Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mc pop up messages - file deleted-svchost.exe Artemis! 25AE1D740FCC


  • Please log in to reply
22 replies to this topic

#1 cemaswr

cemaswr

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:37 AM

Posted 24 December 2009 - 04:40 PM

Hello,
Don't know how to remove/repair

I have the following Antivirus installed on my laptop:
McAfee Total Protection Service
Product Version 5.0.0 Patch 003
DAT version 5839.0000
Scan engine version 5400.1158

Recently I have been getting pop-up messages every 5-10 minutes from McAfee. They are all similar to what I have listed below, however, the file name changes (but it always begins with C:\WINDOWS\TEMP and always ends with \svchost.exe)

File deleted - svchost.exe
New malware.j

or
File deleted - svchost.exe
Artemis! 25AE1D740FCC
C:\WINDOWS\TEMP\halm.tmp\svchost.exe

or
File deleted - svchost.exe
Generic.dx!jfw
C:\WINDOWS\TEMP\pucr.tmp\svchost.exe

I'm not sure what the problem (or even if there really is a problem).

I read the post and followed the steps, but DDS is not running. I get a message in notepad saying "DDS cannot run in DOS mode" and it's surrounded by a lot of random symbols. Hopefully someone here can help me out. Thanks in advance.

Regards,
cemaswr

Edited by boopme, 28 December 2009 - 12:26 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:37 AM

Posted 27 December 2009 - 10:57 PM

Hi,OK not a problem. I don't like when we have safe Mode isues on a PC,usually a bad thing.

SUPERAntiSypware has a built in "Repairs" feature to fix policy restrictions and certain Windows settings which are sometimes targeted by malware infection. To use this feature, launch SUPERAntiSypware.
  • Click the Repairs tab.
  • Click on (highlight) "Repair broken SafeBoot key" and then click the Repair button.
  • You may be asked to reboot your computer for the changes to take effect.

Some rootkits can terminate your security tools by changing the permissions on targeted programs so that they cannot run or complete scans. Further investigation is required to determine if this is the case with the issues you have described.

Please download Win32kDiag.exe by AD and save it to your desktop.
alternate download 1
alternate download 2
  • This tool will create a diagnostic report for me to review.
  • Double-click on Win32kDiag.exe to run and let it finish.
  • When it states Finished! Press any key to exit..., press any key on your keyboard to close the program.
  • A file called Win32kDiag.txt should be created on your Desktop.
  • Open that file in Notepad, then copy and paste the entire contents starting with Running from... to Finished!) in your next reply.
Then go to Posted Image > Run..., and copy and paste this command into the open box: cmd
press OK.
At the command prompt C:\>, copy and paste the following command and press Enter:
DIR /a/s %windir%\scecli.dll %windir%\netlogon.dll %windir%\eventlog.dll >Log.txt & START notepad Log.txt
A file called log.txt should be created on your Desktop and open in Notepad.
Copy and paste the contents of that file in your next reply.

-- Vista users can refer to these instructions to open a command prompt.


Also run System Repair Engineer
  • Please download System Repair Engineer from here
  • Unzip/extract sreng2.zip to a folder on your desktop
  • Double-click on SREngLdr.EXE to launch System Repair Engineer
  • Click the Smart Scan Icon
  • Click Scan
  • Wait for the scan to finish
  • Click on the Save Reports button
  • Save it to your desktop, using the recommended name of SREngLOG.log
  • Close System Repair Engineer
  • Use notepad to open the SREngLOG.log file
  • Copy & paste the contents of that file as a reply to this topic
  • Note: The log may be long, and you may need several posts to post all of it
  • If you are using a custom HOSTS file, please leave out the HOSTS File section, as it will make the log far too long

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 cemaswr

cemaswr
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:37 AM

Posted 28 December 2009 - 10:36 AM

Hello again, boopme.

I used SUPER to repair the broken safeboot key, but I did not attempt to boot in safe mode yet.

I downloaded Win32kDiag.exe and run it. Here is the log:

Running from: C:\Documents and Settings\WYNSEL\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\WYNSEL\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...

Finished!


I also entered the command at the command prompt and the log is as follows:

Volume in drive C is OS
Volume Serial Number is 2450-BB10

Directory of C:\WINDOWS\system32

04/14/2008 08:00 AM 181,248 scecli.dll

Directory of C:\WINDOWS\system32

04/14/2008 08:00 AM 407,040 netlogon.dll

Directory of C:\WINDOWS\system32

04/14/2008 08:00 AM 56,320 eventlog.dll
3 File(s) 644,608 bytes

Total Files Listed:
3 File(s) 644,608 bytes
0 Dir(s) 188,823,089,152 bytes free

And finally, I used SREng and performed the smart scan. Here are the logs:

2009-12-28,10:03:19

System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
	All Boot Items (Including Registry, Startup Folders, Services and so on)
	Browser Add-ons
	Running Processes (Including process model information)
	File Associations
	Winsock Provider
	Autorun.Inf
	HOSTS File
	Process Privileges Scan
	Scheduled Tasks
	Windows Security Update Check
	API HOOK
	Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
	<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
	<Ceedo AutoDetect><C:\DOCUME~1\WYNSEL\LOCALS~1\Temp\AutoDetect.exe /active>  [(Verified)CEEDO TECHNOLOGIES (2005) LTD]
	<wdvly><C:/Documents and Settings/WYNSEL/My Documents/Downloads//rsqdxui.exe>  [N/A]
	<hlerm><C:/Documents and Settings/WYNSEL/My Documents/Downloads//ogllmyz.exe>  [N/A]
	<wnfnc><C:/Documents and Settings/WYNSEL/Desktop//reafbln.exe>  [N/A]
	<hvnsp><C:/Documents and Settings/WYNSEL/Desktop//orunpof.exe>  [N/A]
	<SUPERAntiSpyware><C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe>  [(Verified)SuperAdBlocker.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
	<Ceedo Repair><C:\DOCUME~1\WYNSEL\LOCALS~1\Temp\AutoDetect.exe /repair /drive=>  [(Verified)CEEDO TECHNOLOGIES (2005) LTD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
	<load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
	<Apoint><C:\Program Files\DellTPad\Apoint.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
	<RTHDCPL><RTHDCPL.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
	<Alcmtr><ALCMTR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
	<IgfxTray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
	<OEM13Mon.exe><C:\WINDOWS\OEM13Mon.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
	<PSQLLauncher><"C:\Program Files\Protector Suite QL\launcher.exe" /startup>  [(Verified)UPEK Inc.]
	<MVS Splash><"C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe">  [(Verified)"McAfee, Inc."]
	<McAfee Managed Services Tray><"C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe">  [File is missing]
	<IntelliPoint><"C:\Program Files\Microsoft IntelliPoint\ipoint.exe">  [(Verified)Microsoft Corporation]
	<Adobe ARM><"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe">  [(Verified)"Adobe Systems, Incorporated"]
	<LogonStudio><"C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM>  [Stardock and Luca Saggese]
	<BootSkin Startup Jobs><"C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs>  []
	<GrooveMonitor><"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe">  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
	<shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
	<Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
	<AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
	<UIHost><C:\WINDOWS\system32\logonuiX.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
	<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
	<{56F9679E-7826-4C84-81F3-532071A8BCC5}><C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll>  [Microsoft Corporation]
	<{B5A7F190-DDA6-4420-B3BA-52453494E6CD}><C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll>  [(Verified)Microsoft Corporation]
	<{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}><C:\Program Files\SUPERAntiSpyware\SASSEH.DLL>  [SuperAdBlocker.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
	<PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
	<CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
	<WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows]
	<SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
	<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
	<WinlogonNotify: !SASWinLogon><C:\Program Files\SUPERAntiSpyware\SASWINLO.dll>  [SUPERAntiSpyware.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
	<WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
	<WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
	<WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
	<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
	<WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
	<WinlogonNotify: psfus><C:\WINDOWS\system32\psqlpwd.dll>  [(Verified)UPEK Inc.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
	<WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
	<WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
	<WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
	<WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
	<WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
	<WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
	<WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
	<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
	<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
	<Internet Explorer Version Update><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
	<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
	<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
	<Browser Customizations><"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
	<Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
	<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
	<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
	<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
	<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
	<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
	<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
	<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
	<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
	<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
	<N/A><c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}]
	<Fax><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
	<SCRNSAVE.EXE><C:\WINDOWS\system32\logon.scr>  [(Verified)Microsoft Windows Component Publisher]

==================================
Startup Folders
[Bluetooth Manager]
  <C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk --> C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [TOSHIBA CORPORATION.]><N>
[DesktopEarth AutoStart]
  <C:\Documents and Settings\WYNSEL\Start Menu\Programs\Startup\DesktopEarth AutoStart.lnk --> C:\Documents and Settings\WYNSEL\Application Data\Microsoft\Installer\{DBA5E973-660D-4CBE-A469-F5C37FBF0CE4}\_C1A9BF9D98647632ED5172.exe [N/A]><N>
[ImpulseNow]
  <C:\Documents and Settings\WYNSEL\Start Menu\Programs\Startup\ImpulseNow.lnk --> C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE [Stardock Corporation]><N>
[Stardock ObjectDock]
  <C:\Documents and Settings\WYNSEL\Start Menu\Programs\Startup\Stardock ObjectDock.lnk --> C:\PROGRA~1\Stardock\OBJECT~1\OBJECT~1\OBJECT~1.EXE [Stardock]><N>

==================================
Services
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[EngineServer / EngineServer][Running/Auto Start]
  <"C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe"><McAfee, Inc.>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Macrovision Europe Ltd.>
[Google Update Service (gupdate) / gupdate][Stopped/Auto Start]
  <"C:\Program Files\Google\Update\GoogleUpdate.exe" /svc><Google Inc.>
[hpqcxs08 / hpqcxs08][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k hpdevmgmt-->C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll><Hewlett-Packard Co.>
[HP CUE DeviceDiscovery Service / hpqddsvc][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k hpdevmgmt-->C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll><Hewlett-Packard Co.>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
  <"C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
  <"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[Lavasoft Ad-Aware Service / Lavasoft Ad-Aware Service][Running/Auto Start]
  <"C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe"><Lavasoft>
[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
  <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[McAfee SiteAdvisor Enterprise Service / McAfee SiteAdvisor Enterprise Service][Running/Auto Start]
  <"C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe"><McAfee, Inc.>
[McShield / McShield][Running/Auto Start]
  <C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe><McAfee, Inc.>
[McAfee Personal Firewall Service / MpfService][Running/Auto Start]
  <"C:\Program Files\McAfee\MPF\MPFSrv.exe"><McAfee, Inc.>
[McAfee Virus and Spyware Protection Service / myAgtSvc][Running/Auto Start]
  <"C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" /ServiceStart><McAfee, Inc.>
[Net Driver HPZ12 / Net Driver HPZ12][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k HPZ12-->C:\WINDOWS\system32\HPZinw12.dll><Hewlett-Packard>
[O2FLASH / O2FLASH][Running/Auto Start]
  <C:\WINDOWS\system32\DRIVERS\o2flash.exe><O2Micro International>
[Pml Driver HPZ12 / Pml Driver HPZ12][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k HPZ12-->C:\WINDOWS\system32\HPZipm12.dll><Hewlett-Packard>
[RoxMediaDB9 / RoxMediaDB9][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe"><Sonic Solutions>
[stllssvr / stllssvr][Stopped/Manual Start]
  <"C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"><MicroVision Development, Inc.>
[TOSHIBA Bluetooth Service / TOSHIBA Bluetooth Service][Running/Auto Start]
  <C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe><TOSHIBA CORPORATION>
[Dell Wireless WLAN Tray Service / wltrysvc][Running/Auto Start]
  <C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe><N/A>
==================================
Drivers
[AliIde / AliIde][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[Alps Touch Pad Filter Driver for Windows 2000/XP/Vista / ApfiltrService][Running/Manual Start]
  <system32\DRIVERS\Apfiltr.sys><Alps Electric Co., Ltd.>
[APPDRV / APPDRV][Running/System Start]
  <\SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS><Dell Inc>
[asc / asc][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[Dell Wireless WLAN Card Driver / BCM43XX][Running/Manual Start]
  <system32\DRIVERS\bcmwl5.sys><Broadcom Corporation>
[BootScreen / BootScreen][Stopped/Boot Start]
  <\SystemRoot\\SystemRoot\System32\drivers\vidstub.sys><N/A>
[CmdIde / CmdIde][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[DLABMFSM / DLABMFSM][Running/Auto Start]
  <System32\Drivers\DLABMFSM.SYS><Roxio>
[DLABOIOM / DLABOIOM][Running/Auto Start]
  <System32\Drivers\DLABOIOM.SYS><Roxio>
[DLACDBHM / DLACDBHM][Running/Boot Start]
  <\SystemRoot\System32\Drivers\DLACDBHM.SYS><Roxio>
[DLADResM / DLADResM][Running/Auto Start]
  <System32\Drivers\DLADResM.SYS><Roxio>
[DLAIFS_M / DLAIFS_M][Running/Auto Start]
  <System32\Drivers\DLAIFS_M.SYS><Roxio>
[DLAOPIOM / DLAOPIOM][Running/Auto Start]
  <System32\Drivers\DLAOPIOM.SYS><Roxio>
[DLAPoolM / DLAPoolM][Running/Auto Start]
  <System32\Drivers\DLAPoolM.SYS><Roxio>
[DLARTL_M / DLARTL_M][Running/System Start]
  <System32\Drivers\DLARTL_M.SYS><Roxio>
[DLAUDFAM / DLAUDFAM][Running/Auto Start]
  <System32\Drivers\DLAUDFAM.SYS><Roxio>
[DLAUDF_M / DLAUDF_M][Running/Auto Start]
  <System32\Drivers\DLAUDF_M.SYS><Roxio>
[DRVMCDB / DRVMCDB][Running/Boot Start]
  <\SystemRoot\System32\Drivers\DRVMCDB.SYS><Sonic Solutions>
[DRVNDDM / DRVNDDM][Running/Auto Start]
  <System32\Drivers\DRVNDDM.SYS><Roxio>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[IEEE-1284.4 Driver HPZid412 / HPZid412][Stopped/Manual Start]
  <system32\DRIVERS\HPZid412.sys><HP>
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Stopped/Manual Start]
  <system32\DRIVERS\HPZipr12.sys><HP>
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Stopped/Manual Start]
  <system32\DRIVERS\HPZius12.sys><HP>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\igxpmp32.sys><Intel Corporation>
[Intel AHCI Controller / iaStor][Running/Boot Start]
  <\SystemRoot\system32\drivers\iaStor.sys><Intel Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[Lbd / Lbd][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\Lbd.sys><Lavasoft AB>
[McAfee Inc. MfeAVFK / MfeAVFK][Running/Manual Start]
  <system32\drivers\MfeAVFK.sys><McAfee, Inc.>
[McAfee Inc. MfeBOPK / MfeBOPK][Running/Manual Start]
  <system32\drivers\MfeBOPK.sys><McAfee, Inc.>
[McAfee Inc. mfehidk / mfehidk][Running/System Start]
  <system32\drivers\mfehidk.sys><McAfee, Inc.>
[McAfee Inc. MfeRKDK / MfeRKDK][Stopped/Manual Start]
  <system32\drivers\MfeRKDK.sys><McAfee, Inc.>
[McAfee Inc. mfetdik / mfetdik][Running/System Start]
  <system32\drivers\mfetdik.sys><McAfee, Inc.>
[MPFP / MPFP][Running/System Start]
  <System32\Drivers\Mpfp.sys><McAfee, Inc.>
[mraid35x / mraid35x][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[O2MDRDR / O2MDRDR][Running/Manual Start]
  <system32\DRIVERS\o2media.sys><O2Micro>
[O2SDRDR / O2SDRDR][Running/Manual Start]
  <system32\DRIVERS\o2sd.sys><O2Micro>
[Provides a software interface to control audio effects of OEM013 camera. / OEM13Afx][Running/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\OEM13Afx.sys><Creative Technology Ltd.>
[Creative Camera OEM013 Video VFX Driver / OEM13Vfx][Running/Manual Start]
  <system32\DRIVERS\OEM13Vfx.sys><EyePower Games Pte. Ltd.>
[Creative Camera OEM013 Driver / OEM13Vid][Running/Manual Start]
  <system32\DRIVERS\OEM13Vid.sys><Creative Technology Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[ql1080 / ql1080][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[ql12160 / ql12160][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
[SASDIFSV / SASDIFSV][Running/System Start]
  <\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS><SUPERAdBlocker.com and SUPERAntiSpyware.com>
[SASENUM / SASENUM][Running/Manual Start]
  <\??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS><SUPERAdBlocker.com and SUPERAntiSpyware.com>
[SASKUTIL / SASKUTIL][Running/System Start]
  <\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys><SUPERAdBlocker.com and SUPERAntiSpyware.com>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SIS AGP Bus Filter / sisagp][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[Sparrow / Sparrow][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[symc810 / symc810][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[sym_hi / sym_hi][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[TC USB Kernel Driver / TcUsb][Running/Manual Start]
  <System32\Drivers\tcusb.sys><UPEK Inc.>
[Bluetooth COM Port / tosporte][Running/Manual Start]
  <system32\DRIVERS\tosporte.sys><TOSHIBA Corporation>
[Bluetooth RFBUS / tosrfbd][Running/Manual Start]
  <system32\DRIVERS\tosrfbd.sys><TOSHIBA CORPORATION>
[Bluetooth RFBNEP / tosrfbnp][Running/Manual Start]
  <System32\Drivers\tosrfbnp.sys><TOSHIBA Corporation>
[Bluetooth RFCOMM / Tosrfcom][Running/System Start]
  <System32\Drivers\tosrfcom.sys><TOSHIBA Corporation>
[Bluetooth RFHID / Tosrfhid][Running/Manual Start]
  <system32\DRIVERS\Tosrfhid.sys><TOSHIBA Corporation.>
[Bluetooth Personal Area Network / tosrfnds][Running/Manual Start]
  <system32\DRIVERS\tosrfnds.sys><TOSHIBA Corporation.>
[Bluetooth USB Controller / Tosrfusb][Running/Manual Start]
  <system32\DRIVERS\tosrfusb.sys><TOSHIBA CORPORATION>
[ultra / ultra][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[Motorola USB Modem Driver for MPT / usbsermpt][Stopped/Manual Start]
  <system32\DRIVERS\usbsermpt.sys><Microsoft Corporation>

==================================
Browser Add-ons
[HP Print Enhancer]
  {0347C33E-8762-4905-BF09-768834316C61} <C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll, (Signed) Hewlett-Packard Co.>
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[]
  {5C255C8A-E604-49b4-9D64-90988571CECB} <, >
[Groove GFS Browser Helper]
  {72853161-30C5-4D22-B7F9-0BBC1D38A37E} <C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll, (Signed) Microsoft Corporation>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Adobe PDF Conversion Toolbar Helper]
  {AE7CD045-E861-484f-8273-0445EE161910} <C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[McAfee SiteAdvisor BHO]
  {B164E929-A1B6-4A06-B104-2CD0E90A88FF} <C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll, (Signed) McAfee, Inc.>
[Java(tm) Plug-In 2 SSV Helper]
  {DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[JQSIEStartDetectorImpl Class]
  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[HP Smart BHO Class]
  {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} <C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll, (Signed) Hewlett-Packard Co.>
[BlogThisToolbarButton Class]
  {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} <C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll, (Signed) Microsoft Corporation>
[Send to OneNote from Internet Explorer button]
  {2670000A-7350-4f3c-8081-5663EE0C6C49} <C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll, (Signed) Microsoft Corporation>
[&Research]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[ClipBookBtn Class]
  {DDE87865-83C5-48c4-8357-2F5B1AA84522} <C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll, (Signed) Hewlett-Packard Co.>
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[McAfee SiteAdvisor Toolbar]
  {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} <C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll, (Signed) McAfee, Inc.>
[HPSDDX Class]
  {A796D216-2DE1-4EA8-BABB-FE6E7C959098} <C:\WINDOWS\Downloaded Program Files\sdd.dll, (Signed) Hewlett-Packard Company>
[Java Plug-in 1.6.0_13]
  {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_13]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_13.dll, (Signed) Sun Microsystems, Inc.>
[PopCapLoader Object]
  {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} <C:\WINDOWS\Downloaded Program Files\popcaploader.dll, (Signed) PopCap Games>
[HP Print Enhancer]
  {0347C33E-8762-4905-BF09-768834316C61} <C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll, (Signed) Hewlett-Packard Co.>
[Outlook Today's Data-binding control]
  {0468C085-CA5B-11D0-AF08-00609797F0E0} <C:\PROGRA~1\MICROS~2\Office12\OUTLCTL.DLL, (Signed) >
[]
  {089FD14D-132B-48FC-8861-0048AE113215} <, >
[]
  {0BF43445-2F28-4351-9252-17FE6E806AA0} <, >
[McAfee SiteAdvisor Toolbar]
  {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} <C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll, (Signed) McAfee, Inc.>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[Adobe PDF]
  {182EC0BE-5110-49C8-A062-BEB1D02A220B} <C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[]
  {219C3416-8CB2-491A-A3C7-D9FCDDC9D600} <, >
[]
  {21FA44EF-376D-4D53-9B0F-8A89D3229068} <, >
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[]
  {2670000A-7350-4F3C-8081-5663EE0C6C49} <, >
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, (Signed) Microsoft Corporation>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Windows Desktop Search Combo Control]
  {4E430174-1673-4FF3-BF28-A3B37F6573E7} <C:\Program Files\Windows Desktop Search\wdsShell.dll, (Signed) Microsoft Corporation>
[]
  {5C255C8A-E604-49B4-9D64-90988571CECB} <, >
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[]
  {6EBF7485-159F-4BFF-A14F-B9E3AAC4465B} <, >
[Groove GFS Browser Helper]
  {72853161-30C5-4D22-B7F9-0BBC1D38A37E} <C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll, (Signed) Microsoft Corporation>
[]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <, >
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[HPSDDX Class]
  {A796D216-2DE1-4EA8-BABB-FE6E7C959098} <C:\WINDOWS\Downloaded Program Files\sdd.dll, (Signed) Hewlett-Packard Company>
[Adobe PDF Conversion Toolbar Helper]
  {AE7CD045-E861-484F-8273-0445EE161910} <C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[McAfee SiteAdvisor BHO]
  {B164E929-A1B6-4A06-B104-2CD0E90A88FF} <C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll, (Signed) McAfee, Inc.>
[Microsoft Office 12 Authorization Control]
  {C9712B19-838B-45A5-ABF2-9A315DDDED50} <C:\PROGRA~1\MICROS~2\Office12\AUTHZAX.DLL, (Signed) Microsoft Corporation>
[Microsoft Url Search Hook]
  {CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Windows Live Sign-in Control]
  {D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.>
[Java(tm) Plug-In 2 SSV Helper]
  {DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[ClipBookBtn Class]
  {DDE87865-83C5-48C4-8357-2F5B1AA84522} <C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll, (Signed) Hewlett-Packard Co.>
[PopCapLoader Object]
  {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} <C:\WINDOWS\Downloaded Program Files\popcaploader.dll, (Signed) PopCap Games>
[Microsoft Silverlight]
  {DFEAF541-F3E1-4C24-ACAC-99C30715084A} <c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll, (Signed)  Microsoft Corporation>
[]
  {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} <, >
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[JQSIEStartDetectorImpl Class]
  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[HP Smart BHO Class]
  {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} <C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll, (Signed) Hewlett-Packard Co.>
[Append to existing PDF]
  <res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[Convert link target to Adobe PDF]
  <res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[Convert link target to existing PDF]
  <res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[Convert selected links to Adobe PDF]
  <res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A>
[Convert selected links to existing PDF]
  <res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A>
[Convert selection to Adobe PDF]
  <res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[Convert selection to existing PDF]
  <res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[Convert to Adobe PDF]
  <res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[E&xport to Microsoft Excel]
  <res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000, N/A>
==================================
Running Processes
[PID: 968 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1216 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1240 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
	[C:\Program Files\SUPERAntiSpyware\SASWINLO.dll]  [SUPERAntiSpyware.com, 1, 0, 0, 1054]
	[C:\WINDOWS\system32\psqlpwd.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\homefus2.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\infql2.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\homepass.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\bio.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\qlbase.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\WINDOWS\System32\BCMLogon.dll]  [Dell Inc., 5.10.38.30]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ENU.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\Program Files\Protector Suite QL\otp.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\psqltray.dll]  [UPEK Inc., 5.8.0.3866]
[PID: 1292 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[PID: 1304 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
	[C:\WINDOWS\system32\psqlpwd.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\homefus2.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\infql2.dll]  [UPEK Inc., 5.8.0.3866]
[PID: 1508 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1568 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1612 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1740 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1800 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 280 / SYSTEM][C:\WINDOWS\System32\WLTRYSVC.EXE]  [N/A, ]
[PID: 404 / SYSTEM][C:\WINDOWS\System32\bcmwltry.exe]  [Dell Inc., 5.10.38.30]
	[C:\WINDOWS\System32\bcm1xsup.dll]  [N/A, ]
	[C:\WINDOWS\System32\bcmwlpkt.dll]  [CACE Technologies, 3, 1, 0, 27]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ENU.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\WINDOWS\System32\wltrynt.dll]  [Broadcom Corporation, 5.10.38.30]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.4053]
[PID: 412 / SYSTEM][C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe]  [Lavasoft, 8, 1, 0, 0]
	[C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll]  [N/A, ]
	[C:\Program Files\Lavasoft\Ad-Aware\Resources.dll]  [Lavasoft, 8, 1, 0, 0]
	[C:\Program Files\Lavasoft\Ad-Aware\lavalicense.dll]  [Lavasoft, 7,1,0,12]
	[C:\Program Files\Lavasoft\Ad-Aware\ceapi.dll]  [Lavasoft, 8, 1, 0, 0]
	[C:\Program Files\Lavasoft\Ad-Aware\lavamessage.dll]  [Lavasoft, 8.0]
[PID: 572 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
	[C:\WINDOWS\system32\AdobePDF.dll]  [Adobe Systems Incorporated., 8.0.0.00]
	[C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll]  [Adobe Systems Incorporated., 8.1.3.2008101400]
	[C:\WINDOWS\system32\hpz3l5ha.dll]  [Hewlett-Packard Company, 61.071.244.00]
	[C:\WINDOWS\system32\tbtmon.dll]  [TOSHIBA CORPORATION., 5, 0, 1208, 0]
	[C:\WINDOWS\system32\TosBtHcrpAPI.dll]  [TOSHIBA CORPORATION., 5, 0, 1201, 0]
	[C:\WINDOWS\system32\TosBtAPI.dll]  [TOSHIBA CORPORATION., 6.0.7y19.0]
	[C:\WINDOWS\system32\TosBdAPI.dll]  [TOSHIBA CORPORATION., 6, 0, 1203, 0]
	[C:\WINDOWS\system32\tbtmon98Language.dll]  [TOSHIBA CORPORATION., 5, 0, 1204, 0]
	[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp5ha.dll]  [Hewlett-Packard Corporation, 61.071.244.00]
[PID: 1820 / WYNSEL][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
	[C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, Inc., 17.2.56.0]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ENU.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.4053]
	[C:\Program Files\Protector Suite QL\farchns.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\infql2.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, Inc., 17.2.56.0]
	[C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll]  [Roxio, 9.1.0.47]
	[C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\DLAAPI_W.DLL]  [N/A, ]
	[C:\Program Files\Roxio\Drag-to-Disc\ShellRes.dll]  [Roxio, 9.1.0.47]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
	[C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll]  [Microsoft Corporation, 7.00.6001.18260 (vistasp1_gdr_oobsvc.090524-1500)]
	[C:\Program Files\SUPERAntiSpyware\SASSEH.DLL]  [SuperAdBlocker.com, 1, 0, 0, 1012]
	[C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll]  [Autodesk, 17.2.56.0]
	[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 9.1.0.2009022700]
	[C:\Program Files\Protector Suite QL\qlbase.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll]  [Malwarebytes Corporation, 1, 3, 0, 0]
	[C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll]  [, 1.0.0.1]
	[C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll]  [Adobe Systems Inc., 8.1.5.2007051000\0]
	[C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL]  [SUPERAntiSpyware.com, 1, 0, 0, 1004]
	[C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
	[C:\WINDOWS\system32\TosBtShell.dll]  [TOSHIBA, 1.02.12.US]
	[C:\Program Files\McAfee\Managed VirusScan\VScan\MVSShExt5.0.0.648.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\PowerISO\PWRISOSH.DLL]  [PowerISO Computing, Inc., 3, 8, 0, 0]
[PID: 852 / WYNSEL][C:\Program Files\DellTPad\Apoint.exe]  [Alps Electric Co., Ltd., 7.0.101.204]
	[C:\Program Files\DellTPad\Apoint.dll]  [Alps Electric Co., Ltd., 5.5.104.336]
	[C:\WINDOWS\system32\Vxdif.dll]  [Alps Electric Co., Ltd., 6.0.3.17]
	[C:\Program Files\DellTPad\EzAuto.dll]  [Alps Electric Co., Ltd., 5.5.1.92]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 988 / WYNSEL][C:\WINDOWS\RTHDCPL.EXE]  [Realtek Semiconductor Corp., 2.1.7.1]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 1004 / WYNSEL][C:\WINDOWS\system32\igfxtray.exe]  [Intel Corporation, 6.14.10.4926]
	[C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 6.14.10.4926]
	[C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 6.14.10.4926]
	[C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 6.14.10.4926]
	[C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 6.14.10.4926]
[PID: 1036 / WYNSEL][C:\WINDOWS\OEM13Mon.exe]  [Creative Technology Ltd., 1.00.01.00]
[PID: 1060 / WYNSEL][C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\DesktopUI\Win32RenderingEngine.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\DesktopUI\McAfeeWin32GUISupportDLL.dll]  [McAfee, Inc., 2.1.0.152]
	[C:\Program Files\McAfee\Managed VirusScan\DesktopUI\TotalLib.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\Res\0409\AgtRes_l.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\DesktopUI\FWTrayPlugin.dll]  [McAfee, Inc., 5.0.0.677]
	[C:\Program Files\McAfee\Managed VirusScan\Firewall\Res\0409\FWRes_l.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\DesktopUI\NotificationsTrayPlugin.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\myNotifications.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\McLc.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\OEMHelper.dll]  [TODO: <Company name>, 1.0.0.1]
	[C:\Program Files\McAfee\Managed VirusScan\DesktopUI\VSTrayPlugin.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\VScan\Res\0409\VSRes_l.dll]  [McAfee, Inc., 5.0.0.648]
[PID: 1068 / WYNSEL][C:\Program Files\Microsoft IntelliPoint\ipoint.exe]  [Microsoft Corporation, 6.30.192.0]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 1156 / WYNSEL][C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe]  [Microsoft Corporation, 12.0.6413.1000]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.4053]
[PID: 1152 / WYNSEL][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 1104 / WYNSEL][C:\DOCUME~1\WYNSEL\LOCALS~1\Temp\AutoDetect.exe]  [Ceedo Technologies Ltd., 4, 0, 0, 0]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 1112 / WYNSEL][C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe]  [SUPERAntiSpyware.com, 4, 32, 0, 1000]
	[C:\Program Files\SUPERAntiSpyware\deupx.dll]  [SuperAntiSpyware.com, 1, 0, 0, 2]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
	[C:\Documents and Settings\WYNSEL\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL]  [N/A, ]
	[C:\Documents and Settings\WYNSEL\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll]  [N/A, ]
	[C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll]  [Microsoft Corporation, 7.00.6001.18260 (vistasp1_gdr_oobsvc.090524-1500)]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.4053]
	[C:\Program Files\SUPERAntiSpyware\SASSEH.DLL]  [SuperAdBlocker.com, 1, 0, 0, 1012]
[PID: 2060 / WYNSEL][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe]  [TOSHIBA CORPORATION., 6.00.8215.35]
	[C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosCpsAPI.dll]  [TOSHIBA CORPORATION., 5,00,8118,0]
	[C:\WINDOWS\system32\TosBtAPI.dll]  [TOSHIBA CORPORATION., 6.0.7y19.0]
	[C:\WINDOWS\system32\TosBdAPI.dll]  [TOSHIBA CORPORATION., 6, 0, 1203, 0]
	[C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ECHelper.dll]  [TOSHIBA CORPORATION, 6, 00, 00, ALL]
	[C:\WINDOWS\system32\LCWizard.dll]  [TOSHIBA CORPORATION, 6.0.7919.ALL]
	[C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMngHelp.dll]  [TOSHIBA CORPORATION., 6.00.7x09.1]
	[C:\WINDOWS\system32\TosAvAPI.dll]  [TOSHIBA CORPORATION., 5.00.6804.0]
	[C:\WINDOWS\system32\TosBtSDDB.dll]  [TOSHIBA CORPORATION., 6, 0, 0, 0]
	[C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMngLang.dll]  [TOSHIBA CORPORATION., 5.00.6920.0]
	[C:\WINDOWS\system32\TosCommAPI.dll]  [N/A, ]
	[C:\WINDOWS\system32\TosLaneAPI.dll]  [TOSHIBA CORPORATION., 1, 0, 3, 0]
	[C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BtUsrMod.dll]  [TOSHIBA CORPORATION, 1, 01, 11, US]
	[C:\WINDOWS\system32\TosHidAPI.dll]  [TOSHIBA CORPORATION., 4, 0, 1108, 0]
	[C:\WINDOWS\system32\TosGnsAPI.dll]  [TOSHIBA CORPORATION., 5, 0, 0, 0]
	[C:\Program Files\Toshiba\Bluetooth Toshiba Stack\OemBtAcpiAPI.dll]  [TOSHIBA CORPORATION., 6, 0, 1025, 0]
	[C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtLoad.dll]  [TOSHIBA CORPORATION, 5, 10, 0, 0]
	[C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtAfh.dll]  [TOSHIBA CORPORATION, 6, 0, 0, 0]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 2224 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 2292 / WYNSEL][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe]  [TOSHIBA CORPORATION., 6.0.7x29.1]
	[C:\WINDOWS\system32\TosBtECCAPI.dll]  [TOSHIBA CORPORATION., 3.00.8204.0]
	[C:\WINDOWS\system32\TosBtAPI.dll]  [TOSHIBA CORPORATION., 6.0.7y19.0]
	[C:\WINDOWS\system32\TosBdAPI.dll]  [TOSHIBA CORPORATION., 6, 0, 1203, 0]
	[C:\WINDOWS\system32\TosAvdtAPI.dll]  [TOSHIBA CORPORATION., 6.0.8118.2]
	[C:\WINDOWS\system32\TosSndAPI.dll]  [TOSHIBA CORPORATION., 5.00.7117.0]
	[C:\WINDOWS\system32\TosSndPlug.dll]  [TOSHIBA CORPORATION., 5.00.7529.ALL]
[PID: 2340 / WYNSEL][C:\Program Files\DesktopEarth\DesktopEarth.exe]  [CodeFromThe70s.org, 2.1.1.0]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 2352 / WYNSEL][C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe]  [Stardock Corporation, 1.00.00]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.4053]
[PID: 2388 / WYNSEL][C:\Program Files\Stardock\Object Desktop\ObjectDock\ObjectDock.exe]  [Stardock, v1.90.534u]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\CrashRpt.dll]  [, 3.0.2.2]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\dbghelp.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\zlib.dll]  [, 1.1.3]
	[C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, Inc., 17.2.56.0]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ENU.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.4053]
	[C:\Program Files\Protector Suite QL\farchns.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\infql2.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\ODImg.dll]  [N/A, ]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\Docklets\Search\SearchDocklet.dll]  [N/A, ]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\Docklets\Calendar\Calendar.dll]  [N/A, ]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\Docklets\Clock\Clock.dll]  [N/A, ]
[PID: 2516 / WYNSEL][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe]  [TOSHIBA CORPORATION., 5, 0, 1004, 0]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 2520 / SYSTEM][C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe]  [McAfee, Inc., VSCORE.14.0.0.436.x86]
	[C:\Program Files\McAfee\Managed VirusScan\VScan\mytilus3_worker.dll]  [McAfee, Inc., VSCORE.14.0.0.436.x86]
	[C:\Program Files\McAfee\Managed VirusScan\VScan\mytilus3_server.dll]  [McAfee, Inc., VSCORE.14.0.0.436.x86]
	[C:\Program Files\McAfee\Managed VirusScan\VScan\RES0901\McShield.dll]  [McAfee, Inc., VSCORE.14.0.0.436]
[PID: 2580 / WYNSEL][C:\Program Files\DellTPad\ApMsgFwd.exe]  [Alps Electric Co., Ltd., 7, 0, 0, 18]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 2664 / WYNSEL][C:\Program Files\Protector Suite QL\psqltray.exe]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\infql2.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\psqltray.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
	[C:\Program Files\Protector Suite QL\qlbase.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\homefus2.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\bio.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\applaun.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\pwdbank.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\otp.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\homepass.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\farchns.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\tpmkey.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\tpminit.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\infcore.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\ntrucore.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\tsscore.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\ms2fs.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\fdhome.dll]  [UPEK Inc., 5.8.0.3866]
[PID: 2716 / WYNSEL][C:\Program Files\DellTPad\HidFind.exe]  [Alps Electric Co., Ltd., 7.0.0.26]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 2940 / WYNSEL][C:\Program Files\DellTPad\Apntex.exe]  [Alps Electric Co., Ltd., 7.0.1.27]
	[C:\WINDOWS\system32\VXDIF.DLL]  [Alps Electric Co., Ltd., 6.0.3.17]
	[C:\Program Files\DellTPad\Apoint.DLL]  [Alps Electric Co., Ltd., 5.5.104.336]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 2988 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[c:\program files\hp\digital imaging\bin\hpqddsvc.dll]  [Hewlett-Packard Co., 110.0.180.000]
	[c:\program files\hp\digital imaging\bin\hpqddcmn.dll]  [Hewlett-Packard Co., 110.0.180.000]
	[c:\program files\hp\digital imaging\bin\hpqcxs08.dll]  [Hewlett-Packard Co., 120.0.194.000]
[PID: 3304 / SYSTEM][C:\Program Files\Java\jre6\bin\jqs.exe]  [Sun Microsystems, Inc., 6.0.130.3]
	[C:\Program Files\Java\jre6\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 3332 / WYNSEL][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe]  [TOSHIBA CORPORATION., 6.00.00.80122]
	[C:\WINDOWS\system32\TosBtECCAPI.dll]  [TOSHIBA CORPORATION., 3.00.8204.0]
	[C:\WINDOWS\system32\TosBtAPI.dll]  [TOSHIBA CORPORATION., 6.0.7y19.0]
	[C:\WINDOWS\system32\TosBdAPI.dll]  [TOSHIBA CORPORATION., 6, 0, 1203, 0]
	[C:\WINDOWS\system32\LCWizard.dll]  [TOSHIBA CORPORATION, 6.0.7919.ALL]
	[C:\WINDOWS\system32\TosSndAPI.dll]  [TOSHIBA CORPORATION., 5.00.7117.0]
	[C:\WINDOWS\system32\TosSndPlug.dll]  [TOSHIBA CORPORATION., 5.00.7529.ALL]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 3512 / SYSTEM][C:\Program Files\Common Files\LightScribe\LSSrvc.exe]  [Hewlett-Packard Company, 1.4.142.1]
	[C:\Program Files\Common Files\LightScribe\LSSProxy.dll]  [Hewlett-Packard Company, 1.4.142.1]
	[C:\Program Files\Common Files\LightScribe\LSLog.dll]  [Hewlett-Packard Company, 1.4.142.1]
[PID: 3608 / WYNSEL][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe]  [TOSHIBA CORPORATION., 6.0.8109.2]
	[C:\WINDOWS\system32\TosAvctAPI.dll]  [TOSHIBA CORPORATION., 6.0.7x29.0]
	[C:\WINDOWS\system32\TosBtAPI.dll]  [TOSHIBA CORPORATION., 6.0.7y19.0]
	[C:\WINDOWS\system32\TosBdAPI.dll]  [TOSHIBA CORPORATION., 6, 0, 1203, 0]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 3716 / WYNSEL][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe]  [TOSHIBA CORPORATION., 6, 0, 0, 7817]
	[C:\WINDOWS\system32\TosBtAPI.dll]  [TOSHIBA CORPORATION., 6.0.7y19.0]
	[C:\WINDOWS\system32\TosBdAPI.dll]  [TOSHIBA CORPORATION., 6, 0, 1203, 0]
	[C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosNtfs.dll]  [TOSHIBA Corporation, 1, 4, 0, 188]
	[C:\WINDOWS\system32\LCWizard.dll]  [TOSHIBA CORPORATION, 6.0.7919.ALL]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 3968 / SYSTEM][C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe]  [McAfee, Inc., 3.0.0.479]
	[C:\Program Files\McAfee\SiteAdvisor Enterprise\sacore.dll]  [McAfee, Inc., 2.0.0.187]
	[C:\Program Files\McAfee\SiteAdvisor Enterprise\sa_store_sqlite.dll]  [McAfee, Inc., 2.0.0.187]
	[C:\Program Files\McAfee\SiteAdvisor Enterprise\sqlite3.dll]  [McAfee, Inc., 2.0.0.187]
	[C:\Program Files\McAfee\SiteAdvisor Enterprise\sa_mbl.dll]  [McAfee, Inc., 2.0.0.187]
	[C:\Program Files\McAfee\SiteAdvisor Enterprise\sa_http_win32.dll]  [McAfee, Inc., 2.0.0.187]
	[C:\Program Files\McAfee\SiteAdvisor Enterprise\sa_cache_sqlite.dll]  [McAfee, Inc., 2.0.0.187]
	[C:\Program Files\McAfee\SiteAdvisor Enterprise\saUpKeep.dll]  [McAfee, Inc., 3.0.0.479]
	[C:\Program Files\McAfee\SiteAdvisor Enterprise\SASet.dll]  [McAfee, Inc., 3.0.0.479]
	[C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACorePS.dll]  [McAfee, Inc., 3.0.0.479]
[PID: 4040 / SYSTEM][C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe]  [McAfee, Inc., VSCORE.14.0.0.436.x86]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\LockDown.dll]  [McAfee, Inc., VSCORE.14.0.0.436.x86]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\mytilus3.dll]  [McAfee, Inc., VSCORE.14.0.0.436.x86]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\mytilus3_worker.dll]  [McAfee, Inc., VSCORE.14.0.0.436.x86]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\mytilus3_server.dll]  [McAfee, Inc., VSCORE.14.0.0.436.x86]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\RES0901\McShield.dll]  [McAfee, Inc., VSCORE.14.0.0.436]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\FTL.Dll]  [McAfee, Inc., VSCORE.14.0.0.436.x86]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\naiann.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\Shared\mcscan32.dll]  [McAfee, Inc., 5.4.00]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\mfebopa.dll]  [McAfee, Inc., SYSCORE.14.0.0.351.x86]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\mfehida.dll]  [McAfee, Inc., SYSCORE.14.0.0.351.x86]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\mfeavfa.dll]  [McAfee, Inc., SYSCORE.14.0.0.351.x86]
[PID: 4064 / WYNSEL][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe]  [TOSHIBA CORPORATION., 6.00.8222.ALL]
	[C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.dll]  [TOSHIBA corporation, 1, 0, 0, 0]
	[C:\WINDOWS\system32\TosBtAPI.dll]  [TOSHIBA CORPORATION., 6.0.7y19.0]
	[C:\WINDOWS\system32\TosBdAPI.dll]  [TOSHIBA CORPORATION., 6, 0, 1203, 0]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 1996 / SYSTEM][C:\Program Files\McAfee\MPF\MPFSrv.exe]  [McAfee, Inc., 10.11.120.0]
	[c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapi.dll]  [McAfee, Inc., 10.11.100.0]
	[c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll]  [McAfee, Inc., 3,11,100,0]
[PID: 720 / SYSTEM][C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\Res\0409\AgtRes_l.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\McLc.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\Firewall\MFWss.dll]  [McAfee, Inc., 5.0.0.677]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\Res\AgtRes_g.dll]  [McAfee, Inc., 5.0.0.648]
	[c:\PROGRA~1\mcafee\mpf\mc\mpfp.dll]  [McAfee, Inc., 10.11.119.0]
	[c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll]  [McAfee, Inc., 3,11,100,0]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\myRumor.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\ODSMgr.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\SpywareMgr.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\myScnUtl.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\myOnAcc.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\OnAccAPI.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\PROGRA~1\McAfee\MANAGE~1\VScan\ASaPClnt.DLL]  [McAfee, Inc., 5.0.0.676]
	[C:\Program Files\McAfee\Managed VirusScan\BrowseProtection\TpsSaSubSys.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\MyAsUtil5.0.0.648.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\myUpload.Dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\myASI.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\Scheduler.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\PolicyMgr.dll]  [McAfee, Inc., 5.0.0.648]
	[C:\Program Files\McAfee\Managed VirusScan\Agent\OEMHelper.dll]  [TODO: <Company name>, 1.0.0.1]
[PID: 1132 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[c:\windows\system32\hpzinw12.dll]  [Hewlett-Packard, 12,1,2,54]
[PID: 2072 / SYSTEM][C:\WINDOWS\system32\DRIVERS\o2flash.exe]  [O2Micro International, 1, 0, 0, 3]
[PID: 2152 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[c:\windows\system32\hpzipm12.dll]  [Hewlett-Packard, 12,1,2,54]
[PID: 1704 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 2484 / SYSTEM][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe]  [TOSHIBA CORPORATION, 6, 0, 9, 28]
[PID: 2920 / SYSTEM][C:\WINDOWS\system32\SearchIndexer.exe]  [Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)]
[PID: 3308 / SYSTEM][C:\WINDOWS\system32\wbem\unsecapp.exe]  [(Verified) Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 4612 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 5120 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[PID: 5332 / WYNSEL][C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe]  [Lavasoft, 8, 1, 0, 0]
	[C:\Program Files\Lavasoft\Ad-Aware\Resources.dll]  [Lavasoft, 8, 1, 0, 0]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
[PID: 2640 / WYNSEL][C:\Program Files\Mozilla Firefox\firefox.exe]  [Mozilla Corporation, 1.9.1.6]
	[C:\Program Files\Mozilla Firefox\xul.dll]  [Mozilla Foundation, 1.9.1.6]
	[C:\Program Files\Mozilla Firefox\sqlite3.dll]  [sqlite.org, 3.6.16.1]
	[C:\Program Files\Mozilla Firefox\MOZCRT19.dll]  [Mozilla Foundation, 8.00.0000]
	[C:\Program Files\Mozilla Firefox\js3250.dll]  [Netscape Communications Corporation, 4.0]
	[C:\Program Files\Mozilla Firefox\nspr4.dll]  [Mozilla Foundation, 4.8.2]
	[C:\Program Files\Mozilla Firefox\smime3.dll]  [Mozilla Foundation, 3.12.4.5 Basic ECC]
	[C:\Program Files\Mozilla Firefox\nss3.dll]  [Mozilla Foundation, 3.12.4.5 Basic ECC]
	[C:\Program Files\Mozilla Firefox\nssutil3.dll]  [Mozilla Foundation, 3.12.4.5]
	[C:\Program Files\Mozilla Firefox\plc4.dll]  [Mozilla Foundation, 4.8.2]
	[C:\Program Files\Mozilla Firefox\plds4.dll]  [Mozilla Foundation, 4.8.2]
	[C:\Program Files\Mozilla Firefox\ssl3.dll]  [Mozilla Foundation, 3.12.4.5 Basic ECC]
	[C:\Program Files\Mozilla Firefox\xpcom.dll]  [Mozilla Foundation, 1.9.1.6]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
	[C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll]  [Mozilla Foundation, 1.9.1.6]
	[C:\Documents and Settings\WYNSEL\Application Data\Mozilla\Firefox\Profiles\npuonlg2.default\extensions\piclens@cooliris.com\components\cooliris.dll]  [Cooliris Inc., 1.11.5.29501]
	[C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll]  [Mozilla Foundation, 1.9.1.6]
	[C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll]  [Microsoft Corporation, 7.00.6001.18260 (vistasp1_gdr_oobsvc.090524-1500)]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.4053]
	[C:\Program Files\SUPERAntiSpyware\SASSEH.DLL]  [SuperAdBlocker.com, 1, 0, 0, 1012]
	[C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\PNRComponent.dll]  [Skype Technologies S.A., 2, 0, 0, 3928]
	[C:\Program Files\Skype\Toolbars\Shared\SkypePnr.dll]  [Skype Technologies S.A., 1, 0, 2, 3920]
	[C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll]  [Skype Technologies S.A., 1, 0, 0, 3928]
	[C:\Program Files\Mozilla Firefox\softokn3.dll]  [Mozilla Foundation, 3.12.4.5 Basic ECC]
	[C:\Program Files\Mozilla Firefox\nssdbm3.dll]  [Mozilla Foundation, 3.12.4.5 Basic ECC]
	[C:\Program Files\Mozilla Firefox\freebl3.dll]  [Mozilla Foundation, 3.12.4.5 Basic ECC]
	[C:\Program Files\Mozilla Firefox\nssckbi.dll]  [Mozilla Foundation, 1.75]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\hpXRE.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_Operation.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\UtilityLib.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\SatelliteENU.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\hpNeoLogging.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\ClipBookDBComponent.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll]  [Hewlett-Packard Co., 131.1.035898]
	[C:\Program Files\McAfee\SiteAdvisor Enterprise\components\McFFPlg.dll]  [McAfee, Inc., 3.0.0.479]
	[C:\Program Files\McAfee\SiteAdvisor Enterprise\McBrwCtl.dll]  [McAfee, Inc., 3.0.0.479]
	[C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACorePS.dll]  [McAfee, Inc., 3.0.0.479]
	[C:\Program Files\McAfee\SiteAdvisor Enterprise\nagshr32.dll]  [McAfee, Inc., 4.5.0.1148]
	[C:\WINDOWS\system32\icm32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
	[C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, Inc., 17.2.56.0]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ENU.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\Program Files\Protector Suite QL\farchns.dll]  [UPEK Inc., 5.8.0.3866]
	[C:\Program Files\Protector Suite QL\infql2.dll]  [UPEK Inc., 5.8.0.3866]
[PID: 5236 / WYNSEL][C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe]  [Hewlett-Packard Co., 131.1.035898]
[PID: 5368 / WYNSEL][C:\Documents and Settings\WYNSEL\Desktop\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.1.1279]
[PID: 5696 / WYNSEL][C:\Documents and Settings\WYNSEL\Desktop\sreng2\SRE93195191.EXE]  [Smallfrogs Studio, 2.8.1.1279]
	[C:\Program Files\Stardock\Object Desktop\ObjectDock\DockShellHook.dll]  [N/A, ]
	[C:\Documents and Settings\WYNSEL\Desktop\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  Error. [AutoCADScriptFile]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================

==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 404, C:\WINDOWS\SYSTEM32\BCMWLTRY.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2292, C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSA2DP.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2340, C:\PROGRAM FILES\DESKTOPEARTH\DESKTOPEARTH.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2352, C:\PROGRAM FILES\STARDOCK\IMPULSE\NOW\IMPULSENOW.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2516, C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTHID.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3716, C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSOBEX.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 4064, C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTPROC.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 5368, C:\DOCUMENTS AND SETTINGS\WYNSEL\DESKTOP\SRENG2\SRENGLDR.EXE]

==================================
Scheduled Tasks
[Enabled] Ad-Aware Update (Weekly).job
		C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe 
[Enabled] Ad-Aware Update (Daily 4).job
		C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe 
[Enabled] Ad-Aware Update (Daily 3).job
		C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe 
[Enabled] Ad-Aware Update (Daily 2).job
		C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe 
[Enabled] Ad-Aware Update (Daily 1).job
		C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe 
[Enabled] OGALogon.job
		C:\WINDOWS\system32\OGAEXEC.exe 
[Enabled] GoogleUpdateTaskMachineUA.job
		C:\Program Files\Google\Update\GoogleUpdate.exe 
[Enabled] GoogleUpdateTaskMachineCore.job
		C:\Program Files\Google\Update\GoogleUpdate.exe 

==================================
Windows Security Update Check
N/A

==================================
API HOOK
N/A

==================================
Hidden Process
	[4980] C:\WINDOWS\system32\wuauclt.exe

==================================

Hope its not too much for one post. Thanks.
cemaswr.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:37 AM

Posted 28 December 2009 - 12:25 PM

Hello. i am removing the Malware scan posts as you are clean.. i am moving this to the XP forum so those brains there can help you do the file repair..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 cemaswr

cemaswr
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:37 AM

Posted 28 December 2009 - 04:10 PM

Okay, thanks for your help.

#6 hamluis

hamluis

    Moderator


  • Moderator
  • 55,247 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:37 AM

Posted 28 December 2009 - 05:50 PM

<<I'm not sure what the problem (or even if there really is a problem).>>

I guess that I don't see a problem...tell me what I'm missing.

Louis

#7 cemaswr

cemaswr
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:37 AM

Posted 28 December 2009 - 09:32 PM

Hello Louis,

The problem is to do with my McAfee Total Protection Service. Every five minutes (or sometimes less) I get a pop up message from McAfee similar to this one:

"File deleted - svchost.exe
Generic.dx!jfw
C:\WINDOWS\TEMP\pucr.tmp\svchost.exe"

The part of the file name in bold changes for each message. I'm not sure what is causing it, but I use antivirus and antimalware regularly and the scans are not detecting any problems. Even though it may not be a virus or malware that causes the pop-ups, they are still very annoying and I'm hoping we can find a solution.

Thanks for your help.
cemaswr

#8 hamluis

hamluis

    Moderator


  • Moderator
  • 55,247 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:37 AM

Posted 28 December 2009 - 09:38 PM

The solution...IMO...would be to read the instructions for using your McAfee product...and determine if this is designed behavior.

If it is, then you need to understand that and review the configuration options for that product.

If not, then I suggest uninstalling your McAfee product...reinstalling it and updating it...then running a system scan.

Louis

#9 cemaswr

cemaswr
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:37 AM

Posted 29 December 2009 - 07:51 AM

Thanks Louis,

I will try what you suggested.

cemaswr.

#10 cemaswr

cemaswr
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:37 AM

Posted 30 December 2009 - 08:04 AM

Hello again Louis,

I'm still having some problems that I need help with. I updated McAfee yesterday and since then the status has said "On access scan is currently disabled". I clicked the "fix" button but it immediately goes back to the same status. Now today, the "fix" button is grayed out and cannot be clicked.

I downloaded Avira AntiVir, because I don't want to be without virus protection. Now I am getting the same type of messages with AntiVir as I got with McAfee. A message pops up every few minutes saying:

"A virus or unwanted program was found

C:\WINDOWS\TEMP\etpw.tmp\svchost.exe
Is the TR/Agent.defg Trojan"

and gives me the option of deleting, denying access, moving to quarantine etc. I have attached a pic of the message.

Is this some type of malware or virus? and how can this be fixed?
Thanks for any help you can give.
cemaswr.

Attached Files



#11 cemaswr

cemaswr
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:37 AM

Posted 30 December 2009 - 11:14 AM

Hi Louis,

I really think I'm infected because my Avira AntiVir guard has now been disabled. I did not disable it and nothing I try is re-enabling it.

Thanks,
cemaswr.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:37 AM

Posted 30 December 2009 - 11:19 AM

Hello are you running both McAfee and Avira antivirus'?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 hamluis

hamluis

    Moderator


  • Moderator
  • 55,247 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:37 AM

Posted 30 December 2009 - 11:38 AM

FWIW: I use Avira. The only time that I ever get a prompt such as the one you posted...is when I visit a website that makes an intrusion attempt. I simply click the "deny access" option and move on.

As Boopme pointed out...running two AV programs at once...can result in unexpected behavior.

Louis

#14 cemaswr

cemaswr
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:37 AM

Posted 30 December 2009 - 12:48 PM

Hi Boopme and Louis,

I am using Avira, I installed it when McAfee said "on access scan is currently disabled" since I didn't know whether McAfee was working or not. I will uninstall Avira and continue with McAfee. I'll post to let you know what happens after that.

Avira did detect problems though, when I ran it this morning. Should I post the logs or just uninstall and wait for your instructions from there.

Thanks,
cemaswr.

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:37 AM

Posted 30 December 2009 - 12:55 PM

OK. well I personnally prefer Avira also and use it.. I will take this topic back to Am I Infected as we will be needing further investigation. Yes post the AVira log.thanks for looking at this LOuis.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users