Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Vista desktop icons disappear, program won't work [Solved]

Started by thillman , Jan 18 2009 11:16 AM

This topic is locked

#1
thillman

Posted 18 January 2009 - 11:16 AM

Member

Member
37 posts

I bought my husband a new laptop for christmas, and this is ou first computer with Windows Vista. Recently, anytime he starts up the computer, the desktop icons flash on briefly, then disappear. The clock and picture on the right is there, and the taskbar also shows up. Some forums I've read say this is caused by a virus, although we've ran several antivirus scans and found nothing. Other forums say it's just a glitch in Vista. There is also one game that my husband loaded on the computer that will now not load at all. Please help. here is our hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:09:28 PM, on 1/18/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Direct Console\DCHelper.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Users\Louis\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [ATKMEDIA] "C:\Program Files (x86)\ASUS\ATK Media\DMEDIA.EXE"
O4 - HKLM\..\Run: [DirectConsole2] C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebo...toUploader5.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.s...abs/tgctlsr.cab
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9871 bytes

#2
handhfan

Posted 24 January 2009 - 09:35 PM

Trusted Helper

Expert
13,659 posts

Hello, thillman, and welcome to GeeksToGo! Sorry for the delay in reply, the forums have been busy.

Download OTListIt2 to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Under the Standard Registry box change it to All.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

The log for OTListIt2 will be very long and may not fit in one post. Please make sure that it didn't get cut off, and feel free to post the rest of it in a separate reply.

#3
thillman

Posted 27 January 2009 - 07:03 PM

Member

Topic Starter
Member
37 posts

I did the scan using OTListIt2 and here is the OTListIt.txt. I don't have Extras.txt because I can't find it or it isn't there.
thanks in advance

OTListIt logfile created on: 1/27/2009 7:52:39 PM - Run 2
OTListIt2 by OldTimer - Version 1.0.4.1 Folder = C:\Users\Louis\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.51 Gb Available Physical Memory | 62.88% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 91.78 Gb Free Space | 61.58% Space Free | Partition Type: NTFS
Drive D: | 138.31 Gb Total Space | 138.28 Gb Free Space | 99.98% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LOUIS-PC
Current User Name: Louis
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe ()
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
C:\Program Files (x86)\Common Files\Symantec Shared\CCSVCHST.EXE (Symantec Corporation)
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
C:\Program Files (x86)\ASUS\Direct Console\DCHelper.exe (ASUSTek.)
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe (ASUS)
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe ()
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
C:\Program Files (x86)\Common Files\Symantec Shared\CCSVCHST.EXE (Symantec Corporation)
C:\Program Files\ATKOSD2\ATKOSD2.exe ()
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe (ASUSTek.)
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe ()
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe ()
C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
C:\Program Files (x86)\Internet Explorer\ieuser.exe (Microsoft Corporation)
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10a.exe (Adobe Systems, Inc.)
C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
C:\Users\Louis\Desktop\OTListIt2.exe (OldTimer Tools)

========== (O23) Win32 Services (SafeList) ==========

(ADSMService [Auto | Running]) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
(AeLookupSvc [Auto | Running]) -- C:\Windows\sysnative\aelupsvc.dll ()
(ALG [On_Demand | Stopped]) -- C:\Windows\sysnative\alg.exe ()
(Appinfo [On_Demand | Running]) -- C:\Windows\sysnative\appinfo.dll ()
(ASLDRService [Auto | Running]) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe ()
(aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
(ATKGFNEXSrv [Auto | Running]) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
(AudioEndpointBuilder [Auto | Running]) -- C:\Windows\sysnative\Audiosrv.dll ()
(AudioSrv [Auto | Running]) -- C:\Windows\sysnative\Audiosrv.dll ()
(Automatic LiveUpdate Scheduler [Auto | Running]) -- C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
(avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
(avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
(avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
(BFE [Auto | Running]) -- C:\Windows\sysnative\bfe.dll ()
(BITS [Auto | Running]) -- C:\Windows\sysnative\qmgr.dll ()
(Browser [Auto | Running]) -- C:\Windows\sysnative\browser.dll ()
(BthServ [Auto | Running]) -- C:\Windows\sysnative\bthserv.dll ()
(ccEvtMgr [Auto | Running]) -- C:\Program Files (x86)\Common Files\Symantec Shared\CCSVCHST.EXE (Symantec Corporation)
(ccSetMgr [Auto | Running]) -- C:\Program Files (x86)\Common Files\Symantec Shared\CCSVCHST.EXE (Symantec Corporation)
(CertPropSvc [Unknown | Stopped]) -- C:\Windows\sysnative\certprop.dll ()
(clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
(clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
(CLTNetCnService [Auto | Running]) -- C:\Program Files (x86)\Common Files\Symantec Shared\CCSVCHST.EXE (Symantec Corporation)
(comHost [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation)
(DcomLaunch [Unknown | Running]) -- C:\Windows\sysnative\rpcss.dll ()
(DFSR [On_Demand | Stopped]) -- C:\Windows\sysnative\DFSR.exe ()
(Dnscache [Auto | Running]) -- C:\Windows\sysnative\dnsrslvr.dll ()
(dot3svc [On_Demand | Stopped]) -- C:\Windows\sysnative\dot3svc.dll ()
(DPS [Unknown | Running]) -- C:\Windows\sysnative\dps.dll ()
(EapHost [On_Demand | Running]) -- C:\Windows\sysnative\eapsvc.dll ()
(ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehrecvr.exe (Microsoft Corporation)
(ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
(ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
(EMDMgmt [Auto | Running]) -- C:\Windows\sysnative\emdmgmt.dll ()
(fdPHost [On_Demand | Running]) -- C:\Windows\sysnative\fdPHost.dll ()
(FDResPub [Auto | Running]) -- C:\Windows\sysnative\fdrespub.dll ()
(FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
(gpsvc [Unknown | Running]) -- C:\Windows\sysnative\gpsvc.dll ()
(gusvc [On_Demand | Stopped]) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
(hkmsvc [On_Demand | Stopped]) -- C:\Windows\sysnative\kmsvc.dll ()
(idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
(IKEEXT [Auto | Running]) -- C:\Windows\sysnative\ikeext.dll ()
(IPBusEnum [On_Demand | Stopped]) -- C:\Windows\sysnative\ipbusenum.dll ()
(iphlpsvc [Auto | Running]) -- C:\Windows\sysnative\iphlpsvc.dll ()
(KeyIso [On_Demand | Running]) -- C:\Windows\sysnative\lsass.exe ()
(KtmRm [Auto | Running]) -- C:\Windows\sysnative\msdtckrm.dll ()
(LanmanServer [Auto | Running]) -- C:\Windows\sysnative\srvsvc.dll ()
(LanmanWorkstation [Auto | Running]) -- C:\Windows\sysnative\wkssvc.dll ()
(LightScribeService [Auto | Running]) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
(LiveUpdate [On_Demand | Stopped]) -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation)
(LiveUpdate Notice [Auto | Running]) -- C:\Program Files (x86)\Common Files\Symantec Shared\CCSVCHST.EXE (Symantec Corporation)
(lltdsvc [On_Demand | Stopped]) -- C:\Windows\sysnative\lltdsvc.dll ()
(lmhosts [Auto | Running]) -- C:\Windows\sysnative\lmhsvc.dll ()
(Mcx2Svc [Disabled | Stopped]) -- C:\Windows\sysnative\Mcx2Svc.dll ()
(MMCSS [Auto | Running]) -- C:\Windows\sysnative\mmcss.dll ()
(MpsSvc [Auto | Running]) -- C:\Windows\sysnative\mpssvc.dll ()
(MSDTC [Unknown | Stopped]) -- C:\Windows\sysnative\msdtc.exe ()
(MSiSCSI [On_Demand | Stopped]) -- C:\Windows\sysnative\iscsiexe.dll ()
(MSSQL$MSSMLBIZ [Auto | Running]) -- C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
(MSSQLServerADHelper [Disabled | Stopped]) -- C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
(napagent [On_Demand | Stopped]) -- C:\Windows\sysnative\qagentRT.dll ()
(Netlogon [On_Demand | Stopped]) -- C:\Windows\sysnative\lsass.exe ()
(Netman [On_Demand | Running]) -- C:\Windows\sysnative\netman.dll ()
(netprofm [Auto | Running]) -- C:\Windows\System32\netprofm.dll (Microsoft Corporation)
(NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
(NlaSvc [Auto | Running]) -- C:\Windows\sysnative\nlasvc.dll ()
(nsi [Auto | Running]) -- C:\Windows\sysnative\nsisvc.dll ()
(nvsvc [Auto | Running]) -- C:\Windows\sysnative\nvvsvc.exe ()
(odserv [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
(ose [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
(p2pimsvc [On_Demand | Stopped]) -- C:\Windows\System32\p2psvc.dll (Microsoft Corporation)
(p2psvc [On_Demand | Stopped]) -- C:\Windows\System32\p2psvc.dll (Microsoft Corporation)
(PcaSvc [Auto | Running]) -- C:\Windows\sysnative\pcasvc.dll ()
(PerfHost [On_Demand | Stopped]) -- C:\Windows\SysWOW64\perfhost.exe (Microsoft Corporation)
(pla [On_Demand | Stopped]) -- C:\Windows\System32\pla.dll (Microsoft Corporation)
(PlugPlay [Auto | Running]) -- C:\Windows\sysnative\umpnpmgr.dll ()
(PNRPAutoReg [On_Demand | Stopped]) -- C:\Windows\System32\p2psvc.dll (Microsoft Corporation)
(PNRPsvc [On_Demand | Stopped]) -- C:\Windows\System32\p2psvc.dll (Microsoft Corporation)
(PolicyAgent [Auto | Running]) -- C:\Windows\sysnative\ipsecsvc.dll ()
(ProfSvc [Auto | Running]) -- C:\Windows\sysnative\profsvc.dll ()
(ProtectedStorage [On_Demand | Running]) -- C:\Windows\sysnative\lsass.exe ()
(QWAVE [On_Demand | Stopped]) -- C:\Windows\System32\qwave.dll (Microsoft Corporation)
(RasAuto [On_Demand | Stopped]) -- C:\Windows\sysnative\rasauto.dll ()
(RasMan [On_Demand | Running]) -- C:\Windows\sysnative\rasmans.dll ()
(RemoteRegistry [On_Demand | Stopped]) -- C:\Windows\sysnative\regsvc.dll ()
(RpcLocator [On_Demand | Stopped]) -- C:\Windows\sysnative\locator.exe ()
(RpcSs [Unknown | Running]) -- C:\Windows\sysnative\rpcss.dll ()
(SamSs [Auto | Running]) -- C:\Windows\sysnative\lsass.exe ()
(SCardSvr [Unknown | Stopped]) -- C:\Windows\System32\SCardSvr.dll (Microsoft Corporation)
(Schedule [Unknown | Running]) -- C:\Windows\sysnative\schedsvc.dll ()
(SCPolicySvc [Unknown | Stopped]) -- C:\Windows\sysnative\certprop.dll ()
(SDRSVC [On_Demand | Stopped]) -- C:\Windows\sysnative\SDRSVC.dll ()
(seclogon [Auto | Running]) -- C:\Windows\sysnative\seclogon.dll ()
(SessionEnv [On_Demand | Stopped]) -- C:\Windows\System32\SessEnv.dll (Microsoft Corporation)
(SharedAccess [Disabled | Stopped]) -- C:\Windows\sysnative\ipnathlp.dll ()
(slsvc [Auto | Running]) -- C:\Windows\sysnative\SLsvc.exe ()
(SLUINotify [On_Demand | Stopped]) -- C:\Windows\sysnative\SLUINotify.dll ()
(SNMPTRAP [On_Demand | Stopped]) -- C:\Windows\sysnative\snmptrap.exe ()
(spmgr [Auto | Running]) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
(Spooler [Auto | Running]) -- C:\Windows\sysnative\spoolsv.exe ()
(SQLBrowser [Disabled | Stopped]) -- C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
(SQLWriter [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
(SSDPSRV [On_Demand | Running]) -- C:\Windows\sysnative\ssdpsrv.dll ()
(SstpSvc [On_Demand | Running]) -- C:\Windows\sysnative\sstpsvc.dll ()
(Steam Client Service [On_Demand | Running]) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
(stisvc [Auto | Running]) -- C:\Windows\sysnative\wiaservc.dll ()
(swprv [On_Demand | Stopped]) -- C:\Windows\sysnative\swprv.dll ()
(Symantec Core LC [On_Demand | Running]) -- C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
(SysMain [Auto | Running]) -- C:\Windows\sysnative\sysmain.dll ()
(TabletInputService [Auto | Running]) -- C:\Windows\sysnative\TabSvc.dll ()
(TBS [Auto | Stopped]) -- C:\Windows\sysnative\tbssvc.dll ()
(TermService [Auto | Running]) -- C:\Windows\sysnative\termsrv.dll ()
(THREADORDER [On_Demand | Stopped]) -- C:\Windows\sysnative\mmcss.dll ()
(TrkWks [Auto | Running]) -- C:\Windows\sysnative\trkwks.dll ()
(TrustedInstaller [Unknown | Stopped]) -- C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation)
(UI0Detect [On_Demand | Stopped]) -- C:\Windows\sysnative\UI0Detect.exe ()
(UxSms [Auto | Running]) -- C:\Windows\sysnative\uxsms.dll ()
(vds [On_Demand | Stopped]) -- C:\Windows\sysnative\vds.exe ()
(VSS [On_Demand | Stopped]) -- C:\Windows\sysnative\vssvc.exe ()
(W32Time [Auto | Running]) -- C:\Windows\sysnative\w32time.dll ()
(wcncsvc [On_Demand | Stopped]) -- C:\Windows\System32\wcncsvc.dll (Microsoft Corporation)
(WcsPlugInService [On_Demand | Stopped]) -- C:\Windows\System32\WcsPlugInService.dll (Microsoft Corporation)
(WdiServiceHost [Unknown | Stopped]) -- C:\Windows\System32\wdi.dll (Microsoft Corporation)
(WdiSystemHost [Unknown | Running]) -- C:\Windows\System32\wdi.dll (Microsoft Corporation)
(Wecsvc [On_Demand | Stopped]) -- C:\Windows\sysnative\wecsvc.dll ()
(wercplsupport [On_Demand | Stopped]) -- C:\Windows\sysnative\wercplsupport.dll ()
(WerSvc [Auto | Running]) -- C:\Windows\sysnative\WerSvc.dll ()
(WinHttpAutoProxySvc [On_Demand | Running]) -- C:\Windows\System32\winhttp.dll (Microsoft Corporation)
(Winmgmt [Auto | Running]) -- C:\Windows\sysnative\wbem\WMIsvc.dll ()
(WinRM [On_Demand | Stopped]) -- C:\Windows\System32\WsmSvc.dll (Microsoft Corporation)
(Wlansvc [Auto | Running]) -- C:\Windows\sysnative\wlansvc.dll ()
(wmiApSrv [On_Demand | Stopped]) -- C:\Windows\sysnative\wbem\WmiApSrv.exe ()
(WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
(WPCSvc [On_Demand | Stopped]) -- C:\Windows\System32\wpcsvc.dll (Microsoft Corporation)
(WPDBusEnum [Auto | Running]) -- C:\Windows\sysnative\wpdbusenum.dll ()
(wscsvc [Auto | Running]) -- C:\Windows\sysnative\wscsvc.dll ()
(WSearch [Auto | Running]) -- C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
(wuauserv [Auto | Running]) -- C:\Windows\sysnative\wuaueng.dll ()
(wudfsvc [Auto | Running]) -- C:\Windows\sysnative\WUDFSvc.dll ()
(ZuneNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
(ZuneWlanCfgSvc [On_Demand | Stopped]) -- C:\Windows\sysnative\ZuneWlanCfgSvc.exe ()

========== Driver Services (SafeList) ==========

(ACPI [Boot | Running]) -- C:\Windows\sysnative\drivers\acpi.sys ()
(adp94xx [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\adp94xx.sys ()
(adpahci [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\adpahci.sys ()
(adpu160m [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\adpu160m.sys ()
(adpu320 [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\adpu320.sys ()
(AFD [System | Running]) -- C:\Windows\sysnative\drivers\afd.sys ()
(agp440 [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\agp440.sys ()
(aic78xx [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\djsvs.sys ()
(aliide [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\aliide.sys ()
(amdide [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\amdide.sys ()
(AmdK8 [Disabled | Stopped]) -- C:\Windows\sysnative\DRIVERS\amdk8.sys ()
(arc [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\arc.sys ()
(arcsas [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\arcsas.sys ()
(AsDsm [Boot | Running]) -- C:\Windows\sysnative\drivers\AsDsm.sys ()
(ASMMAP64 [Auto | Running]) -- C:\Program Files\ATKGFNEX\ASMMAP64.sys ()
(aswFsBlk [Auto | Running]) -- C:\Windows\sysnative\DRIVERS\aswFsBlk.sys ()
(aswMonFlt [Auto | Running]) -- C:\Windows\sysnative\DRIVERS\aswMonFlt.sys ()
(aswRdr [System | Running]) -- C:\Windows\sysnative\drivers\aswRdr.sys ()
(aswSP [System | Running]) -- C:\Windows\sysnative\drivers\aswSP.sys ()
(aswTdi [System | Running]) -- C:\Windows\sysnative\drivers\aswTdi.sys ()
(AsyncMac [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\asyncmac.sys ()
(atapi [Boot | Running]) -- C:\Windows\sysnative\drivers\atapi.sys ()
(blbdrive [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\blbdrive.sys ()
(bowser [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\bowser.sys ()
(BrFiltLo [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\brfiltlo.sys ()
(BrFiltUp [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\brfiltup.sys ()
(Brserid [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\brserid.sys ()
(BrSerWdm [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\brserwdm.sys ()
(BrUsbMdm [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\brusbmdm.sys ()
(BrUsbSer [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\brusbser.sys ()
(BthEnum [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\BthEnum.sys ()
(BTHMODEM [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\bthmodem.sys ()
(BthPan [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\bthpan.sys ()
(BTHPORT [On_Demand | Stopped]) -- C:\Windows\sysnative\Drivers\BTHport.sys ()
(BTHUSB [On_Demand | Stopped]) -- C:\Windows\sysnative\Drivers\BTHUSB.sys ()
(cdfs [Disabled | Running]) -- C:\Windows\sysnative\DRIVERS\cdfs.sys ()
(cdrom [System | Running]) -- C:\Windows\sysnative\DRIVERS\cdrom.sys ()
(circlass [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\circlass.sys ()
(CLFS [Unknown | Running]) -- C:\Windows\sysnative\CLFS.sys ()
(CmBatt [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\CmBatt.sys ()
(cmdide [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\cmdide.sys ()
(COH_Mon [On_Demand | Stopped]) -- C:\Windows\sysnative\Drivers\COH_Mon.sys ()
(Compbatt [Boot | Running]) -- C:\Windows\sysnative\DRIVERS\compbatt.sys ()
(crcdisk [Boot | Running]) -- C:\Windows\sysnative\drivers\crcdisk.sys ()
(DfsC [System | Running]) -- C:\Windows\sysnative\Drivers\dfsc.sys ()
(disk [Boot | Running]) -- C:\Windows\sysnative\drivers\disk.sys ()
(drmkaud [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\drmkaud.sys ()
(DXGKrnl [On_Demand | Running]) -- C:\Windows\sysnative\drivers\dxgkrnl.sys ()
(E1G60 [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\E1G6032E.sys ()
(Ecache [Boot | Running]) -- C:\Windows\sysnative\drivers\ecache.sys ()
(eeCtrl [System | Running]) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
(elxstor [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\elxstor.sys ()
(EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
(ErrDev [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\errdev.sys ()
(exfat [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\exfat.sys ()
(fastfat [On_Demand | Running]) -- C:\Windows\sysnative\drivers\fastfat.sys ()
(fdc [Disabled | Stopped]) -- C:\Windows\sysnative\DRIVERS\fdc.sys ()
(FileInfo [Boot | Running]) -- C:\Windows\sysnative\drivers\fileinfo.sys ()
(Filetrace [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\filetrace.sys ()
(flpydisk [Disabled | Stopped]) -- C:\Windows\sysnative\DRIVERS\flpydisk.sys ()
(FltMgr [Boot | Running]) -- C:\Windows\sysnative\drivers\fltmgr.sys ()
(gagp30kx [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\gagp30kx.sys ()
(ghaio [Auto | Running]) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
(HdAudAddService [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\HdAudio.sys ()
(HDAudBus [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\HDAudBus.sys ()
(HidBth [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\hidbth.sys ()
(HidIr [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\hidir.sys ()
(HidUsb [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\hidusb.sys ()
(HpCISSs [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\hpcisss.sys ()
(HTTP [On_Demand | Running]) -- C:\Windows\sysnative\drivers\HTTP.sys ()
(i2omp [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\i2omp.sys ()
(i8042prt [System | Running]) -- C:\Windows\sysnative\DRIVERS\i8042prt.sys ()
(iaStor [Boot | Running]) -- C:\Windows\sysnative\DRIVERS\iaStor.sys ()
(iaStorV [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\iastorv.sys ()
(IDSvia64 [System | Running]) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20090120.002\IDSvia64.sys (Symantec Corporation)
(iirsp [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\iirsp.sys ()
(IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\sysnative\drivers\RTKVHD64.sys ()
(intelide [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\intelide.sys ()
(intelppm [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\intelppm.sys ()
(IpFilterDriver [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\ipfltdrv.sys ()
(IPMIDRV [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\ipmidrv.sys ()
(IPNAT [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\ipnat.sys ()
(IRENUM [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\irenum.sys ()
(isapnp [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\isapnp.sys ()
(iScsiPrt [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\msiscsi.sys ()
(iteatapi [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\iteatapi.sys ()
(itecir [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\itecir.sys ()
(iteraid [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\iteraid.sys ()
(kbdclass [System | Running]) -- C:\Windows\sysnative\DRIVERS\kbdclass.sys ()
(kbdhid [System | Running]) -- C:\Windows\sysnative\DRIVERS\kbdhid.sys ()
(kbfiltr [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\kbfiltr.sys ()
(KSecDD [Boot | Running]) -- C:\Windows\sysnative\Drivers\ksecdd.sys ()
(ksthunk [On_Demand | Running]) -- C:\Windows\sysnative\drivers\ksthunk.sys ()
(lltdio [Auto | Running]) -- C:\Windows\sysnative\DRIVERS\lltdio.sys ()
(LSI_FC [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\lsi_fc.sys ()
(LSI_SAS [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\lsi_sas.sys ()
(LSI_SCSI [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\lsi_scsi.sys ()
(luafv [Auto | Running]) -- C:\Windows\sysnative\drivers\luafv.sys ()
(lullaby [Boot | Running]) -- C:\Windows\sysnative\DRIVERS\lullaby.sys ()
(megasas [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\megasas.sys ()
(MegaSR [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\megasr.sys ()
(Modem [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\modem.sys ()
(monitor [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\monitor.sys ()
(mouclass [System | Running]) -- C:\Windows\sysnative\DRIVERS\mouclass.sys ()
(mouhid [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\mouhid.sys ()
(MountMgr [Boot | Running]) -- C:\Windows\sysnative\drivers\mountmgr.sys ()
(mpio [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\mpio.sys ()
(mpsdrv [On_Demand | Running]) -- C:\Windows\sysnative\drivers\mpsdrv.sys ()
(Mraid35x [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\mraid35x.sys ()
(MRxDAV [On_Demand | Running]) -- C:\Windows\sysnative\drivers\mrxdav.sys ()
(mrxsmb [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\mrxsmb.sys ()
(mrxsmb10 [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\mrxsmb10.sys ()
(mrxsmb20 [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\mrxsmb20.sys ()
(msahci [Boot | Running]) -- C:\Windows\sysnative\drivers\msahci.sys ()
(msdsm [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\msdsm.sys ()
(Msfs [System | Running]) -- C:\Windows\sysnative\drivers\msfs.sys ()
(msisadrv [Boot | Running]) -- C:\Windows\sysnative\drivers\msisadrv.sys ()
(MSKSSRV [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\MSKSSRV.sys ()
(MSPCLOCK [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\MSPCLOCK.sys ()
(MSPQM [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\MSPQM.sys ()
(MsRPC [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\msrpc.sys ()
(mssmbios [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\mssmbios.sys ()
(MSTEE [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\MSTEE.sys ()
(MTsensor [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\ATK64AMD.sys ()
(Mup [Boot | Running]) -- C:\Windows\sysnative\Drivers\mup.sys ()
(NativeWifiP [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\nwifi.sys ()
(NAVENG [On_Demand | Running]) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090125.023\ENG64.SYS (Symantec Corporation)
(NAVEX15 [On_Demand | Running]) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090125.023\EX64.SYS (Symantec Corporation)
(NDIS [Boot | Running]) -- C:\Windows\sysnative\drivers\ndis.sys ()
(NdisTapi [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\ndistapi.sys ()
(Ndisuio [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\ndisuio.sys ()
(NdisWan [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\ndiswan.sys ()
(NDProxy [On_Demand | Running]) -- C:\Windows\sysnative\drivers\ndproxy.sys ()
(NetBIOS [System | Running]) -- C:\Windows\sysnative\DRIVERS\netbios.sys ()
(netbt [System | Running]) -- C:\Windows\sysnative\DRIVERS\netbt.sys ()
(NETw5v64 [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\NETw5v64.sys ()
(nfrd960 [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\nfrd960.sys ()
(Npfs [System | Running]) -- C:\Windows\sysnative\drivers\npfs.sys ()
(nsiproxy [System | Running]) -- C:\Windows\sysnative\drivers\nsiproxy.sys ()
(Ntfs [On_Demand | Running]) -- C:\Windows\sysnative\drivers\ntfs.sys ()
(Null [System | Running]) -- C:\Windows\sysnative\drivers\null.sys ()
(NVHDA [On_Demand | Running]) -- C:\Windows\sysnative\drivers\nvhda64v.sys ()
(nvlddmkm [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\nvlddmkm.sys ()
(nvraid [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\nvraid.sys ()
(nvstor [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\nvstor.sys ()
(nv_agp [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\nv_agp.sys ()
(ohci1394 [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\ohci1394.sys ()
(Parport [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\parport.sys ()
(partmgr [Boot | Running]) -- C:\Windows\sysnative\drivers\partmgr.sys ()
(pci [Boot | Running]) -- C:\Windows\sysnative\drivers\pci.sys ()
(pciide [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\pciide.sys ()
(pcmcia [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\pcmcia.sys ()
(PEAUTH [Auto | Running]) -- C:\Windows\sysnative\drivers\peauth.sys ()
(PptpMiniport [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\raspptp.sys ()
(Processor [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\processr.sys ()
(PSched [System | Running]) -- C:\Windows\sysnative\DRIVERS\pacer.sys ()
(ql2300 [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\ql2300.sys ()
(ql40xx [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\ql40xx.sys ()
(QWAVEdrv [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\qwavedrv.sys ()
(RasAcd [System | Running]) -- C:\Windows\sysnative\DRIVERS\rasacd.sys ()
(Rasl2tp [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\rasl2tp.sys ()
(RasPppoe [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\raspppoe.sys ()
(RasSstp [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\rassstp.sys ()
(rdbss [System | Running]) -- C:\Windows\sysnative\DRIVERS\rdbss.sys ()
(RDPCDD [System | Running]) -- C:\Windows\sysnative\DRIVERS\RDPCDD.sys ()
(rdpdr [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\rdpdr.sys ()
(RDPENCDD [System | Running]) -- C:\Windows\sysnative\drivers\rdpencdd.sys ()
(RDPWD [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\rdpwd.sys ()
(RFCOMM [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\rfcomm.sys ()
(rimmptsk [Auto | Running]) -- C:\Windows\sysnative\DRIVERS\rimmpx64.sys ()
(rimsptsk [Auto | Running]) -- C:\Windows\sysnative\DRIVERS\rimspx64.sys ()
(rismxdp [Auto | Running]) -- C:\Windows\sysnative\DRIVERS\rixdpx64.sys ()
(rspndr [Auto | Running]) -- C:\Windows\sysnative\DRIVERS\rspndr.sys ()
(RTL8169 [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\Rtlh64.sys ()
(SASDIFSV [System | Stopped]) -- C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASENUM [On_Demand | Stopped]) -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASKUTIL [System | Stopped]) -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(sbp2port [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\sbp2port.sys ()
(sdbus [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\sdbus.sys ()
(secdrv [Auto | Running]) -- C:\Windows\sysnative\drivers\secdrv.sys ()
(Serenum [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\serenum.sys ()
(Serial [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\serial.sys ()
(sermouse [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\sermouse.sys ()
(sffdisk [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\sffdisk.sys ()
(sffp_mmc [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\sffp_mmc.sys ()
(sffp_sd [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\sffp_sd.sys ()
(sfloppy [Disabled | Stopped]) -- C:\Windows\sysnative\DRIVERS\sfloppy.sys ()
(SiSRaid2 [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\sisraid2.sys ()
(SiSRaid4 [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\sisraid4.sys ()
(Smb [System | Running]) -- C:\Windows\sysnative\DRIVERS\smb.sys ()
(SNP2UVC [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\snp2uvc.sys ()
(spldr [Boot | Running]) -- C:\Windows\sysnative\drivers\spldr.sys ()
(SRTSP [On_Demand | Running]) -- C:\Windows\sysnative\Drivers\SRTSP64.SYS ()
(SRTSPL [On_Demand | Stopped]) -- C:\Windows\sysnative\Drivers\SRTSPL64.SYS ()
(SRTSPX [System | Running]) -- C:\Windows\sysnative\Drivers\SRTSPX64.SYS ()
(srv [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\srv.sys ()
(srv2 [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\srv2.sys ()
(srvnet [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\srvnet.sys ()
(swenum [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\swenum.sys ()
(Symc8xx [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\symc8xx.sys ()
(SYMDNS [On_Demand | Running]) -- C:\Windows\sysnative\Drivers\SYMDNS.SYS ()
(SymEvent [On_Demand | Running]) -- C:\Windows\sysnative\Drivers\SYMEVENT64x86.SYS ()
(SYMFW [On_Demand | Running]) -- C:\Windows\sysnative\Drivers\SYMFW.SYS ()
(SymIM [System | Running]) -- C:\Windows\sysnative\DRIVERS\SymIMv.sys ()
(SYMNDISV [On_Demand | Running]) -- C:\Windows\sysnative\Drivers\SYMNDISV.SYS ()
(SYMREDRV [On_Demand | Running]) -- C:\Windows\sysnative\Drivers\SYMREDRV.SYS ()
(SYMTDI [System | Running]) -- C:\Windows\sysnative\Drivers\SYMTDI.SYS ()
(Sym_hi [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\sym_hi.sys ()
(Sym_u3 [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\sym_u3.sys ()
(SynTP [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\SynTP.sys ()
(Tcpip [Boot | Running]) -- C:\Windows\sysnative\drivers\tcpip.sys ()
(Tcpip6 [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\tcpip.sys ()
(tcpipreg [Auto | Running]) -- C:\Windows\sysnative\drivers\tcpipreg.sys ()
(TDPIPE [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\tdpipe.sys ()
(TDTCP [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\tdtcp.sys ()
(tdx [System | Running]) -- C:\Windows\sysnative\DRIVERS\tdx.sys ()
(TermDD [System | Running]) -- C:\Windows\sysnative\DRIVERS\termdd.sys ()
(TPM [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\tpm.sys ()
(tssecsrv [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\tssecsrv.sys ()
(tunmp [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\tunmp.sys ()
(tunnel [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\tunnel.sys ()
(uagp35 [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\uagp35.sys ()
(udfs [Disabled | Stopped]) -- C:\Windows\sysnative\DRIVERS\udfs.sys ()
(uliagpkx [On_Demand | Stopped]) -- C:\Windows\sysnative\drivers\uliagpkx.sys ()
(uliahci [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\uliahci.sys ()
(UlSata [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\ulsata.sys ()
(ulsata2 [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\ulsata2.sys ()
(umbus [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\umbus.sys ()
(usbccgp [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\usbccgp.sys ()
(usbcir [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\usbcir.sys ()
(usbehci [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\usbehci.sys ()
(usbhub [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\usbhub.sys ()
(usbohci [Disabled | Stopped]) -- C:\Windows\sysnative\DRIVERS\usbohci.sys ()
(usbprint [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\usbprint.sys ()
(USBSTOR [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\USBSTOR.SYS ()
(usbuhci [On_Demand | Running]) -- C:\Windows\sysnative\DRIVERS\usbuhci.sys ()
(usbvideo [On_Demand | Stopped]) -- C:\Windows\sysnative\Drivers\usbvideo.sys ()
(vga [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\vgapnp.sys ()
(VgaSave [System | Running]) -- C:\Windows\sysnative\drivers\vga.sys ()
(viaide [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\viaide.sys ()
(volmgr [Boot | Running]) -- C:\Windows\sysnative\drivers\volmgr.sys ()
(volmgrx [Boot | Running]) -- C:\Windows\sysnative\drivers\volmgrx.sys ()
(volsnap [Boot | Running]) -- C:\Windows\sysnative\drivers\volsnap.sys ()
(vsmraid [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\vsmraid.sys ()
(WacomPen [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\wacompen.sys ()
(Wanarp [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\wanarp.sys ()
(Wanarpv6 [System | Running]) -- C:\Windows\sysnative\DRIVERS\wanarp.sys ()
(Wd [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\wd.sys ()
(Wdf01000 [Boot | Running]) -- C:\Windows\sysnative\drivers\Wdf01000.sys ()
(WmiAcpi [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\wmiacpi.sys ()
(ws2ifsl [Disabled | Stopped]) -- C:\Windows\sysnative\drivers\ws2ifsl.sys ()
(WUDFRd [On_Demand | Stopped]) -- C:\Windows\sysnative\DRIVERS\WUDFRd.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] "C:\Program Files (x86)\ASUS\ATK Media\DMEDIA.EXE" (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe" ()
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" (CyberLink)
O4 - HKLM..\Run: [DirectConsole2] C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe (ASUSTek.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe ()
O4 - HKLM..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL (Microsoft Corporation)
O4 - HKLM..\Run: [P2Go_Menu] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" (CyberLink Corp.)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (Hewlett-Packard Company)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.s...abs/tgctlsr.cab (Symantec Script Runner Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key does not exist or could not be opened.)
O18 - Protocol\Handler: - about - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler: - cdl - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - dvd - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler: - file - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - ftp - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - http - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - https - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - its - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler: - javascript - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler: - local - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mailto - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mhtml - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mk - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler: - ms-help - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler: - ms-its - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler: - mso-offdap11 - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - res - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler: - tv - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler: - vbscript - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/octet-stream - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: (Component Categories cache daemon) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\System32\browseui.dll (Microsoft Corporation)

========== HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell" = explorer.exe
>C:\Windows\System32\explorer.exe (Microsoft Corporation)

"UserInit" = userinit.exe
>C:\Windows\System32\userinit.exe (Microsoft Corporation)

"VMApplet" = rundll32 shell32,Control_RunDLL "sysdm.cpl"
>C:\Windows\System32\shell32.dll (Microsoft Corporation)
>C:\Windows\System32\sysdm.cpl (Microsoft Corporation)

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
!SASWinLogon: "DllName" = C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll -- C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" (HKLM) -- C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

========== HKLM *SecurityProviders* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders" = credssp.dll
>C:\Windows\System32\credssp.dll (Microsoft Corporation)

========== LSA *Authentication Packages* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages" = msv1_0,
>C:\Windows\System32\msv1_0.dll (Microsoft Corporation)

========== LSA *Security Packages* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Security Packages" = kerberos,msv1_0,schannel,wdigest,tspkg,
>C:\Windows\System32\kerberos.dll (Microsoft Corporation)
>C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
>C:\Windows\System32\schannel.dll (Microsoft Corporation)
>C:\Windows\System32\wdigest.dll (Microsoft Corporation)
>C:\Windows\System32\TSpkg.dll (Microsoft Corporation)

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKE

#4
thillman

Posted 27 January 2009 - 07:07 PM

Member

Topic Starter
Member
37 posts

//here is the rest of he OTListIt.txt
//thanks

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Files/Folders - Created Within 30 Days ==========

[2009/01/27 19:46:26 | 00,419,328 | ---- | C] (OldTimer Tools) -- C:\Users\Louis\Desktop\OTListIt2.exe
[2009/01/25 15:51:39 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/01/25 15:51:28 | 00,000,951 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/01/25 15:51:25 | 00,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\SUPERAntiSpyware.com
[2009/01/25 15:51:25 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\SUPERAntiSpyware
[2009/01/25 15:48:52 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2009/01/25 15:48:38 | 05,966,368 | ---- | C] () -- C:\Users\Louis\Desktop\SUPERAntiSpyware.exe
[2009/01/25 15:31:52 | 00,000,422 | ---- | C] () -- C:\Windows\System32\mapisvc.inf
[2009/01/25 15:15:12 | 00,001,401 | ---- | C] () -- C:\Users\Louis\Desktop\Microsoft Office Accounting 2007.lnk
[2009/01/25 15:13:42 | 00,000,000 | ---D | C] -- C:\Users\Louis\Documents\Small Business Accounting
[2009/01/25 15:11:25 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Small Business
[2009/01/25 15:10:49 | 00,709,336 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/01/25 15:06:56 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2009/01/25 00:29:28 | 00,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\MusicNet
[2009/01/25 00:25:39 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2009/01/25 00:06:51 | 00,000,845 | ---- | C] () -- C:\Users\Public\Desktop\Zune.lnk
[2009/01/24 23:22:53 | 13,972,7504 | ---- | C] (Microsoft Corporation) -- C:\Users\Louis\Desktop\zunesetuppkg-x64.exe
[2009/01/18 17:19:10 | 00,001,741 | ---- | C] () -- C:\Users\Louis\Desktop\Left 4 Dead.lnk
[2009/01/18 11:50:19 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Louis\Desktop\HiJackThis.exe
[2009/01/18 10:58:56 | 00,001,812 | ---- | C] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/01/18 10:58:52 | 00,000,000 | ---- | C] () -- C:\Windows\System32\config.nt
[2009/01/18 10:58:27 | 01,236,208 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2009/01/18 10:58:27 | 00,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2009/01/17 20:55:11 | 00,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2009/01/17 20:27:54 | 00,000,000 | ---D | C] -- C:\Users\Louis\Desktop\New Folder
[2009/01/11 17:43:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Picasa2
[2009/01/11 15:02:16 | 00,000,000 | ---D | C] -- C:\Users\Louis\Desktop\photos
[2009/01/03 23:55:27 | 00,114,439 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/01/03 22:15:33 | 00,114,439 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/01/03 22:12:04 | 00,000,984 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2009/01/03 22:12:00 | 00,000,995 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2009/01/03 22:12:00 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2009/01/03 22:11:54 | 00,001,425 | ---- | C] () -- C:\Users\Louis\Desktop\DivX Movies.lnk
[2009/01/03 22:11:54 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2009/01/03 22:03:47 | 00,006,656 | ---- | C] () -- C:\Users\Louis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/01 13:45:27 | 00,000,084 | -H-- | C] () -- C:\ProgramData\aspg.dat

========== Files - Modified Within 30 Days ==========

[2009/01/27 19:51:58 | 00,114,439 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/01/27 19:46:48 | 00,419,328 | ---- | M] (OldTimer Tools) -- C:\Users\Louis\Desktop\OTListIt2.exe
[2009/01/27 19:45:05 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B86D6640-26EE-4336-88C6-2BE455047976}.job
[2009/01/27 19:44:21 | 00,000,000 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/01/27 19:41:41 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/01/27 19:41:35 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/01/27 19:41:28 | 42,940,37504 | -HS- | M] () -- C:\hiberfil.sys
[2009/01/26 19:48:33 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009/01/26 19:48:10 | 02,127,163 | -H-- | M] () -- C:\Users\Louis\AppData\Local\IconCache.db
[2009/01/25 15:51:28 | 00,000,951 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/01/25 15:48:46 | 05,966,368 | ---- | M] () -- C:\Users\Louis\Desktop\SUPERAntiSpyware.exe
[2009/01/25 15:31:52 | 00,000,422 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2009/01/25 15:13:10 | 00,001,401 | ---- | M] () -- C:\Users\Louis\Desktop\Microsoft Office Accounting 2007.lnk
[2009/01/25 15:10:49 | 00,709,336 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/01/25 15:05:58 | 00,114,439 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/01/25 00:06:51 | 00,000,845 | ---- | M] () -- C:\Users\Public\Desktop\Zune.lnk
[2009/01/24 23:26:58 | 13,972,7504 | ---- | M] (Microsoft Corporation) -- C:\Users\Louis\Desktop\zunesetuppkg-x64.exe
[2009/01/18 17:19:10 | 00,001,741 | ---- | M] () -- C:\Users\Louis\Desktop\Left 4 Dead.lnk
[2009/01/18 11:50:26 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Louis\Desktop\HiJackThis.exe
[2009/01/18 10:58:56 | 00,001,812 | ---- | M] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/01/11 15:02:21 | 00,006,656 | ---- | M] () -- C:\Users\Louis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/05 19:45:02 | 00,000,558 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Louis.job
[2009/01/03 22:12:04 | 00,000,984 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2009/01/03 22:12:00 | 00,000,995 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2009/01/03 22:11:54 | 00,001,425 | ---- | M] () -- C:\Users\Louis\Desktop\DivX Movies.lnk
[2009/01/01 13:45:27 | 00,000,084 | -H-- | M] () -- C:\ProgramData\aspg.dat

========== LOP Check ==========

[2009/01/05 19:45:02 | 00,000,558 | ---- | M] () -- C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Louis.job
[2009/01/27 19:41:41 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/01/26 19:48:33 | 00,015,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/01/27 19:45:05 | 00,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B86D6640-26EE-4336-88C6-2BE455047976}.job

========== Purity Check ==========

< End of report >

#5
handhfan

Posted 27 January 2009 - 07:20 PM

Trusted Helper

Expert
13,659 posts

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

Please do an online scan with Kaspersky WebScanner

Read through the requirements and privacy statement and click on Accept button.
It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
When the downloads have finished, click on Settings.
Make sure the following is checked.
- Spyware, Adware, Dialers, and other potentially dangerous programs
  Archives
  Mail databases
Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
Please post this log in your next reply, along with a new HijackThis log.

#6
thillman

Posted 31 January 2009 - 05:11 PM

Member

Topic Starter
Member
37 posts

hi handhfan,

I did the javara and kaspersky scan. kaspersky did not find anything and there's no log for it.

here is the hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:10:51 PM, on 1/31/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Internet Explorer\ieuser.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser.exe
C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe
C:\Program Files (x86)\Java\jre6\bin\java.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\MSN\Toolbar\3.0.0988.2\msntask.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10a.exe
C:\Users\Louis\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files (x86)\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [ATKMEDIA] "C:\Program Files (x86)\ASUS\ATK Media\DMEDIA.EXE"
O4 - HKLM\..\Run: [DirectConsole2] C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebo...toUploader5.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.s...abs/tgctlsr.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Zune Wireless Configuration Service (ZuneWlanCfgSvc) - Unknown owner - C:\Windows\system32\ZuneWlanCfgSvc.exe (file missing)

--
End of file - 11042 bytes

#7
handhfan

Posted 31 January 2009 - 05:13 PM

Trusted Helper

Expert
13,659 posts

I'm not seeing any malware on your computer.

If you are still having issues with Vista, I would ask the techs in this forum here.

#8
handhfan

Posted 07 February 2009 - 05:14 PM

Trusted Helper

Expert
13,659 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.