Start]
                             
  
                             
                              C:\WINDOWS\system32\HPZinw12.dll>
                              
                               
[Norton Protection Center Service / NSCService][Stopped/Manual Start]
                               
  <"C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE"><(File is missing)>
                               
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
                               
  
                               
                                
                                 
[Pml Driver HPZ12 / Pml Driver HPZ12][Running/Auto Start]
                                 
  
                                 
                                  C:\WINDOWS\system32\HPZipm12.dll>
                                  
                                   
[PRISMSVC / PRISMSVC][Stopped/Disabled]
                                   
  
                                   
                                    
                                     
[LiveShare P2P Server 9 / RoxLiveShare9][Stopped/Auto Start]
                                     
  <"C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe"><(File is missing)>
                                     
[PC Tools Auxiliary Service / sdAuxService][Running/Auto Start]
                                     
  
                                     
                                      
                                       
[PC Tools Security Service / sdCoreService][Running/Auto Start]
                                       
  
                                       
                                        
                                         
[Symantec Network Drivers Service / SNDSrvc][Stopped/Auto Start]
                                         
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><(File is missing)>
                                         
[ThreatFire / ThreatFire][Running/Manual Start]
                                         
  
                                         
                                          
                                           
[Wyeke Service / Wyeke Service][Stopped/Disabled]
                                           
  <"C:\Documents and Settings\All Users\Application Data\Wyeke\wyeke127.exe" "C:\Program Files\Wyeke\wyeke.dll" Service><(File is missing)>
                                           
[Yahoo! Updater / YahooAUService][Running/Auto Start]
                                           
  <"C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe">
                                           
                                          
                                         
                                        
                                       
                                      
                                     
                                    
                                   
                                  
                                 
                                
                               
                              
                             
                            
                           
                          
                         
                        
                       
                      
                     
                    
                   
                  
                 
                
               
              
 
             
==================================
Drivers
[AEGIS Protocol (IEEE 802.1x) v3.1.0.0 / AegisP][Running/Auto Start]
  
              
               
                
[AliIde / AliIde][Stopped/Disabled]
                
  <\SystemRoot\system32\DRIVERS\aliide.sys>
                
                 
[AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled]
                 
  <\SystemRoot\system32\DRIVERS\amdagp.sys>
                 
                  
[asc / asc][Stopped/Disabled]
                  
  <\SystemRoot\system32\DRIVERS\asc.sys>
                  
                   
[asc3550 / asc3550][Stopped/Disabled]
                   
  <\SystemRoot\system32\DRIVERS\asc3550.sys>
                   
                    
[bdfm / bdfm][Running/Manual Start]
                    
  <2 - The system cannot find the file specified.
                    
>
                    
                     
[bdfsfltr / bdfsfltr][Running/]
                     
  <2 - The system cannot find the file specified.
                     
>
                     
                      
[BVRPMPR5 NDIS Protocol Driver / BVRPMPR5][Stopped/Manual Start]
                      
  <\??\C:\WINDOWS\system32\drivers\BVRPMPR5.SYS>
                      
                       
[CmdIde / CmdIde][Stopped/Disabled]
                       
  <\SystemRoot\system32\DRIVERS\cmdide.sys>
                       
                        
[CSS DVP / CSS DVP][Running/Auto Start]
                        
  
                        
                         
                         
[dac2w2k / dac2w2k][Stopped/Disabled]
                         
  <\SystemRoot\system32\DRIVERS\dac2w2k.sys>
                         
                          
[Dell TrueMobile 1300 USB2.0 WLAN Card Driver / DELL_A02][Stopped/Manual Start]
                          
  
                          
                           
                            
[DLABOIOM / DLABOIOM][Running/Auto Start]
                            
  
                            
                             
                              
[DLACDBHM / DLACDBHM][Running/System Start]
                              
  
                              
                               
                                
[DLADResN / DLADResN][Running/Auto Start]
                                
  
                                
                                 
                                  
[DLAIFS_M / DLAIFS_M][Running/Auto Start]
                                  
  
                                  
                                   
                                    
[DLAOPIOM / DLAOPIOM][Running/Auto Start]
                                    
  
                                    
                                     
                                      
[DLAPoolM / DLAPoolM][Running/Auto Start]
                                      
  
                                      
                                       
                                        
[DLARTL_N / DLARTL_N][Running/System Start]
                                        
  
                                        
                                         
                                          
[DLAUDFAM / DLAUDFAM][Running/Auto Start]
                                          
  
                                          
                                           
                                            
[DLAUDF_M / DLAUDF_M][Running/Auto Start]
                                            
  
                                            
                                             
                                              
[DRVMCDB / DRVMCDB][Running/Boot Start]
                                              
  <\SystemRoot\System32\Drivers\DRVMCDB.SYS>
                                              
                                               
[DRVNDDM / DRVNDDM][Running/Auto Start]
                                               
  
                                               
                                                
                                                 
[DSproct / DSproct][Stopped/Manual Start]
                                                 
  <\??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys>
                                                 
                                                  
[DellSupport UniDriver / dsunidrv][Running/Auto Start]
                                                  
  
                                                  
                                                   
                                                    
[Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start]
                                                    
  
                                                    
                                                     
                                                      
[Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Running/Manual Start]
                                                      
  
                                                      
                                                       
                                                        
[GEAR ASPI Filter Driver / GEARAspiWDM][Running/Manual Start]
                                                        
  
                                                        
                                                         
                                                          
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
                                                          
  
                                                          
                                                           
                                                            
[IEEE-1284.4 Driver HPZid412 / HPZid412][Stopped/Manual Start]
                                                            
  
                                                            
                                                             
                                                              
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Stopped/Manual Start]
                                                              
  
                                                              
                                                               
                                                                
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Stopped/Manual Start]
                                                                
  
                                                                
                                                                 
                                                                  
[HSFHWBS2 / HSFHWBS2][Running/Manual Start]
                                                                  
  
                                                                  
                                                                   
                                                                    
[HSF_DP / HSF_DP][Running/Manual Start]
                                                                    
  
                                                                    
                                                                     
                                                                      
[Intel RAID Controller / iaStor][Running/Boot Start]
                                                                      
  <\SystemRoot\system32\drivers\iaStor.sys>
                                                                      
                                                                       
[mdmxsdk / mdmxsdk][Running/Auto Start]
                                                                       
  
                                                                       
                                                                        
                                                                         
[mraid35x / mraid35x][Stopped/Disabled]
                                                                         
  <\SystemRoot\system32\DRIVERS\mraid35x.sys>
                                                                         
                                                                          
[Nal Service  / NAL][Stopped/Manual Start]
                                                                          
  <\??\C:\WINDOWS\system32\Drivers\iqvw32.sys>
                                                                          
                                                                           
[nv / nv][Running/Manual Start]
                                                                           
  
                                                                           
                                                                            
                                                                             
[PalmUSBD / PalmUSBD][Stopped/Manual Start]
                                                                             
  
                                                                             
                                                                              
                                                                               
[PCTools KDS / PCTCore][Running/Boot Start]
                                                                               
  <\SystemRoot\system32\drivers\PCTCore.sys>
                                                                               
                                                                                
[pctgntdi / pctgntdi][Running/System Start]
                                                                                
  <\??\C:\WINDOWS\system32\drivers\pctgntdi.sys>
                                                                                
                                                                                 
[pctplsg / pctplsg][Running/Manual Start]
                                                                                 
  <\??\C:\WINDOWS\system32\drivers\pctplsg.sys>
                                                                                 
                                                                                  
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
                                                                                  
  
                                                                                  
                                                                                   
                                                                                    
[PxHelp20 / PxHelp20][Running/Boot Start]
                                                                                    
  <\SystemRoot\System32\Drivers\PxHelp20.sys>
                                                                                    
                                                                                     
[ql1080 / ql1080][Stopped/Disabled]
                                                                                     
  <\SystemRoot\system32\DRIVERS\ql1080.sys>
                                                                                     
                                                                                      
[ql12160 / ql12160][Stopped/Disabled]
                                                                                      
  <\SystemRoot\system32\DRIVERS\ql12160.sys>
                                                                                      
                                                                                       
[ql1280 / ql1280][Stopped/Disabled]
                                                                                       
  <\SystemRoot\system32\DRIVERS\ql1280.sys>
                                                                                       
                                                                                        
[BlackBerry Smartphone / RimUsb][Stopped/Manual Start]
                                                                                        
  
                                                                                        
                                                                                         
                                                                                          
[RIM Virtual Serial Port v2 / RimVSerPort][Stopped/Manual Start]
                                                                                          
  
                                                                                          
                                                                                           
                                                                                            
[Secdrv / Secdrv][Stopped/Manual Start]
                                                                                            
  
                                                                                            
                                                                                             
                                                                                              
[SIS AGP Bus Filter / sisagp][Stopped/Disabled]
                                                                                              
  <\SystemRoot\system32\DRIVERS\sisagp.sys>
                                                                                              
                                                                                               
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
                                                                                               
  
                                                                                               
                                                                                                
                                                                                                 
[Sparrow / Sparrow][Stopped/Disabled]
                                                                                                 
  <\SystemRoot\system32\DRIVERS\sparrow.sys>
                                                                                                 
                                                                                                  
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
                                                                                                  
  
                                                                                                  
                                                                                                   
                                                                                                    
[symc810 / symc810][Stopped/Disabled]
                                                                                                    
  <\SystemRoot\system32\DRIVERS\symc810.sys>
                                                                                                    
                                                                                                     
[symc8xx / symc8xx][Stopped/Disabled]
                                                                                                     
  <\SystemRoot\system32\DRIVERS\symc8xx.sys>
                                                                                                     
                                                                                                      
[SYMDNS / SYMDNS][Stopped/Manual Start]
                                                                                                      
  <\SystemRoot\System32\Drivers\SYMDNS.SYS>
                                                                                                      
                                                                                                       
[SymEvent / SymEvent][Running/Manual Start]
                                                                                                       
  <\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS>
                                                                                                       
                                                                                                        
[SYMFW / SYMFW][Stopped/Manual Start]
                                                                                                        
  <\SystemRoot\System32\Drivers\SYMFW.SYS>
                                                                                                        
                                                                                                         
[SYMIDS / SYMIDS][Stopped/Manual Start]
                                                                                                         
  <\SystemRoot\System32\Drivers\SYMIDS.SYS>
                                                                                                         
                                                                                                          
[symlcbrd / symlcbrd][Running/Auto Start]
                                                                                                          
  <\??\C:\WINDOWS\system32\drivers\symlcbrd.sys>
                                                                                                          
                                                                                                           
[SYMNDIS / SYMNDIS][Stopped/Manual Start]
                                                                                                           
  <\SystemRoot\System32\Drivers\SYMNDIS.SYS>
                                                                                                           
                                                                                                            
[SYMREDRV / SYMREDRV][Stopped/Manual Start]
                                                                                                            
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS>
                                                                                                            
                                                                                                             
[SYMTDI / SYMTDI][Running/System Start]
                                                                                                             
  <\SystemRoot\System32\Drivers\SYMTDI.SYS>
                                                                                                             
                                                                                                              
[sym_hi / sym_hi][Stopped/Disabled]
                                                                                                              
  <\SystemRoot\system32\DRIVERS\sym_hi.sys>
                                                                                                              
                                                                                                               
[sym_u3 / sym_u3][Stopped/Disabled]
                                                                                                               
  <\SystemRoot\system32\DRIVERS\sym_u3.sys>
                                                                                                               
                                                                                                                
[TfFsMon / TfFsMon][Running/Boot Start]
                                                                                                                
  <\SystemRoot\system32\drivers\TfFsMon.sys>
                                                                                                                
                                                                                                                 
[TfNetMon / TfNetMon][Running/Manual Start]
                                                                                                                 
  <\??\C:\WINDOWS\system32\drivers\TfNetMon.sys>
                                                                                                                 
                                                                                                                  
[TfSysMon / TfSysMon][Running/Boot Start]
                                                                                                                  
  <\SystemRoot\system32\drivers\TfSysMon.sys>
                                                                                                                  
                                                                                                                   
[ultra / ultra][Stopped/Disabled]
                                                                                                                   
  <\SystemRoot\system32\DRIVERS\ultra.sys>
                                                                                                                   
                                                                                                                    
[Apple Mobile USB Driver / USBAAPL][Stopped/Manual Start]
                                                                                                                    
  
                                                                                                                    
                                                                                                                     
                                                                                                                      
[wbefe / wbefe][Stopped/Boot Start]
                                                                                                                      
  <\SystemRoot\system32\drivers\feahi.sys>
                                                                                                                      
                                                                                                                       
[winachsf / winachsf][Running/Manual Start]
                                                                                                                       
  
                                                                                                                       
                                                                                                                        
                                                                                                                         
[BDSelfPr / BDSelfPr][Running/System Start]
                                                                                                                         
  <2 - The system cannot find the file specified.
                                                                                                                         
>
                                                                                                                         
                                                                                                                        
                                                                                                                       
                                                                                                                      
                                                                                                                     
                                                                                                                    
                                                                                                                   
                                                                                                                  
                                                                                                                 
                                                                                                                
                                                                                                               
                                                                                                              
                                                                                                             
                                                                                                            
                                                                                                           
                                                                                                          
                                                                                                         
                                                                                                        
                                                                                                       
                                                                                                      
                                                                                                     
                                                                                                    
                                                                                                   
                                                                                                  
                                                                                                 
                                                                                                
                                                                                               
                                                                                              
                                                                                             
                                                                                            
                                                                                           
                                                                                          
                                                                                         
                                                                                        
                                                                                       
                                                                                      
                                                                                     
                                                                                    
                                                                                   
                                                                                  
                                                                                 
                                                                                
                                                                               
                                                                              
                                                                             
                                                                            
                                                                           
                                                                          
                                                                         
                                                                        
                                                                       
                                                                      
                                                                     
                                                                    
                                                                   
                                                                  
                                                                 
                                                                
                                                               
                                                              
                                                             
                                                            
                                                           
                                                          
                                                         
                                                        
                                                       
                                                      
                                                     
                                                    
                                                   
                                                  
                                                 
                                                
                                               
                                              
                                             
                                            
                                           
                                          
                                         
                                        
                                       
                                      
                                     
                                    
                                   
                                  
                                 
                                
                               
                              
                             
                            
                           
                          
                         
                        
                       
                      
                     
                    
                   
                  
                 
                
               
              
 
             
==================================
Browser Add-ons
[&Yahoo! Toolbar Helper]
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} 
              
               
[RealPlayer Download and Record Plugin for Internet Explorer]
               
  {3049C3E9-B461-4BC5-8870-4C09146192CA} 
               
                
[SSVHelper Class]
                
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} 
                
                 
[Google Toolbar Helper]
                 
  {AA58ED58-01DD-4d91-8333-CF10577473F7} 
                 
                  
[Google Toolbar Notifier BHO]
                  
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} 
                  
                   
[TBSB00781 Class]
                   
  {B5DB3E09-CA5B-4419-A3F3-B559708244C9} 
                   
                    
[SingleInstance Class]
                    
  {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} 
                    
                     
[Java Plug-in 1.6.0_07]
                     
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} 
                     
                      
[]
                      
  {85d1f590-48f4-11d9-9669-0800200c9a66} <%windir%\bdoscandel.exe, N/A>
                      
[&Research]
                      
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} 
                      
                       
[ClipBookBtn Class]
                       
  {DDE87865-83C5-48c4-8357-2F5B1AA84522} 
                       
                        
[Messenger]
                        
  {FB5F1910-F110-11d2-BB9E-00C04F795683} 
                        
                         
[Yahoo! Toolbar]
                         
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} 
                         
                          
[Google Toolbar]
                          
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} 
                          
                           
[Support.com Configuration Class]
                           
  {01113300-3E00-11D2-8470-0060089874ED} 
                           
                            
[]
                            
  {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} <, >
                            
[Installation Support]
                            
  {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} 
                            
                             
[MySpace Uploader Control]
                             
  {48DD0448-9209-4F81-9F6D-D83562940134} 
                             
                              
[Slide Image Uploader Control]
                              
  {55027008-315F-4F45-BBC3-8BE119764741} 
                              
                               
[BDSCANONLINE Control]
                               
  {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} 
                               
                                
[Facebook Photo Uploader 5 Control]
                                
  {8100D56A-5661-482C-BEE8-AFECE305D968} 
                                
                                 
[Java Plug-in 1.6.0_07]
                                 
  {8AD9C840-044E-11D1-B3E9-00805F499D93} 
                                 
                                  
[]
                                  
  {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
                                  
[Java Plug-in 1.6.0_07]
                                  
  {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} 
                                  
                                   
[Java Plug-in 1.6.0_07]
                                   
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} 
                                   
                                    
[get_atlcom Class]
                                    
  {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} 
                                    
                                     
[Shockwave Flash Object]
                                     
  {D27CDB6E-AE6D-11CF-96B8-444553540000} 
                                     
                                      
[]
                                      
  {00000000-0000-0000-0000-000000000000} <, >
                                      
[Microsoft Outlook 8.0 Object Library]
                                      
  {0006F033-0000-0000-C000-000000000046} <, >
                                      
[Microsoft Office Outlook]
                                      
  {0006F03A-0000-0000-C000-000000000046} <, >
                                      
[]
                                      
  {00A6FAF1-072E-44CF-8957-5838F569A31D} <, >
                                      
[]
                                      
  {00A6FAF6-072E-44CF-8957-5838F569A31D} <, >
                                      
[Google Script Object]
                                      
  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} 
                                      
                                       
[Support.com Configuration Class]
                                       
  {01113300-3E00-11D2-8470-0060089874ED} 
                                       
                                        
[&Yahoo! Toolbar Helper]
                                        
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} 
                                        
                                         
[Microsoft Office Template and Media Control]
                                         
  {02BCC737-B171-4746-94C9-0D8A0B2C0089} 
                                         
                                          
[QuickTime Object]
                                          
  {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} 
                                          
                                           
[]
                                           
  {0347C33E-8762-4905-BF09-768834316C61} <, >
                                           
[Adobe PDF Reader Link Helper]
                                           
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} 
                                           
                                            
[]
                                            
  {07B18EA1-A523-4961-B6BB-170DE4475CCA} <, >
                                            
[]
                                            
  {07B18EA9-A523-4961-B6BB-170DE4475CCA} <, >
                                            
[]
                                            
  {07B18EAB-A523-4961-B6BB-170DE4475CCA} <, >
                                            
[]
                                            
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
                                            
[]
                                            
  {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} <, >
                                            
[]
                                            
  {0CCA191D-13A6-4E29-B746-314DEE697D83} <, >
                                            
[PeerDraw Class]
                                            
  {10072CEC-8CC1-11D1-986E-00A0C955B42E} <%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll, (Signed) N/A>
                                            
[]
                                            
  {166B1BCA-3F9C-11CF-8075-444553540000} <, >
                                            
[InformationCardSigninHelper Class]
                                            
  {19916E01-B44E-4E31-94A4-4696DF46157B} 
                                            
                                             
[]
                                             
  {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} <, >
                                             
[]
                                             
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <, >
                                             
[Windows Media Player]
                                             
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} 
                                             
                                              
[]
                                              
  {22F91F7D-B945-47AA-9C3E-B7DA5F642425} <, >
                                              
[Google Toolbar]
                                              
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} 
                                              
                                               
[]
                                               
  {233C1507-6A77-46A4-9443-F871F945D258} <, >
                                               
[HTML Document]
                                               
  {25336920-03F9-11CF-8FD0-00AA00686F13} 
                                               
                                                
[]
                                                
  {2854FFCC-5CE4-44B5-AE5A-499DCEB06722} <, >
                                                
[XML DOM Document]
                                                
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
                                                
[XSL Template]
                                                
  {2933BF94-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
                                                
[DHTML Edit Control Safe for Scripting for IE5]
                                                
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} 
                                                
                                                 
[]
                                                 
  {2F8D887E-0D87-406D-B49C-5D266D4F6A84} <, >
                                                 
[RealPlayer Download and Record Plugin for Internet Explorer]
                                                 
  {3049C3E9-B461-4BC5-8870-4C09146192CA} 
                                                 
                                                  
[HtmlDlgSafeHelper Class]
                                                  
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} 
                                                  
                                                   
[Installation Support]
                                                   
  {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} 
                                                   
                                                    
[Tabular Data Control]
                                                    
  {333C7BC4-460F-11D0-BC04-0080C7055A83} 
                                                    
                                                     
[]
                                                     
  {3409D821-DA0F-4702-B6E6-8785472755FF} <, >
                                                     
[IETag Factory]
                                                     
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} 
                                                     
                                                      
[]
                                                      
  {3AA42713-5C1E-48E2-B432-D8BF420DD31D} <, >
                                                      
[]
                                                      
  {3DC201FB-E9C9-499C-A11F-23C360D7C3F8} <, >
                                                      
[QuickTime Object]
                                                      
  {4063BE15-3B08-470D-A0D5-B37161CFFD69} 
                                                      
                                                       
[]
                                                       
  {45C0EF64-B710-49FD-A985-C5F98BF9C2E3} <, >
                                                       
[XML Document]
                                                       
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
                                                       
[MySpace Uploader Control]
                                                       
  {48DD0448-9209-4F81-9F6D-D83562940134} 
                                                       
                                                        
[]
                                                        
  {4945E3FB-7814-4055-A2C4-C4F605F24EA1} <, >
                                                        
[Slide Image Uploader Control]
                                                        
  {55027008-315F-4F45-BBC3-8BE119764741} 
                                                        
                                                         
[Shell Name Space]
                                                         
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} 
                                                         
                                                          
[isInstalled Class]
                                                          
  {5852F5ED-8BF4-11D4-A245-0080C6F74284} 
                                                          
                                                           
[]
                                                           
  {5CA3D70E-1895-11CF-8E15-001234567890} <, >
                                                           
[BDSCANONLINE Control]
                                                           
  {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} 
                                                           
                                                            
[WUWebControl Class]
                                                            
  {6414512B-B978-451D-A0D8-FCFDF33E833C} 
                                                            
                                                             
[Microsoft Shell UI Helper]
                                                             
  {64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} 
                                                             
                                                              
[]
                                                              
  {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} <, >
                                                              
[Windows Media Player]
                                                              
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} 
                                                              
                                                               
[MUWebControl Class]
                                                               
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} 
                                                               
                                                                
[]
                                                                
  {6FDB0F70-76D4-4275-AF97-49ADC4204CF9} <, >
                                                                
[Active Desktop Mover]
                                                                
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
                                                                
[SSVHelper Class]
                                                                
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} 
                                                                
                                                                 
[]
                                                                 
  {7B463A3B-702A-4244-B484-F5DFFD87991E} <, >
                                                                 
[]
                                                                 
  {7DFDF1F6-63C4-46FA-AEF1-4C8A88A9BA59} <, >
                                                                 
[Facebook Photo Uploader 5 Control]
                                                                 
  {8100D56A-5661-482C-BEE8-AFECE305D968} 
                                                                 
                                                                  
[]
                                                                  
  {85D1F590-48F4-11D9-9669-0800200C9A66} <, >
                                                                  
[Microsoft Web Browser]
                                                                  
  {8856F961-340A-11D0-A96B-00C04FD705A2} 
                                                                  
                                                                   
[XML DOM Document 4.0]
                                                                   
  {88D969C0-F192-11D4-A65F-0040963251E5} 
                                                                   
                                                                    
[Free Threaded XML DOM Document 4.0]
                                                                    
  {88D969C1-F192-11D4-A65F-0040963251E5} 
                                                                    
                                                                     
[XSL Template 4.0]
                                                                     
  {88D969C3-F192-11D4-A65F-0040963251E5} 
                                                                     
                                                                      
[XML HTTP 4.0]
                                                                      
  {88D969C5-F192-11D4-A65F-0040963251E5} 
                                                                      
                                                                       
[XML DOM Document 5.0]
                                                                       
  {88D969E5-F192-11D4-A65F-0040963251E5} 
                                                                       
                                                                        
[Free Threaded XML DOM Document 5.0]
                                                                        
  {88D969E6-F192-11D4-A65F-0040963251E5} 
                                                                        
                                                                         
[XSL Template 5.0]
                                                                         
  {88D969E8-F192-11D4-A65F-0040963251E5} 
                                                                         
                                                                          
[XML HTTP 5.0]
                                                                          
  {88D969EA-F192-11D4-A65F-0040963251E5} 
                                                                          
                                                                           
[XML DOM Document 6.0]
                                                                           
  {88D96A05-F192-11D4-A65F-0040963251E5} 
                                                                           
                                                                            
[Free Threaded XML DOM Document 6.0]
                                                                            
  {88D96A06-F192-11D4-A65F-0040963251E5} 
                                                                            
                                                                             
[XSL Template 6.0]
                                                                             
  {88D96A08-F192-11D4-A65F-0040963251E5} 
                                                                             
                                                                              
[XML HTTP 6.0]
                                                                              
  {88D96A0A-F192-11D4-A65F-0040963251E5} 
                                                                              
                                                                               
[Java Plug-in 1.6.0_07]
                                                                               
  {8AD9C840-044E-11D1-B3E9-00805F499D93} 
                                                                               
                                                                                
[RegConfig Class]
                                                                                
  {8B7D2210-CC81-4F59-A486-4409FB485D4A} 
                                                                                
                                                                                 
[DEGetBlockFmtNamesParam Class]
                                                                                 
  {8D91090E-B955-11D1-ADC5-006008A5848C} 
                                                                                 
                                                                                  
[]
                                                                                  
  {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
                                                                                  
[SharePoint OpenDocuments Class]
                                                                                  
  {9203C2CB-1DC1-482D-967E-597AFF270F0D} 
                                                                                  
                                                                                   
[]
                                                                                   
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
                                                                                   
[]
                                                                                   
  {96A8A821-336C-43F8-9A6F-F87528A234E6} <, >
                                                                                   
[]
                                                                                   
  {9B61E9A7-6E4E-44E9-BAAC-A6B4180A7F3D} <, >
                                                                                   
[]
                                                                                   
  {9C23D886-43CB-43DE-B2DB-112A68D7E10A} <, >
                                                                                   
[]
                                                                                   
  {9ECB9560-04F9-4BBC-943D-298DDF1699E1} <, >
                                                                                   
[]
                                                                                   
  {9ED353B2-5E4E-44BD-A57A-E77C3711BC64} <, >
                                                                                   
[IETimeBehaviorFactory Class]
                                                                                   
  {A4639D29-774E-11D3-A490-00C04F6843FB} 
                                                                                   
                                                                                    
[IEAnimBehaviorFactory Class]
                                                                                    
  {A4639D2F-774E-11D3-A490-00C04F6843FB} 
                                                                                    
                                                                                     
[]
                                                                                     
  {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} <, >
                                                                                     
[MySpaceIMPlugin Class]
                                                                                     
  {A9F9D2D4-3162-49FC-8E3C-2D32C4FAD6CF} 
                                                                                     
                                                                                      
[RMGetLicense Class]
                                                                                      
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} 
                                                                                      
                                                                                       
[Google Toolbar Helper]
                                                                                       
  {AA58ED58-01DD-4D91-8333-CF10577473F7} 
                                                                                       
                                                                                        
[Google Toolbar Notifier BHO]
                                                                                        
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} 
                                                                                        
                                                                                         
[]
                                                                                         
  {B2F4E835-9068-4E7A-B532-C575311B72B2} <, >
                                                                                         
[AxVersion Control]
                                                                                         
  {B3E658DF-D425-430C-82C2-D54295915020} 
                                                                                         
                                                                                          
[SearchAssistantOC]
                                                                                          
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
                                                                                          
[TBSB00781 Class]
                                                                                          
  {B5DB3E09-CA5B-4419-A3F3-B559708244C9} 
                                                                                          
                                                                                           
[RDS.DataSpace]
                                                                                           
  {BD96C556-65A3-11D0-983A-00C04FC29E36} 
                                                                                           
                                                                                            
[SharePoint Spreadsheet Launcher]
                                                                                            
  {BDEADE9E-C265-11D0-BCED-00A0C90AB50F} 
                                                                                            
                                                                                             
[SharePoint Stssync Handler]
                                                                                             
  {BDEADEF5-C265-11D0-BCED-00A0C90AB50F} 
                                                                                             
                                                                                              
[]
                                                                                              
  {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} <, >
                                                                                              
[]
                                                                                              
  {C4069E3A-68F1-403E-B40E-20066696354B} <, >
                                                                                              
[]
                                                                                              
  {C6CD4A84-A081-4958-BBC0-AA7E692621FF} <, >
                                                                                              
[]
                                                                                              
  {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} <, >
                                                                                              
[Microsoft Office 12 Authorization Control]
                                                                                              
  {C9712B19-838B-45A5-ABF2-9A315DDDED50} 
                                                                                              
                                                                                               
[]
                                                                                               
  {CA6319C0-31B7-401E-A518-A07C3DB8F777} <, >
                                                                                               
[Adobe PDF Reader]
                                                                                               
  {CA8A9780-280D-11CF-A24D-444553540000} 
                                                                                               
                                                                                                
[Java Plug-in 1.5.0_10]
                                                                                                
  {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} 
                                                                                                
                                                                                                 
[AUDIO__MP3 Moniker Class]
                                                                                                 
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} 
                                                                                                 
                                                                                                  
[AUDIO__X_MS_WMA Moniker Class]
                                                                                                  
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} 
                                                                                                  
                                                                                                   
[VIDEO__X_MS_ASF Moniker Class]
                                                                                                   
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} 
                                                                                                   
                                                                                                    
[VIDEO__X_MS_WMV Moniker Class]
                                                                                                    
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} 
                                                                                                    
                                                                                                     
[get_atlcom Class]
                                                                                                     
  {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} 
                                                                                                     
                                                                                                      
[Microsoft Url Search Hook]
                                                                                                      
  {CFBFAE00-17A6-11D0-99CB-00C04FD64497} 
                                                                                                      
                                                                                                       
[Msxml]
                                                                                                       
  {CFC399AF-D876-11D0-9C10-00C04FC99C8E} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
                                                                                                       
[RealPlayer G2 Control]
                                                                                                       
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} 
                                                                                                       
                                                                                                        
[]
                                                                                                        
  {D05102E2-9DA8-4D6A-A72A-6B5F99B3CFC1} <, >
                                                                                                        
[]
                                                                                                        
  {D0523BB4-21E7-11DD-9AB7-415B56D89593} <, >
                                                                                                        
[Shockwave Flash Object]
                                                                                                        
  {D27CDB6E-AE6D-11CF-96B8-444553540000} 
                                                                                                        
                                                                                                         
[]
                                                                                                         
  {D3D9261A-22F3-4D6A-9A1E-850416C9B357} <, >
                                                                                                         
[Microsoft Agent Control 2.0]
                                                                                                         
  {D45FD31B-5C6E-11D1-9EC1-00C04FD7081F} 
                                                                                                         
                                                                                                          
[Yahoo! Version Info2]
                                                                                                          
  {D5184A39-CBDF-4A4F-AC1A-7A45A852C883} 
                                                                                                          
                                                                                                           
[iTunesDetector Class]
                                                                                                           
  {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} 
                                                                                                           
                                                                                                            
[ClipBookBtn Class]
                                                                                                            
  {DDE87865-83C5-48C4-8357-2F5B1AA84522} 
                                                                                                            
                                                                                                             
[QuickTimeCheck Class]
                                                                                                             
  {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} 
                                                                                                             
                                                                                                              
[]
                                                                                                              
  {E07D22E1-CE3A-487F-B754-8044DBEDB049} <, >
                                                                                                              
[NameCtrl Class]
                                                                                                              
  {E18FEC31-2EA1-49A2-A7A6-902DC0D1FF05} 
                                                                                                              
                                                                                                               
[]
                                                                                                               
  {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} <, >
                                                                                                               
[]
                                                                                                               
  {e3e02f12-2adb-478c-8742-5f0819f9f0f4} <"C:\Documents and Settings\Carlton\Application Data\Move Networks\plugins\npqmp071503000010.dll", N/A>
                                                                                                               
[]
                                                                                                               
  {e473a65c-8087-49a3-affd-c5bc4a10669b} <"C:\Documents and Settings\Carlton\Application Data\Move Networks\plugins\npqmp071503000010.dll", N/A>
                                                                                                               
[WebViewFolderIcon Class]
                                                                                                               
  {E5DF9D10-3B52-11D1-83E8-00A0C90DC849} 
                                                                                                               
                                                                                                                
[XML HTTP Request]
                                                                                                                
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
                                                                                                                
[Yahoo! Toolbar]
                                                                                                                
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} 
                                                                                                                
                                                                                                                 
[XML DOM Document 3.0]
                                                                                                                 
  {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
                                                                                                                 
[Free Threaded XML DOM Document 3.0]
                                                                                                                 
  {F5078F33-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
                                                                                                                 
[XML HTTP 3.0]
                                                                                                                 
  {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
                                                                                                                 
[XSL Template 3.0]
                                                                                                                 
  {F5078F36-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
                                                                                                                 
[XML DOM Document]
                                                                                                                 
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
                                                                                                                 
[Free Threaded XML DOM Document]
                                                                                                                 
  {F6D90F12-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
                                                                                                                 
[XML HTTP]
                                                                                                                 
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
                                                                                                                 
[]
                                                                                                                 
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
                                                                                                                 
[]
                                                                                                                 
  {fc345d4c-b8f4-4674-bff7-3c37d2e535ee} <"C:\Documents and Settings\Carlton\Application Data\Move Networks\plugins\npqmp071503000010.dll", N/A>
                                                                                                                 
[]
                                                                                                                 
  {FCBCCB87-9224-4B8D-B117-F56D924BEB18} <, >
                                                                                                                 
[]
                                                                                                                 
  {fd6484ed-ebe3-4c3d-938a-8238003b41b7} <"C:\Documents and Settings\Carlton\Application Data\Move Networks\plugins\npqmp071503000010.dll", N/A>
                                                                                                                 
[SingleInstance Class]
                                                                                                                 
  {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} 
                                                                                                                 
                                                                                                                  
[]
                                                                                                                  
  {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} <, >
                                                                                                                  
[E&xport to Microsoft Excel]
                                                                                                                  
  
                                                                                                                  
                                                                                                                   
[Google Sidewiki...]
                                                                                                                   
  
                                                                                                                   
                                                                                                                  
                                                                                                                 
                                                                                                                
                                                                                                               
                                                                                                              
                                                                                                             
                                                                                                            
                                                                                                           
                                                                                                          
                                                                                                         
                                                                                                        
                                                                                                       
                                                                                                      
                                                                                                     
                                                                                                    
                                                                                                   
                                                                                                  
                                                                                                 
                                                                                                
                                                                                               
                                                                                              
                                                                                             
                                                                                            
                                                                                           
                                                                                          
                                                                                         
                                                                                        
                                                                                       
                                                                                      
                                                                                     
                                                                                    
                                                                                   
                                                                                  
                                                                                 
                                                                                
                                                                               
                                                                              
                                                                             
                                                                            
                                                                           
                                                                          
                                                                         
                                                                        
                                                                       
                                                                      
                                                                     
                                                                    
                                                                   
                                                                  
                                                                 
                                                                
                                                               
                                                              
                                                             
                                                            
                                                           
                                                          
                                                         
                                                        
                                                       
                                                      
                                                     
                                                    
                                                   
                                                  
                                                 
                                                
                                               
                                              
                                             
                                            
                                           
                                          
                                         
                                        
                                       
                                      
                                     
                                    
                                   
                                  
                                 
                                
                               
                              
                             
                            
                           
                          
                         
                        
                       
                      
                     
                    
                   
                  
                 
                
               
              
 
             
==================================
Running Processes
[PID: 676 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 716 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
[PID: 740 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\TFEngine\TFNI.dll]  [PC Tools, 4.9.3.31]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [, ]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[PID: 796 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 808 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\WINDOWS\system32\PRISMAPI.DLL]  [Conexant Systems, Inc., 2.01.13]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 1012 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 1088 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,6,2]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 1188 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,6,2]
[PID: 1284 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 1364 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
[PID: 1572 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\hpzll3xu.dll]  [Hewlett-Packard Company, 60.051.641.00]
    [C:\WINDOWS\system32\hpz3l5ha.dll]  [Hewlett-Packard Company, 61.071.244.00]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp3xu.dll]  [Hewlett-Packard Corporation, 60.051.641.00]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp5ha.dll]  [Hewlett-Packard Corporation, 61.071.244.00]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,6,2]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 236 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 288 / SYSTEM][C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe]  [Microsoft Corporation, 3.0.7311.0]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 304 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe]  [Apple Inc., 1,0,6,2]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 340 / SYSTEM][C:\Program Files\Common Files\Command Software\dvpapi.exe]  [Command Software Systems, Inc., 4,93,3,51102]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 440 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\hp\digital imaging\bin\hpqddsvc.dll]  [Hewlett-Packard Co., 100.0.190.000]
    [c:\program files\hp\digital imaging\bin\hpqddcmn.dll]  [Hewlett-Packard Co., 100.0.190.000]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [c:\program files\hp\digital imaging\bin\hpqcxs08.dll]  [Hewlett-Packard Co., 100.0.190.000]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll]  [Hewlett-Packard Co., 100.0.196.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll]  [Hewlett-Packard Co., 100.0.196.000]
[PID: 480 / SYSTEM][C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe]  [Intel Corporation, 6.0.1.1002]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 1264 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\hpzinw12.dll]  [Hewlett-Packard, 12,1,1,54]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 1280 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.8268]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 1312 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\hpzipm12.dll]  [Hewlett-Packard, 12,1,1,54]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 1324 / SYSTEM][C:\Program Files\Spyware Doctor\pctsAuxs.exe]  [PC Tools, 6, 1, 0, 12]
    [C:\Program Files\Spyware Doctor\PCTWSC.dll]  [PC Tools, 2, 0, 1, 6]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 1540 / SYSTEM][C:\Program Files\Spyware Doctor\pctsSvc.exe]  [PC Tools, 6.1.0.58]
    [C:\Program Files\Spyware Doctor\rtl100.bpl]  [CodeGear, 11.0.2902.10471]
    [C:\Program Files\Spyware Doctor\vcl100.bpl]  [CodeGear, 11.0.2902.10471]
    [C:\Program Files\Spyware Doctor\SysAccess.dll]  [PC Tools, 6.1.0.9]
    [C:\Program Files\Spyware Doctor\CommOM.dll]  [PC Tools, 6.1.0.23]
    [C:\Program Files\Spyware Doctor\CommLib.dll]  [PC Tools, 6.1.0.0]
    [C:\Program Files\Spyware Doctor\sdcore.dll]  [PC Tools, 6.1.0.10]
    [C:\Program Files\Spyware Doctor\commhlpr.dll]  [PC Tools, 6.1.0.4]
    [C:\Program Files\Spyware Doctor\RegHelper.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\inethlpr.dll]  [PC Tools, 6.1.0.27]
    [C:\Program Files\Spyware Doctor\filehlpr.dll]  [PC Tools, 6.1.0.15]
    [C:\Program Files\Common Files\PC Tools\KDS\KDSInterface.dll]  [PC Tools, 2, 0, 0, 56]
    [C:\Program Files\Spyware Doctor\FileStorage.sdp]  [PC Tools, 6.1.0.1]
    [C:\Program Files\Spyware Doctor\Settings.sdp]  [PC Tools, 6.1.0.1]
    [C:\Program Files\Spyware Doctor\IDBLib.sdp]  [PC Tools, 6.1.0.9]
    [C:\Program Files\Spyware Doctor\SDInfo.sdp]  [PC Tools, 6.1.0.24]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,6,2]
    [C:\Program Files\Spyware Doctor\SDExtra.sdp]  [PC Tools, 6.1.0.29]
    [C:\Program Files\Spyware Doctor\Immunizer.sdp]  [PC Tools, 6.1.0.5]
    [C:\Program Files\Spyware Doctor\Localizer.sdp]  [PC Tools, 6.1.0.5]
    [C:\Program Files\Spyware Doctor\NfyMan.sdp]  [PC Tools, 6.1.0.7]
    [C:\Program Files\Spyware Doctor\quarantine.sdp]  [PC Tools, 6.1.0.6]
    [C:\Program Files\Spyware Doctor\BH.dll]  [PC Tools, 6.1.0.12]
    [C:\Program Files\Spyware Doctor\RebootManager.sdp]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\scaneng.sdp]  [PC Tools, 6.1.0.15]
    [C:\Program Files\Spyware Doctor\SOFactory.sdp]  [PC Tools, 6.1.0.8]
    [C:\Program Files\Spyware Doctor\stasks.sdp]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\SystemMonitor.sdp]  [PC Tools, 6.1.0.72]
    [C:\Program Files\Spyware Doctor\whitelist.sdp]  [PC Tools, 6.1.0.1]
    [C:\Program Files\Spyware Doctor\plugins\Behavior.sdp]  [PC Tools, 6.1.0.22]
    [C:\Program Files\Spyware Doctor\plugins\Browsers.SDP]  [PC Tools, 6.1.0.16]
    [C:\Program Files\Spyware Doctor\plugins\cookie.sdp]  [PC Tools, 6.1.0.4]
    [C:\Program Files\Spyware Doctor\plugins\email.sdp]  [PC Tools, 6.1.0.6]
    [C:\Program Files\Spyware Doctor\PCTMime.dll]  [PC Tools , 1, 0, 4, 0]
    [C:\Program Files\Spyware Doctor\plugins\grAV.sdp]  [PC Tools, 6.1.0.50]
    [C:\Program Files\Spyware Doctor\plugins\grfiles.SDP]  [PC Tools, 6.1.0.20]
    [C:\Program Files\Spyware Doctor\plugins\grImmunizer.SDP]  [PC Tools, 6.1.0.0]
    [C:\Program Files\Spyware Doctor\plugins\grregistry.SDP]  [PC Tools, 6.1.0.6]
    [C:\Program Files\Spyware Doctor\PCToolsComponents.bpl]  [PC Tools, 6.1.0.0]
    [C:\Program Files\Spyware Doctor\SH.dll]  [PC Tools, 6.1.0.8]
    [C:\Program Files\Spyware Doctor\plugins\KLGuard.SDP]  [PC Tools, 6.1.0.4]
    [C:\Program Files\Spyware Doctor\plugins\Network.SDP]  [PC Tools, 6.1.0.7]
    [C:\Program Files\Spyware Doctor\plugins\Process.SDP]  [PC Tools, 6.1.0.7]
    [C:\Program Files\Spyware Doctor\plugins\ScriptEngine.SDP]  [PC Tools, 6.1.0.5]
    [C:\Program Files\Spyware Doctor\plugins\SDNET.SDP]  [PC Tools, 6.1.0.5]
    [C:\Program Files\Spyware Doctor\plugins\Site.sdp]  [PC Tools, 6.1.0.11]
    [C:\Program Files\Spyware Doctor\plugins\StartUp.SDP]  [PC Tools, 6.1.0.11]
    [C:\Program Files\Spyware Doctor\TFEngine\TFExtCli.dll]  [PC Tools, 6.1.0.1]
    [C:\Program Files\Spyware Doctor\NetworkLayer\PCTCFHook.dll]  [, 1, 0, 15, 0]
    [C:\Program Files\Spyware Doctor\NetworkLayer\PluginDllSG.dll]  [PC Tools, 1, 0, 0, 38]
    [C:\Program Files\Common Files\PC Tools\GenTDI\GenericTdiDll.dll]  [PC Tools, 1, 0, 0, 37]
    [C:\Program Files\Spyware Doctor\TFEngine\TFAPI.dll]  [PC Tools, 4.9.3.31]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\avengine\SDAVgate.dll]  [PC Tools Research, 6, 5, 3, 58]
    [C:\Program Files\Spyware Doctor\avengine\PCTAVEng.dll]  [PC Tools Research Pty Ltd, 4.5.11.103]
[PID: 1752 / NETWORK SERVICE][c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe]  [Microsoft Corporation, 2005.090.4035.00]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 1768 / SYSTEM][c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe]  [Microsoft Corporation, 2005.090.4035.00]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 1800 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 1848 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 2028 / SYSTEM][C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe]  [Yahoo! Inc., 1.0.0.53]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,6,2]
[PID: 2756 / SYSTEM][C:\Program Files\Spyware Doctor\TFEngine\TFService.exe]  [PC Tools, 4.9.3.31]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Spyware Doctor\TFEngine\TFServer.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFE.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\TFEngine\TFMisc.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\TFEngine\TFLog.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\TFEngine\TFExt.dll]  [PC Tools, 6.1.0.1]
    [C:\Program Files\Spyware Doctor\TFEngine\TFMon.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\TFEngine\TFUndo.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\TFEngine\TFSF.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\TFEngine\TFRK.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\TFEngine\TFScan.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\TFEngine\TFDBM.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\TFEngine\TFQT.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\TFEngine\TFTM.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\TFEngine\TFO.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWS.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,6,2]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
[PID: 2860 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 3128 / Carlton][C:\WINDOWS\SYSTEM32\userinit.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
[PID: 884 / Carlton][C:\WINDOWS\SYSTEM32\PRISMSVR.EXE]  [Conexant Systems, Inc., 2.01.13]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
    [C:\WINDOWS\SYSTEM32\PRISME5.DLL]  [Meetinghouse Data Communications, 3, 0, 1, 7]
    [C:\WINDOWS\system32\PRISMAPI.DLL]  [Conexant Systems, Inc., 2.01.13]
[PID: 3544 / Carlton][C:\WINDOWS\explorer.exe]  [(Verified) Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [, ]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\Program Files\BitDefender\BitDefender 2009\bdshelxt.dll]  [N/A, ]
    [C:\WINDOWS\system32\txmlutil.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\txmlx.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\ENU\bdshelxt.ui]  [N/A, ]
    [C:\PROGRA~1\SPYWAR~1\SDCONT~1.DLL]  [PC Tools, 6.1.0.4]
    [C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll]  [Malwarebytes Corporation, 1, 3, 0, 0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.8268]
[PID: 1624 / Carlton][C:\WINDOWS\stsystra.exe]  [SigmaTel, Inc., 1.0.4991.0  nd444 cp1]
    [C:\WINDOWS\system32\STLang.dll]  [SigmaTel, Inc., 1.6.4947.0  nd229 cp1]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
    [C:\WINDOWS\system32\stacapi.dll]  [SigmaTel, Inc., 1.0.4991.0  nd444 cp1]
[PID: 2996 / Carlton][C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe]  [Intel Corporation, 6.0.1.1002]
    [C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll]  [Intel Corporation, 6.0.1.1002]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
    [C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMon_ENU.dll]  [Intel Corporation, 6.0.1.1002]
[PID: 3720 / Carlton][C:\Program Files\Dell\Media Experience\DMXLauncher.exe]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
[PID: 1352 / Carlton][C:\WINDOWS\System32\DLA\DLACTRLW.EXE]  [Sonic Solutions, 5.20.08a]
    [C:\WINDOWS\system32\DLAAPI_W.DLL]  [Sonic Solutions, 5.20.08a]
    [C:\WINDOWS\System32\DLA\DLACResW.dll]  [Sonic Solutions, 5.20.08a]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
    [C:\WINDOWS\system32\VxBlock.dll]  [Sonic Solutions, 1.00.83a]
[PID: 3508 / Carlton][C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe]  [Google, 5.9.911.3589]
    [C:\Program Files\Google\Google Desktop Search\GoogleServices.DLL]  [Google, 5.9.911.3589]
    [C:\Program Files\Google\Google Desktop Search\GoogleDesktopCommon.dll]  [Google, 5.9.911.3589]
    [C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll]  [Google, 5.9.911.3589]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
    [C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll]  [Google, 5.9.911.3589]
    [C:\Program Files\Google\Google Desktop Search\GoogleDesktopHyper.dll]  [Google, 5.9.911.3589]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,6,2]
    [C:\Program Files\Google\Google Desktop Search\gzlib.dll]  [N/A, ]
[PID: 2836 / Carlton][C:\WINDOWS\system32\wuauclt.exe]  [(Verified) Microsoft Corporation, 7.4.7600.226 (winmain_wtr_wsus3sp2(wmbla).090806-1834)]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
[PID: 3884 / Carlton][C:\Program Files\HP\HP Software Update\HPWuSchd2.exe]  [Hewlett-Packard, 100, 0, 1, 0]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
[PID: 3908 / Carlton][C:\Program Files\Spyware Doctor\pctsTray.exe]  [PC Tools, 6.1.0.26]
    [C:\Program Files\Spyware Doctor\rtl100.bpl]  [CodeGear, 11.0.2902.10471]
    [C:\Program Files\Spyware Doctor\vcl100.bpl]  [CodeGear, 11.0.2902.10471]
    [C:\Program Files\Spyware Doctor\SysAccess.dll]  [PC Tools, 6.1.0.9]
    [C:\Program Files\Spyware Doctor\CommOM.dll]  [PC Tools, 6.1.0.23]
    [C:\Program Files\Spyware Doctor\CommLib.dll]  [PC Tools, 6.1.0.0]
    [C:\Program Files\Spyware Doctor\PCToolsComponents.bpl]  [PC Tools, 6.1.0.0]
    [C:\Program Files\Spyware Doctor\sdinfo.sdp]  [PC Tools, 6.1.0.24]
    [C:\Program Files\Spyware Doctor\cdialogs.dll]  [PC Tools, 6.1.0.24]
    [C:\Program Files\Spyware Doctor\pwindow.dll]  [PC Tools, 6.1.0.4]
    [C:\Program Files\Common Files\PC Tools\KDS\KDSInterface.dll]  [PC Tools, 2, 0, 0, 56]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [, ]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[PID: 4088 / Carlton][C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe]  [Sun Microsystems, Inc., 6.0.70.6]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
[PID: 1024 / Carlton][C:\Program Files\iTunes\iTunesHelper.exe]  [Apple Inc., 8.1.1.10]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
    [C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL]  [Apple Inc., 8.1.1.10]
    [C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL]  [Apple Inc., 8.1.1.10]
    [C:\Program Files\QuickTime\QTSystem\QuickTime.qts]  [Apple Inc., 7.6 (1292)]
    [C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll]  [Apple Inc., 205.7.0.19]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
[PID: 1824 / Carlton][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe]  [Google Inc., 2, 0, 301, 1654]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
    [C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\gtn.dll]  [Google Inc., 5, 4, 4525, 1752]
    [C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll]  [Google Inc., 5, 4, 4525, 1752]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,6,2]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
[PID: 1116 / Carlton][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
[PID: 3928 / Carlton][C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe]  [Macrovision Corporation, 6, 0, 100, 54472]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
[PID: 3744 / Carlton][C:\Program Files\Digital Line Detect\DLG.exe]  [BVRP Software, 1, 0, 0, 1]
    [C:\Program Files\Digital Line Detect\BVRPDIAG.dll]  [BVRP Software, 1.0]
    [C:\WINDOWS\system32\MdmXSdk.dll]  [Conexant, 1.0.2.002]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
[PID: 2520 / Carlton][C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe]  [Hewlett-Packard Co., 100.0.170.000]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
    [C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll]  [Hewlett-Packard Co., 100.0.170.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc]  [Hewlett-Packard Co., 100.0.170.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll]  [Hewlett-Packard Co., 100.0.170.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll]  [Hewlett-Packard Co., 100.0.196.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll]  [Hewlett-Packard Co., 100.0.196.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc]  [Hewlett-Packard Co., 100.0.196.000]
    [C:\Program Files\HP\Digital Imaging\bin\HpqCPTA.dll]  [Hewlett-Packard, 10.0.0.202]
    [C:\Program Files\HP\Digital Imaging\bin\HpqSRTA.dll]  [Hewlett-Packard, 10.0.0.202]
    [C:\Program Files\HP\Digital Imaging\bin\hpqxml2.dll]  [Hewlett-Packard, 10.0.0.202]
    [C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll]  [Hewlett-Packard Co., 100.0.196.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll]  [Hewlett-Packard Co., 100.0.196.000]
    [C:\WINDOWS\system32\hpzipr12.dll]  [Hewlett-Packard, 12,1,1,54]
    [C:\Program Files\HP\Digital Imaging\bin\hpqddusr.dll]  [Hewlett-Packard Co., 100.0.190.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll]  [Hewlett-Packard Co., 100.0.190.000]
[PID: 2852 / Carlton][C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe]  [, 1, 4, 0, 2]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
[PID: 2848 / Carlton][C:\Program Files\Dell Wireless\PRISMCFG.exe]  [Dell Inc., 2.01.13 (Alpha)]
    [C:\WINDOWS\system32\PrismApi.DLL]  [Conexant Systems, Inc., 2.01.13]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
[PID: 3328 / Carlton][C:\Program Files\palmOne\HOTSYNC.EXE]  [Palm, Inc., 4.0.4]
    [C:\Program Files\palmOne\CMDS21.dll]  [Palm, Inc., 4.0.1]
    [C:\Program Files\palmOne\HSLOG20.dll]  [Palm, Inc., 4.0]
    [C:\Program Files\palmOne\PalmCmn.dll]  [Palm, Inc., 4.0]
    [C:\Program Files\palmOne\CONDMGR.dll]  [Palm, Inc., 4.0.1.0]
    [C:\Program Files\palmOne\SYNC20.dll]  [Palm, Inc., 4.0]
    [C:\Program Files\palmOne\INSTAIDE.dll]  [Palm, Inc., 4.0.1]
    [C:\Program Files\palmOne\Subs30.dll]  [Palm, Inc., 4.0.0]
    [C:\Program Files\palmOne\UserData.dll]  [Palm, Inc., 4.0]
    [C:\Program Files\palmOne\VFSAPI.dll]  [Palm, Inc., 4.0]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
    [C:\Program Files\palmOne\SHW32.DLL]  [MicroQuill Software Publishing, Inc., 6.02.29]
    [C:\Program Files\palmOne\USBTransport.dll]  [Palm, Inc., 4.0.1]
    [C:\Program Files\palmOne\USBPort.dll]  [Palm, Inc., 4, 4, 0, 0]
[PID: 3772 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe]  [Apple Inc., 8.1.1.10]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
    [C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL]  [Apple Inc., 8.1.1.10]
    [C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL]  [Apple Inc., 8.1.1.10]
[PID: 3648 / Carlton][C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe]  [Hewlett-Packard Co., 100.0.175.000]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
    [C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll]  [Hewlett-Packard Co., 100.0.196.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpqwso08.dll]  [Hewlett-Packard Co., 100.0.175.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpqsti08.dll]  [Hewlett-Packard Co., 100.0.175.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpqgpb01.dll]  [Hewlett-Packard, 100, 000, 028, 000]
    [C:\Program Files\HP\Digital Imaging\bin\hpqstp08.dll]  [Hewlett-Packard Co., 100.0.175.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpqstp08.rsc]  [Hewlett-Packard Co., 100.0.175.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpqssm08.dll]  [Hewlett-Packard Co., 100.0.175.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpqtap08.dll]  [Hewlett-Packard Co., 100.0.187.000]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ENU.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll]  [Hewlett-Packard Co., 100.0.196.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpqsem08.rsc]  [Hewlett-Packard Co., 100.0.175.000]
    [C:\WINDOWS\system32\hpzipr12.dll]  [Hewlett-Packard, 12,1,1,54]
    [C:\Program Files\HP\Digital Imaging\bin\HpqSplh08.dll]  [Hewlett-Packard Co., 100.0.175.000]
[PID: 2740 / Carlton][C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe]  [Hewlett-Packard Co., 100.0.187.000]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
[PID: 2444 / Carlton][C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe]  [Hewlett-Packard, 100, 000, 028, 000]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ENU.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\midas32.dll]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_base.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_nt.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_registry.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_extra.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_net.m32]  [N/A, ]
    [C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_000\plugin_fragments.m32]  [N/A, ]
[PID: 5692 / Carlton][C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe]  [Sun Microsystems, Inc., 6.0.70.6]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 4624 / Carlton][C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe]  [Adobe Systems Incorporated, 7.0.8.2006051600]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\BIB.dll]  [Adobe Systems Incorporated, 1.1.18]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.dll]  [Adobe Systems Incorporated, 7.1.0.2008042300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\AGM.dll]  [Adobe Systems Incorporated, 4.14.46]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\CoolType.dll]  [Adobe Systems Incorporated, 5.01.44]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\ACE.dll]  [Adobe Systems Incorporated, 2.07.28]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Accessibility.api]  [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\AcroForm.api]  [Adobe Systems Incorporated, 7.1.0.2008042300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Annots.api]  [Adobe Systems Incorporated, 7.1.0.2008042300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Checkers.api]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\DigSig.api]  [Adobe Systems Incorporated, 7.1.0.2008042300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\eBook.api]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\EScript.api]  [Adobe Systems Incorporated, 7.1.0.2008042300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\EWH32.api]  [Adobe Systems Incorporated, 7.0.8.2006051600]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\HLS.api]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\IA32.api]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\ImageViewer.API]  [Adobe Systems Inc., 7.0.0.41005]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\LegalPDF.api]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\MakeAccessible.api]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Multimedia.api]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PDDom.api]  [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks.api]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PPKLite.api]  [Adobe Systems Incorporated, 7.1.0.2008042300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\reflow.api]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\SaveAsRTF.api]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Search.api]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Search5.api]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\SendMail.api]  [Adobe Systems Incorporated, 7.1.0.2008042300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Soap.api]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Spelling.api]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Updater.api]  [Adobe Systems Incorporated, 7.1.0.2008042300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\weblink.api]  [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,6,2]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\ATL.DLL]  [Microsoft Corporation, 3.00.8449]
[PID: 1672 / Carlton][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.1.45]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 2232 / Carlton][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
    [C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL]  [Google, 5.9.911.3589]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Google\Google Desktop Search\GoogleDesktopCommon.dll]  [Google, 5.9.911.3589]
    [C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll]  [Google, 5.9.911.3589]
    [C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll]  [Google, 5.9.911.3589]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,6,2]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
[PID: 6112 / Carlton][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
    [C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL]  [Google, 5.9.911.3589]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Google\Google Desktop Search\GoogleDesktopCommon.dll]  [Google, 5.9.911.3589]
    [C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll]  [Google, 5.9.911.3589]
    [C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll]  [Google, 5.9.911.3589]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll]  [Google, 5.9.911.3589]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,6,2]
    [C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll]  [RealPlayer, 1.0.1.57]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll]  [Sun Microsystems, Inc., 6.0.70.6]
    [C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll]  [Google Inc., 6, 3, 1014, 1517 ]
    [C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_E0B3D00E06C2FA01.dll]  [Google Inc., 6, 3, 1106, 427  ]
    [C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll]  [Google Inc., 6, 3, 1106, 427  ]
    [C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll]  [Google Inc., 5, 4, 4525, 1752]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx]  [Adobe Systems, Inc., 10,0,22,87]
    [C:\Program Files\Google\Google Desktop Search\gzlib.dll]  [N/A, ]
[PID: 2616 / Carlton][C:\DOCUME~1\Carlton\LOCALS~1\Temp\Temporary Directory 1 for sreng2.zip\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.1.1279]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
[PID: 4640 / Carlton][C:\DOCUME~1\Carlton\LOCALS~1\Temp\Temporary Directory 1 for sreng2.zip\SRE1c10bce1.EXE]  [Smallfrogs Studio, 2.8.1.1279]
    [C:\Program Files\Spyware Doctor\smum32.dll]  [PC Tools, 6.1.0.2]
    [C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll]  [PC Tools, 4.9.3.31]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,6,2]
    [C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll]  [PC Tools Research Pty Ltd., 1, 0, 100, 0]
 
             
==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
 
             
==================================
Winsock Provider
PCTOOLS over [MSAFD Tcpip [TCP/IP]]
    C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll(PC Tools Research Pty Ltd., PC Tools Layered Service Provider)
PCTOOLS over [MSAFD Tcpip [UDP/IP]]
    C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll(PC Tools Research Pty Ltd., PC Tools Layered Service Provider)
PCTOOLS over [MSAFD Tcpip [RAW/IP]]
    C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll(PC Tools Research Pty Ltd., PC Tools Layered Service Provider)
PCTOOLS CONTENT FILTER PROVIDER
    C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll(PC Tools Research Pty Ltd., PC Tools Layered Service Provider)
 
             
==================================
Autorun.Inf
N/A
 
             
==================================
HOSTS File
127.0.0.1       localhost
 
             
==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 340, C:\PROGRAM FILES\COMMON FILES\COMMAND SOFTWARE\DVPAPI.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 340, C:\PROGRAM FILES\COMMON FILES\COMMAND SOFTWARE\DVPAPI.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 480, C:\PROGRAM FILES\INTEL\INTEL MATRIX STORAGE MANAGER\IAANTMON.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 480, C:\PROGRAM FILES\INTEL\INTEL MATRIX STORAGE MANAGER\IAANTMON.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1624, C:\WINDOWS\STSYSTRA.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2996, C:\PROGRAM FILES\INTEL\INTEL MATRIX STORAGE MANAGER\IAANOTIF.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3720, C:\PROGRAM FILES\DELL\MEDIA EXPERIENCE\DMXLAUNCHER.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1352, C:\WINDOWS\SYSTEM32\DLA\DLACTRLW.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3884, C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3744, C:\PROGRAM FILES\DIGITAL LINE DETECT\DLG.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2848, C:\PROGRAM FILES\DELL WIRELESS\PRISMCFG.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3328, C:\PROGRAM FILES\PALMONE\HOTSYNC.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3648, C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQSTE08.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2740, C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQBAM08.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2444, C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQGPC01.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 2616, C:\DOCUME~1\CARLTON\LOCALS~1\TEMP\TEMPORARY DIRECTORY 1 FOR SRENG2.ZIP\SRENGLDR.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 2616, C:\DOCUME~1\CARLTON\LOCALS~1\TEMP\TEMPORARY DIRECTORY 1 FOR SRENG2.ZIP\SRENGLDR.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2616, C:\DOCUME~1\CARLTON\LOCALS~1\TEMP\TEMPORARY DIRECTORY 1 FOR SRENG2.ZIP\SRENGLDR.EXE]
 
             
==================================
Scheduled Tasks
[Enabled] AppleSoftwareUpdate.job
        C:\Program Files\Apple Software Update\SoftwareUpdate.exe 
 
             
==================================
Windows Security Update Check
KB892130,  Windows Genuine Advantage Validation Tool (KB892130) 
KB925850,  Windows Media Player 11 
KB940157,  Windows Search 4.0 for Windows XP (KB940157) 
KB902344,  Update for WMDRM-enabled Media Players (KB902344) 
KB909520,  Microsoft Base Smart Card Cryptographic Service Provider Package: x86 (KB909520) 
KB963673,  Update for the 2007 Microsoft Office System Help for Common Features (KB963673) 
KB963667,  Update for Microsoft Office Publisher 2007 Help (KB963667) 
KB963671,  Update for Microsoft Script Editor Help (KB963671) 
KB936929,  Windows XP Service Pack 3 (KB936929) 
KB963678,  Update for Microsoft Office Excel 2007 Help (KB963678) 
KB963677,  Update for Microsoft Office Outlook 2007 Help (KB963677) 
KB963669,  Update for Microsoft Office PowerPoint 2007 Help (KB963669) 
KB963665,  Update for Microsoft Office Word 2007 Help (KB963665) 
KB963665,  Office Live add-in 1.4 
KB974331,  Microsoft Silverlight (KB974331) 
KB974331,  Windows Live Essentials 
KB975364,  Update for Internet Explorer 8 Compatibility View List for Windows XP (KB975364) 
KB974561,  Update for Microsoft Office Word 2007 (KB974561) 
KB931125,  Update for Root Certificates [November 2009] (KB931125) 
KB955759,  Update for Windows XP (KB955759) 
 
             
==================================
API HOOK
Entrypoint Error: LoadLibraryExW (Dangerous Level: High,  Hooked by Module: 0x011DFF42)
Entrypoint Error: FreeLibrary (Dangerous Level: High,  Hooked by Module: 0x7170002D)
 
             
==================================
Hidden Process
N/A
 
             
==================================

bamajim

10.4K Posts

December 30th, 2009 08:00


CJR74

We have a couple of problems:

Let's remove the Symantec (Norton) stuff you aren't using.

1. Go HERE and download and run the Symantec Removal Tool

Pick the right version according to your application. Reboot

2. Rerun SRE2

In the Lft Pane Select System Repair
In the Rt pane Under the Windows Shell / IE
Place a check in the box beside

Show icons on desktop

Select The Repair Button.

Close SRE2. That should resolve your Desktop icon issue.

3. There seems to be some missing drivers related to Bit Defender 2009.

Did you download and install this?


CJR74

18 Posts

December 30th, 2009 21:00

1) I believe I was able to remove Norton

2) Repeated the SRE2 as directed a couple of times, the desktop problem has not changed

3) For some reason Bit Defender is not loading or running properly, I mentioned this on last posts. I did however try to repeat the process a couple of times but it seems to still be having problems running Bit Defender, i get a window "Bit Defender Online Scanner" with two status bars "Antivirus Engines" and "Virus Signatures'", both says 100% but no other directions are given and I am unable to close the window. window is still open at this time. 

bamajim

10.4K Posts

January 4th, 2010 19:00

 

CJR74

Moving on. We need to delete Bit Defender, I don't see how we got all of that from an online scan. But

I

1. Rerun Avenger

2. Copy all the text contained in the bold below to your Clipboard by highlighting it and pressing (Ctrl+C):

Drivers to delete:
wbefe

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by clicking on its icon on your desktop.
  • Select Load Script
  • Select Paste from Clipboard
  • The information should now appear in the Open window
  • Select Execute
  • Answer Yes When prompted "Are you sure you want to execute the current script?"

4. The Avenger will automatically do the following:
  • It will Restart your computer.
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please copy/paste the content of c:\avenger.txt

II. Let's remove Bit Defender using the tool and instructions provided HERE

III. Rerun CCLeaner (since you have it installed)

After it opens On the left side Select Registry >> Scan for issues

When the scan completes , Select Fix selected issues.
You will be prompted to make a reg back up ->>Select Yes and save the reg backup where you can find it if you need it.


Reboot and post the results of the Avenger text

 

CJR74

18 Posts

January 8th, 2010 12:00

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform:  Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error:  registry key "\Registry\Machine\System\CurrentControlSet\Services\wbefe" not found!
Deletion of driver "wbefe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
  --> the object does not exist


Completed script processing.

*******************

Finished!  Terminate.

bamajim

10.4K Posts

January 12th, 2010 07:00


CJR74

Please download Combofix and save to your desktop:
  • Note: It is important that it is saved directly to your desktop
    Close any open browsers.
    Double click on combofix.exe and follow the prompts.
    When it's finished it will produce a log.
    Post the contents of the C:\ComboFix.txt into your next reply.
    Note: Do not mouseclick combofix's window whilst it's running.
    That may cause the program to freeze/hang.

CJR74

18 Posts

January 12th, 2010 10:00

ComboFix 10-01-11.04 - Carlton 01/12/2010  11:52:16.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.2046.1351 [GMT -6:00]
Running from: c:\documents and settings\Carlton\Desktop\ComboFix.exe
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Carlton\Application Data\wiaserva.log
c:\documents and settings\Carlton\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\program files\sFX
c:\windows\010112010146118114.dat
c:\windows\0101120101464849.dat
c:\windows\934fdfg34fgjf23
c:\windows\system32\Thumbs.db

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SFXDRV
-------\Legacy_WYEKE_SERVICE
-------\Service_Wyeke Service


(((((((((((((((((((((((((   Files Created from 2009-12-12 to 2010-01-12  )))))))))))))))))))))))))))))))
.

2010-01-12 18:10 . 2006-12-11 16:20 180224 ----a-w- c:\documents and settings\Carlton\Application Data\U3\00001675C67056B2\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\U3AppWrapper.exe
2010-01-12 18:10 . 2006-12-11 16:20 983829 ----a-w- c:\documents and settings\Carlton\Application Data\U3\00001675C67056B2\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\master.exe
2010-01-12 18:10 . 2006-12-11 16:20 72192 ----a-w- c:\documents and settings\Carlton\Application Data\U3\00001675C67056B2\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\TASKLIST.EXE
2010-01-12 18:10 . 2006-12-11 16:20 72192 ----a-w- c:\documents and settings\Carlton\Application Data\U3\00001675C67056B2\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\TASKKILL.EXE
2010-01-12 18:10 . 2006-12-11 16:20 325 ----a-w- c:\documents and settings\Carlton\Application Data\U3\00001675C67056B2\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\stopApp.bat
2010-01-12 18:10 . 2006-12-11 16:20 15 ----a-w- c:\documents and settings\Carlton\Application Data\U3\00001675C67056B2\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\run_me.bat
2010-01-12 18:10 . 2006-12-11 16:20 40960 ----a-w- c:\documents and settings\Carlton\Application Data\U3\00001675C67056B2\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\appstop.exe
2010-01-12 14:10 . 2010-01-12 14:10 -------- d-----w- c:\documents and settings\Carlton\Local Settings\Application Data\Yahoo!
2009-12-28 05:34 . 2009-12-30 21:46 -------- d-----w- c:\windows\BDOSCAN8
2009-12-26 17:48 . 2009-12-26 17:54 81984 ----a-w- c:\windows\system32\bdod.bin

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-12 18:09 . 2008-03-18 16:27 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-12 18:04 . 2008-03-18 16:27 -------- d-----w- c:\program files\Spyware Doctor
2010-01-11 02:26 . 2007-07-28 05:37 -------- d-----w- c:\documents and settings\Carlton\Application Data\U3
2009-12-18 14:58 . 2007-07-27 22:50 74648 ----a-w- c:\documents and settings\Carlton\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-14 18:27 . 2007-07-23 14:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-12-10 17:33 . 2008-11-23 15:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Roxio
2009-12-10 17:33 . 2007-07-23 15:02 -------- d-----w- c:\program files\Roxio
2009-12-10 17:32 . 2007-07-23 15:02 -------- d-----w- c:\program files\Common Files\Roxio Shared
2009-12-10 17:32 . 2007-07-23 14:54 -------- d-----w- c:\program files\Common Files\Sonic Shared
2009-12-10 16:23 . 2008-09-07 03:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-10 16:11 . 2008-11-23 15:17 256 ----a-w- c:\windows\system32\pool.bin
2009-12-03 22:14 . 2008-09-07 03:43 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 22:13 . 2008-09-07 03:43 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-29 07:45 . 2004-08-10 17:51 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 06:00 . 2004-08-10 17:51 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:00 . 2004-08-10 17:51 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 14:58 . 2004-08-04 04:00 263552 ----a-w- c:\windows\system32\drivers\http.sys
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 68856]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-10 7323648]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-24 282624]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-09-11 218032]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-16 30192]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-08-24 1181064]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-05-03 185896]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-26 177472]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-04-17 9117696]

c:\documents and settings\Carlton\Start Menu\Programs\Startup\
HotSync Manager.lnk - c:\program files\palmOne\HOTSYNC.EXE [2004-4-13 299008]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-7-23 24576]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
LaunchU3.exe.lnk - c:\windows\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe [2009-7-12 22486]
Wireless USB 2.0 WLAN Card Utility.lnk - c:\program files\Dell Wireless\PRISMCFG.exe [2007-10-11 917611]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ    \0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [7/19/2009 10:27 AM 206256]
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [7/19/2009 10:27 AM 51488]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [7/19/2009 10:27 AM 39200]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [7/19/2009 10:27 AM 159600]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [3/18/2008 10:27 AM 348752]
R3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [7/19/2009 10:26 AM 64392]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [7/19/2009 10:27 AM 33056]
R3 ThreatFire;ThreatFire;c:\program files\Spyware Doctor\TFEngine\TFService.exe service --> c:\program files\Spyware Doctor\TFEngine\TFService.exe service [?]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [7/23/2007 9:03 AM 30192]
S4 PRISMSVC;PRISMSVC;c:\windows\system32\PRISMSVC.exe [10/11/2007 9:17 AM 57344]

--- Other Services/Drivers In Memory ---

*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ    Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ    hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 09:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder

2010-01-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
LSP: c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll
DPF: vzTCPConfig - hxxps://www.verizon.net/WhatsNext/CheckMyPc/vzTCPConfig.CAB
.
- - - - ORPHANS REMOVED - - - -

BHO-{B5DB3E09-CA5B-4419-A3F3-B559708244C9} - (no file)
WebBrowser-{D0523BB4-21E7-11DD-9AB7-415B56D89593} - (no file)

 

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-12 12:09
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(712)
c:\program files\Spyware Doctor\TFEngine\TFWAH.dll
c:\program files\Spyware Doctor\TFEngine\TFNI.dll

- - - - - - - > 'lsass.exe'(776)
c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll
c:\program files\Spyware Doctor\TFEngine\TFWAH.dll

- - - - - - - > 'explorer.exe'(3908)
c:\windows\system32\WININET.dll
c:\program files\Spyware Doctor\TFEngine\TFWAH.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Command Software\dvpapi.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Spyware Doctor\pctsSvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Spyware Doctor\TFEngine\TFService.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\PRISMSVR.EXE
c:\windows\stsystra.exe
c:\documents and settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
c:\program files\iPod\bin\iPodService.exe
c:\documents and settings\Carlton\Application Data\U3\00001675C67056B2\LaunchPad.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\windows\system32\msiexec.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Completion time: 2010-01-12  12:13:59 - machine was rebooted
ComboFix-quarantined-files.txt  2010-01-12 18:13
ComboFix2.txt  2008-09-15 02:33

Pre-Run: 121,292,611,584 bytes free
Post-Run: 121,638,211,584 bytes free

- - End Of File - - D7B44E90192FD3C1DF9D09033DE52215

bamajim

10.4K Posts

January 12th, 2010 13:00

CJR74

Good work

Post a fresh Hiajckthis log and in your reply, tell me how your PC is running now.

beneteau285

2 Posts

January 12th, 2010 13:00

OK, forget all the preceding.  I was infected with Internet Security 2010 (malware embedded with Trojan viruses) just last week.  Took me hours (3 days) with intense Google research and, finally, cleaned my computer.  Your problem is---you are eliminating some of the malware, etc.; but, everytime you start your computer---most of the Trojan viruses/malware reload.  Are you getting indications of  being infected with Trojan SPM/LX----Trojan-Spy.HTML.VisaFraud.a---Trojan FakeAlert---Worm.Win32.netsky?  Are you getting popups trying to sell you anti-virus software?  When you open a file, do you get a popup "warning you the file is infected and the file is then closed"?  Give me some answers to these questions.  If they are mostly "yes",  I'm gonna (hopefully) get you fixed.

 

Lee

bamajim

10.4K Posts

January 12th, 2010 13:00


@beneteau285

I appreciate your trying to help. But the malware removal forum here is not a free-for-all discussion like some answer boards on the internet.
If you wish to help then please read the topics pinned at the top of this board.

beneteau285

2 Posts

January 12th, 2010 14:00

 


@beneteau285

I appreciate your trying to help. But the malware removal forum here is not a free-for-all discussion like some answer boards on the internet.
If you wish to help then please read the topics pinned at the top of this board.

I joined  Dell's forum in 2002---long before yourself and I am quite familiar on "how things work" in the forum community.  Unfortunately, my original Dell account has, for some unexplained reason, been locked for the past few days and since I personally experienced a massive infection of my computer early last week, very similar to this one, I felt I maybe able to help; therefore, I joined again, today, with a new ID.  I know what steps I took to, finally, clean my computer---you don't. I've noticed that, after 2 pages of "posts", the infection still exists. I haven't visited or posted on the forum for a few months.  It was always my understanding that individuals posted their computer problems or questions on this forum seeking help in resolving them.  Obviously, you took my previous post as an attack to your ego.  Excuse me for stepping on your toes.  I'll kindly back-out of this discussion so you can resolve his issue.

 

 

CJR74

18 Posts

January 12th, 2010 14:00

The computer is doing a lot better than when we started several weeks ago.  Today it actually rebooted with the correct desktop and icons for the first.

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:45:54 PM, on 1/12/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Documents and Settings\Carlton\Application Data\U3\00001675C67056B2\LaunchPad.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070723
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: vzTCPConfig - https://www.verizon.net/WhatsNext/CheckMyPc/vzTCPConfig.CAB
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/sdcCommon/download/FIOS/tgctlcm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1221704517145&h=1fda7bac32ce5a5e4ba90074b4bf05d1/&filename=jinstall-6u7-windows-i586-jc.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
O24 - Desktop Component 0: Privacy Protection - (no file)

--
End of file - 12197 bytes

Was this post helpful?

View All

0 events found

No Events found!

Top