james102586jr

Python 2.4.3 2.4.3150 ({75E71ADD-042C-4F30-BFAC-A9EC42351313}) version: 33819726 version (major): 2 version (minor): 4 estimated size: 30049 install date: 20061211 install source: C:\hp\tmp\ uninstall cmd: MsiExec.exe /I{75E71ADD-042C-4F30-BFAC-A9EC42351313} publisher: Martin v. L

WT014898 (WT014898) install location: C:\Program Files\HP Games\Ocean Express uninstall cmd: "C:\Program Files\HP Games\Ocean Express\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014899 (WT014899) install location: C:\Program Files\HP Games\Polar Golfer Pineapple Cup uninstall cmd: "C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014900 (WT014900) install location: C:\Program Files\HP Games\Tornado Jockey uninstall cmd: "C:\Program Files\HP Games\Tornado Jockey\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014901 (WT014901) install location: C:\Program Files\HP Games\Wheel of Fortune uninstall cmd: "C:\Program Files\HP Games\Wheel of Fortune\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops Yahoo! Toolbar for Internet Explorer (Yahoo! Companion) uninstall cmd: C:\PROGRA~1\Yahoo!\Common\unyt.exe Yahoo! Messenger (Yahoo! Messenger) uninstall cmd: C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG publisher: Yahoo! Inc. Yahoo! Toolbar (Yahoo! Toolbar) HP Total Care Advisor 1.0.90 ({0373779B-A362-4B2E-B8E9-7442F19F9394}) version: 16777306 version (major): 1 estimated size: 25054 install date: 20061211 install location: C:\Program Files\Hewlett-Packard\HP Advisor\ install source: C:\Users\ADMINI~1\AppData\Local\Temp\_isA40B\ uninstall cmd: MsiExec.exe /X{0373779B-A362-4B2E-B8E9-7442F19F9394} publisher: Hewlett-Packard Roxio Creator Tools 3.3.0 ({0394CDC8-FABD-4ed8-B104-03393876DFDF}) version: 50528256 version (major): 3 version (minor): 3 estimated size: 353 install date: 20061211 install source: c:\hp\tmp\src\RCP_TOOLS_33\ uninstall cmd: MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF} publisher: Roxio help link: http://support.sonic.com/ Roxio Creator Data 3.3.0 ({0D397393-9B50-4c52-84D5-77E344289F87}) version: 50528256 version (major): 3 version (minor): 3 estimated size: 844 install date: 20061211 install source: c:\hp\tmp\src\RCP_DATA_33\ uninstall cmd: MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87} publisher: Roxio help link: http://support.sonic.com/ Security Update for CAPICOM (KB931906) 2.1.0.2 ({0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}) version: 33619968 version (major): 2 version (minor): 1 estimated size: 770 install date: 20081003 install source: C:\Windows\TEMP\IXP000.TMP\ uninstall cmd: MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} publisher: Microsoft Corporation Roxio Creator EasyArchive 3.3.0 ({11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) version: 50528256 version (major): 3 version (minor): 3 estimated size: 1542 install date: 20061211 install source: c:\hp\tmp\src\RCP_EASYARCHIVE_33\ uninstall cmd: MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B} publisher: Roxio Java 6 Update 11 6.0.110 ({26A24AE4-039D-4CA4-87B4-2F83216010FF}) version: 100663396 version (major): 6 estimated size: 96648 install date: 20081113 install location: C:\Program Files\Java\jre6\ install source: C:\Users\Tyler\AppData\LocalLow\Sun\Java\jre1.6.0_10\ uninstall cmd: MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} publisher: Sun Microsystems, Inc. contact: http://java.com help link: http://java.com readme: C:\Program Files\Java\jre6\README.txt ({26A24AE4-039D-4CA4-87B4-2F83216011FB}) SymNet 7.1.0.27 ({2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}) version: 117506048 version (major): 7 version (minor): 1 estimated size: 3042 install date: 20061211 install source: c:\hp\tmp\src\Support\SymNet\ uninstall cmd: MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2} publisher: Symantec Corporation Norton Internet Security 10.1.0.26 ({3672B097-EA69-4bfe-B92F-29AE6D9D2B34}) version: 167837696 version (major): 10 version (minor): 1 estimated size: 341 install date: 20061211 install source: c:\hp\tmp\src\Support\SymMCEAI\ uninstall cmd: MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34} publisher: Symantec Corporation ccCommon 106.1.1.4 ({3CCAD2EF-CFF2-4637-82AA-AABF370282D3}) version: 1778450433 version (major): 106 version (minor): 1 estimated size: 6561 install date: 20061211 install source: c:\hp\tmp\src\Support\ccCommon\ uninstall cmd: MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3} publisher: Symantec HP Easy Setup - Frontend 5.00.0000 ({40F7AED3-0C7D-4582-99F6-484A515C73F2}) version: 83886080 install date: 20061211 install location: C:\Program Files\Hewlett-Packard\HP Easy Setup - Frontend install source: c:\hp\tmp\src\ uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly publisher: Hewlett-Packard Norton Internet Security 10.1.0.26 ({48185814-A224-447A-81DA-71BD20580E1B}) version: 167837696 version (major): 10 version (minor): 1 estimated size: 9395 install date: 20061211 install source: c:\hp\tmp\src\Setup\ uninstall cmd: MsiExec.exe /I{48185814-A224-447A-81DA-71BD20580E1B} publisher: Symantec Corporation Norton Confidential Browser Component 1.1.0.6 ({4843B611-8FCB-4428-8C23-31D0A5EAE164}) version: 16842752 version (major): 1 version (minor): 1 estimated size: 2797 install date: 20061211 install source: c:\hp\tmp\src\Support\NCO\ uninstall cmd: MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164} publisher: Symantec Corporation Windows Live Messenger 8.5.1302.1018 ({508CE775-4BA4-4748-82DF-FE28DA9F03B0}) version: 134546710 version (major): 8 version (minor): 5 estimated size: 31179 install date: 20081002 install source: C:\Program Files\Common Files\WindowsLiveInstaller\MsiSources\ uninstall cmd: MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0} publisher: Microsoft Corporation ({582876EC-A178-44D4-9823-C10D6C62EAFF}) uninstall cmd: MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93} Norton Internet Security 10.1.0.26 ({5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}) version: 167837696 version (major): 10 version (minor): 1 estimated size: 60160 install date: 20061211 install source: c:\hp\tmp\src\Setup\ uninstall cmd: MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B} publisher: Symantec Corporation Roxio Creator Copy 3.3.0 ({619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) version: 50528256 version (major): 3 version (minor): 3 estimated size: 640 install date: 20061211 install source: c:\hp\tmp\src\RCP_COPY_33\ uninstall cmd: MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} publisher: Roxio help link: http://support.sonic.com/ Roxio Express Labeler 3 2.1.0 ({6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) version: 33619968 version (major): 2 version (minor): 1 estimated size: 16724 install date: 20061211 install source: c:\hp\tmp\src\EXPRESSLABELER_31\ uninstall cmd: MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} publisher: Roxio Microsoft Works 08.05.0818 ({6D52C408-B09A-4520-9B18-475B81D393F1}) version: 134546226 version (major): 8 version (minor): 5 estimated size: 275629 install date: 20081003 install source: c:\hp\tmp\src\MSWORKS\ uninstall cmd: MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1} publisher: Microsoft Corporation comments: Microsoft Works 8.0 installation. help link: http://go.microsoft.com/fwlink/?LinkId=6831 help telephone: Microsoft Visual C++ 2005 Redistributable 8.0.56336 ({7299052b-02a4-4627-81f2-1818da5d550d}) version: 134274064 version (major): 8 estimated size: 422 install date: 20081003 install source: C:\Users\Tyler\AppData\Local\Temp\IXP000.TMP\ uninstall cmd: MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} publisher: Microsoft Corporation

(Connection Manager) (DirectDrawEx) (DXM_Runtime) Microsoft Office Enterprise 2007 12.0.6215.1000 (ENTERPRISE) install location: C:\Program Files\Microsoft Office uninstall cmd: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL publisher: Microsoft Corporation (Fontcore) Compaq Connections (remove only) (HPOOVClient-3572475 Uninstaller) uninstall cmd: C:\Windows\HPCPCUninstall-3572475\HPBWSetup.exe -appid 3572475 -uninstall (IE40) (IE4Data) (IE5BAKEX) (IEData) Security Update for CAPICOM (KB931906) 2.1.0.2 (KB931906) uninstall cmd: MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=931906 LiveUpdate 3.2 (Symantec Corporation) 3.2.0.68 (LiveUpdate) install location: "C:\Program Files\Symantec\LiveUpdate" uninstall cmd: "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U publisher: Symantec Corporation (MobileOptionPack) Mozilla Firefox (3.0.4) 3.0.4 (en-US) (Mozilla Firefox (3.0.4)) install location: C:\Program Files\Mozilla Firefox uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe publisher: Mozilla comments: Mozilla Firefox (MPlayer2) NVIDIA Drivers (NVIDIA Drivers) uninstall cmd: C:\Windows\system32\NVUNINST.EXE UninstallGUI Hardware Diagnostic Tools 5.00.4262.12 (PC-Doctor 5 for Windows) install location: C:\Program Files\PC-Doctor 5 for Windows\ uninstall cmd: C:\Program Files\PC-Doctor 5 for Windows\uninst.exe publisher: PC-Doctor, Inc. comments: Personal Computer Diagnostics Software contact: Customer Support Department (SchedulingAgent) (Sevinst) Norton Internet Security (Symantec Corporation) 10.1.0.26 (SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}) install location: C:\Program Files\Norton Internet Security install source: c:\hp\tmp\src uninstall cmd: "C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X publisher: Symantec Corporation Viewpoint Media Player (ViewpointMediaPlayer) uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u Warhammer Online - Age of Reckoning (Warhammer Online - Age of Reckoning) uninstall cmd: C:\Program Files\Electronic Arts\Electronic Arts\Warhammer Online - Age of Reckoning\uninst2.exe publisher: Electronic Arts My HP Games HPCMPQ1505 (WildTangent hpdesktop Master Uninstall) install location: C:\Program Files\HP Games uninstall cmd: "C:\Program Files\HP Games\Uninstall.exe" publisher: WildTangent World of Warcraft (World of Warcraft) install location: F:\World of Warcraft\ install source: F:\World of Warcraft\ uninstall cmd: C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe publisher: Blizzard Entertainment WT014844 (WT014844) install location: C:\Program Files\HP Games\The Apprentice uninstall cmd: "C:\Program Files\HP Games\The Apprentice\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014853 (WT014853) install location: C:\Program Files\HP Games\Family Feud uninstall cmd: "C:\Program Files\HP Games\Family Feud\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014855 (WT014855) install location: C:\Program Files\HP Games\Final Drive Nitro uninstall cmd: "C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014857 (WT014857) install location: C:\Program Files\HP Games\Insaniquarium Deluxe uninstall cmd: "C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014858 (WT014858) install location: C:\Program Files\HP Games\Jewel Quest uninstall cmd: "C:\Program Files\HP Games\Jewel Quest\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014861 (WT014861) install location: C:\Program Files\HP Games\Penguins! uninstall cmd: "C:\Program Files\HP Games\Penguins!\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014862 (WT014862) install location: C:\Program Files\HP Games\Polar Golfer uninstall cmd: "C:\Program Files\HP Games\Polar Golfer\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014865 (WT014865) install location: C:\Program Files\HP Games\SCRABBLE uninstall cmd: "C:\Program Files\HP Games\SCRABBLE\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014867 (WT014867) install location: C:\Program Files\HP Games\Slingo Deluxe uninstall cmd: "C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014868 (WT014868) install location: C:\Program Files\HP Games\Super Granny uninstall cmd: "C:\Program Files\HP Games\Super Granny\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014869 (WT014869) install location: C:\Program Files\HP Games\Tradewinds uninstall cmd: "C:\Program Files\HP Games\Tradewinds\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014871 (WT014871) install location: C:\Program Files\HP Games\Zuma Deluxe uninstall cmd: "C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014888 (WT014888) install location: C:\Program Files\HP Games\Polar Bowler uninstall cmd: "C:\Program Files\HP Games\Polar Bowler\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014895 (WT014895) install location: C:\Program Files\HP Games\JEOPARDY uninstall cmd: "C:\Program Files\HP Games\JEOPARDY\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014896 (WT014896) install location: C:\Program Files\HP Games\LEGO Builder Bots uninstall cmd: "C:\Program Files\HP Games\LEGO Builder Bots\Uninstall.exe" publisher: WildTangent comments: Distributed by Hewlett-Packard Desktops WT014897 (WT014897) install location: C:\Program Files\HP Games\Mahjong Journey of Enlightenment uninstall cmd: "C:\Program Files\HP Games\Mahjong Journey of Enlightenment\Uninstall.exe" publisher: WildTangent

MD5: 67908FFF414C4BA8019BCDE44281CE9F PID: 264 (1760) C:\Program Files\Java\jre6\bin\jusched.exe size: 136600 MD5: B98FFA8288EFAABC436C30D198608345 PID: 3392 ( 772) C:\Windows\System32\mobsync.exe size: 95744 MD5: 9B89B3BB79EA1ACF041F40A7B6FC5827 PID: 3484 (3392) C:\Program Files\Windows Media Player\wmplayer.exe size: 168960 MD5: BE70DDF93F5E8CA9DA13CBC6F849808C PID: 4816 (1760) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe size: 4891472 MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855 PID: 4820 (1760) C:\Program Files\Mozilla Firefox\firefox.exe size: 307712 MD5: BAC6F7DE724D7F30EBD78648C86B4617 PID: 1648 (1760) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe size: 4347120 MD5: BF7F70A930CEFF0124CB70BFB0055E8F PID: 6032 (1760) C:\Windows\system32\rundll32.exe size: 44544 MD5: 4B555106290BD117334E9A08761C035A PID: 0 ( 0) [system Process] PID: 4 ( 0) System PID: 372 ( 4) smss.exe size: 64000 PID: 440 ( 428) csrss.exe size: 6144 PID: 488 ( 428) wininit.exe size: 96768 PID: 496 ( 480) csrss.exe size: 6144 PID: 528 ( 480) winlogon.exe size: 314880 PID: 580 ( 488) services.exe size: 279040 PID: 596 ( 488) lsass.exe size: 9728 PID: 604 ( 488) lsm.exe size: 229888 PID: 772 ( 580) svchost.exe size: 21504 PID: 824 ( 580) nvvsvc.exe size: 203296 PID: 856 ( 580) svchost.exe size: 21504 PID: 896 ( 580) svchost.exe size: 21504 PID: 980 ( 580) svchost.exe size: 21504 PID: 1068 ( 580) svchost.exe size: 21504 PID: 1088 ( 580) svchost.exe size: 21504 PID: 1164 ( 980) audiodg.exe size: 88064 PID: 1200 ( 580) SLsvc.exe size: 2623488 PID: 1228 ( 580) svchost.exe size: 21504 PID: 1292 ( 824) rundll32.exe size: 44544 PID: 1448 ( 580) svchost.exe size: 21504 PID: 1584 ( 580) ccSvcHst.exe PID: 1908 ( 580) spoolsv.exe size: 125952 PID: 852 ( 580) svchost.exe size: 21504 PID: 1916 ( 580) AluSchedulerSvc.exe PID: 2320 ( 580) LSSrvc.exe PID: 2560 ( 580) svchost.exe size: 21504 PID: 2792 ( 580) svchost.exe size: 21504 PID: 2900 ( 580) ViewpointService.exe PID: 2972 ( 580) svchost.exe size: 21504 PID: 3004 ( 580) SearchIndexer.exe size: 439808 PID: 3108 ( 580) XAudio.exe PID: 3120 (1068) WUDFHost.exe size: 142336 PID: 3728 (1088) taskeng.exe size: 169472 PID: 5008 ( 772) WmiPrvSE.exe --- Browser start & search pages list --- Spybot - Search & Destroy browser pages report, 12/16/2008 3:51:34 PM HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page C:\Windows\system32\blank.htm HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page http://go.microsoft.com/fwlink/?LinkId=54896 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page http://www.yahoo.com/ HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page %SystemRoot%\system32\blank.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page http://go.microsoft.com/fwlink/?LinkId=54896 HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://go.microsoft.com/fwlink/?LinkId=54896 --- Winsock Layered Service Provider list --- Namespace Provider 1: E-mail Naming Shim Provider GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE} Filename: Namespace Provider 2: PNRP Cloud Namespace Provider GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D} Filename: Namespace Provider 3: PNRP Name Namespace Provider GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D} Filename: --- Uninstall list --- (AddressBook) Adobe Flash Player 10 ActiveX 10.0.12.36 (Adobe Flash Player ActiveX) uninstall cmd: C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe publisher: Adobe Systems Incorporated help link: http://www.adobe.com/go/flashplayer_support/ Adobe Flash Player 10 Plugin 10.0.12.36 (Adobe Flash Player Plugin) uninstall cmd: C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe publisher: Adobe Systems Incorporated AIM 6 (AIM_6) uninstall cmd: C:\Program Files\AIM6\uninst.exe (AOL Diagnostics_N) (AOLOCP_Y) Soft Data Fax Modem with SmartCP 7.80.0.0 (CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\UIU32m.exe -U -ITrx200Cz.INF publisher: Conexant Systems

--- ActiveX list --- {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} () DPF name: CLSID name: Installer: Codebase: http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) DPF name: CLSID name: CTVUAxCtrl Object Installer: C:\Windows\Downloaded Program Files\TVUAx.inf Codebase: http://dl.tvunetworks.com/TVUAx.cab Path: C:\Windows\Downloaded Program Files\ Long name: npTVUAx.dll Short name: Date (created): 11/6/2008 9:18:40 PM Date (last access): 11/6/2008 9:18:40 PM Date (last write): 11/6/2008 9:18:40 PM Filesize: 1346672 Attributes: archive MD5: 25C5B97663E8294C9222B032C5DAB474 CRC32: 1290E6D5 Version: 2.4.1.0 {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_11 Installer: Codebase: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab description: Sun Java classification: Legitimate known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll info link: info source: Patrick M. Kolla Path: C:\Program Files\Java\jre6\bin\ Long name: jp2iexp.dll Short name: Date (created): 11/13/2008 8:36:58 PM Date (last access): 11/10/2008 3:39:26 AM Date (last write): 11/10/2008 5:43:16 AM Filesize: 94208 Attributes: archive MD5: 3DA696FCE470365F830726A5DB33733F CRC32: F0FC81C2 Version: 6.0.110.3 {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) DPF name: CLSID name: Java Plug-in 1.6.0_10 Installer: Codebase: Path: C:\Program Files\Java\jre6\bin\ Long name: jp2iexp.dll Short name: Date (created): 11/13/2008 8:36:58 PM Date (last access): 11/10/2008 3:39:26 AM Date (last write): 11/10/2008 5:43:16 AM Filesize: 94208 Attributes: archive MD5: 3DA696FCE470365F830726A5DB33733F CRC32: F0FC81C2 Version: 6.0.110.3 {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_11 Installer: Codebase: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab Path: C:\Program Files\Java\jre6\bin\ Long name: jp2iexp.dll Short name: Date (created): 11/13/2008 8:36:58 PM Date (last access): 11/10/2008 3:39:26 AM Date (last write): 11/10/2008 5:43:16 AM Filesize: 94208 Attributes: archive MD5: 3DA696FCE470365F830726A5DB33733F CRC32: F0FC81C2 Version: 6.0.110.3 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_11 Installer: Codebase: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab Path: C:\Program Files\Java\jre6\bin\ Long name: npjpi160_11.dll Short name: NPJPI1~1.DLL Date (created): 11/10/2008 3:39:26 AM Date (last access): 11/10/2072 3:39:26 AM Date (last write): 11/10/2008 5:43:32 AM Filesize: 132504 Attributes: archive MD5: D400116F6776ACB6EDB6B1F5EEB9F92D CRC32: CECB5751 Version: 6.0.110.3 --- Process list --- PID: 1712 (1068) C:\Windows\system32\Dwm.exe size: 81920 MD5: 59903071D7ACE6A02093C47E9E38AF97 PID: 1760 (1688) C:\Windows\Explorer.EXE size: 2927104 MD5: FFA764631CB70A30065C12EF8E174F9F PID: 1620 (1088) C:\Windows\system32\taskeng.exe size: 169472 MD5: 5F109032CE46B7184ED9E50F9FE8489E PID: 1356 (1760) C:\Program Files\Windows Defender\MSASCui.exe size: 1008184 MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E PID: 2020 (1760) C:\hp\support\hpsysdrv.exe size: 65536 MD5: 85B8925F1A477DF7AEC93CABBEB04F1F PID: 1576 (1760) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe size: 49152 MD5: 821F73B833C4DAEBC33C1A9A4B16BB5A PID: 1888 (1760) C:\Program Files\Common Files\Symantec Shared\ccApp.exe size: 107112 MD5: D12509C433C20D2818E8C03C401A256F PID: 1920 (1760) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe size: 33648 MD5: 35DCD380D4D579D8B8EA91D5D8AE444C PID: 116 (1760) C:\WINDOWS\System32\rundll32.exe size: 44544 MD5: 4B555106290BD117334E9A08761C035A PID: 2016 (1760) C:\WINDOWS\RtHDVCpl.exe size: 4702208

Located: HK_CU:RunOnce, ypagerps where: S-1-5-21-1601075238-2268458529-197457285-1000... command: cmd.exe /C del "C:\Program Files\Yahoo!\Messenger\ypagerps.dll" file: C:\Windows\system32\cmd.exe size: 318976 MD5: 74F26FC01B180D4A99A168ED69C30A53 --- Browser helper object list --- {1E8A6170-7264-4D0F-BEAE-D42A53123C75} () location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Path: c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\ Long name: NppBHO.dll Short name: Date (created): 10/23/2006 3:34:20 PM Date (last access): 12/11/2006 4:20:36 AM Date (last write): 10/23/2006 3:34:20 PM Filesize: 96984 Attributes: readonly archive MD5: 57E8CF524AFF1D945AABD65B9AAA8075 CRC32: EA607DA7 Version: 2007.1.3.6 {72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Groove GFS Browser Helper Path: C:\Program Files\Microsoft Office\Office12\ Long name: GrooveShellExtensions.dll Short name: GRA8E1~1.DLL Date (created): 8/24/2007 6:01:22 AM Date (last access): 10/23/2008 3:12:34 AM Date (last write): 8/24/2007 6:01:22 AM Filesize: 2212224 Attributes: archive MD5: 32C4927E013C018A13D8DFBDA4148812 CRC32: 9A9F3D8B Version: 12.0.6211.1000 {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (Java Plug-In SSV Helper) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Java Plug-In SSV Helper Path: C:\Program Files\Java\jre6\bin\ Long name: ssv.dll Short name: Date (created): 11/13/2008 8:37:20 PM Date (last access): 11/10/2072 3:39:26 AM Date (last write): 11/10/2008 5:43:32 AM Filesize: 320920 Attributes: archive MD5: 35E6FB6E6003BD54A5D69C9C1C762192 CRC32: 9699660C Version: 6.0.110.3 {7E853D72-626A-48EC-A868-BA8D5E23E045} () location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Windows Live Sign-in Helper Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\ Long name: WindowsLiveLogin.dll Short name: WINDOW~1.DLL Date (created): 9/20/2007 9:30:18 AM Date (last access): 10/2/2008 5:55:36 PM Date (last write): 9/20/2007 9:30:18 AM Filesize: 328752 Attributes: archive MD5: 59CF5BF6684AFCF906CADAD39B4214DE CRC32: C363813C Version: 4.200.520.1 {be9187bf-cca3-4b9d-8ae8-83bd73ad4a77} () location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Path: C:\Windows\system32\ Long name: rayepiwi.dll Short name: Date (created): 9/16/2008 3:24:46 PM Date (last access): 9/16/2008 3:24:46 PM Date (last write): 9/16/2008 3:24:46 PM Filesize: 65659 Attributes: hidden sysfile archive MD5: 87B43A7F1BB10488CC6C35EACF0FA398 CRC32: D05E6E30 Version: 6.0.5308.17 {DBC80044-A445-435b-BC74-9C25C1C588A9} (Java Plug-In 2 SSV Helper) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Java Plug-In 2 SSV Helper Path: C:\Program Files\Java\jre6\bin\ Long name: jp2ssv.dll Short name: Date (created): 11/13/2008 8:36:58 PM Date (last access): 11/10/2008 3:39:26 AM Date (last write): 11/10/2008 5:43:16 AM Filesize: 34816 Attributes: archive MD5: 5D57FD3DF32DC69CEC3D1D54B4C43162 CRC32: D7C13FB2 Version: 6.0.110.3

Located: HK_LM:Run, Symantec PIF AlertEng command: "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" file: C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe size: 583048 MD5: 2D1389E05A807D956829F44BD4B60389 Located: HK_LM:Run, Windows Defender command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide file: C:\Program Files\Windows Defender\MSASCui.exe size: 1008184 MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E Located: HK_LM:RunOnce, Launcher command: %WINDIR%\SMINST\launcher.exe file: C:\Windows\SMINST\launcher.exe size: 44136 MD5: DBEB9EE2A13D9AA0D5F180757B5A2C26 Located: HK_CU:Run, Sidebar where: S-1-5-19... command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem file: C:\Program Files\Windows Sidebar\Sidebar.exe size: 1233920 MD5: FD278E51A7D6F52D22FCE6C67E037AD6 Located: HK_CU:Run, WindowsWelcomeCenter where: S-1-5-19... command: rundll32.exe oobefldr.dll,ShowWelcomeCenter file: C:\Windows\system32\oobefldr.dll size: 2153472 MD5: 83E4A5435B0FA6AD0166722621A04725 Located: HK_CU:Run, Sidebar where: S-1-5-20... command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem file: C:\Program Files\Windows Sidebar\Sidebar.exe size: 1233920 MD5: FD278E51A7D6F52D22FCE6C67E037AD6 Located: HK_CU:Run, WindowsWelcomeCenter where: S-1-5-20... command: rundll32.exe oobefldr.dll,ShowWelcomeCenter file: C:\Windows\system32\oobefldr.dll size: 2153472 MD5: 83E4A5435B0FA6AD0166722621A04725 Located: HK_CU:Run, Aim6 where: S-1-5-21-1601075238-2268458529-197457285-1000... command: "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp file: C:\Program Files\AIM6\aim6.exe size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: HK_CU:Run, igndlm.exe where: S-1-5-21-1601075238-2268458529-197457285-1000... command: C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork file: C:\Program Files\Download Manager\DLM.exe size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: HK_CU:Run, Messenger (Yahoo!) where: S-1-5-21-1601075238-2268458529-197457285-1000... command: "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet file: C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe size: 4347120 MD5: BF7F70A930CEFF0124CB70BFB0055E8F Located: HK_CU:Run, MsnMsgr where: S-1-5-21-1601075238-2268458529-197457285-1000... command: "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background file: C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe size: 5724184 MD5: A8972A2F9A744DD5EE0BFE429D767F1C Located: HK_CU:Run, SpybotSD TeaTimer where: S-1-5-21-1601075238-2268458529-197457285-1000... command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe size: 2156368 MD5: 08FC1FAD357F053043016597B6559BDC

--- System information --- Windows Vista (Build: 6001) Service Pack 1 (6.0.6001) / MSXML4SP2: Security update for MSXML4 SP2 (KB936181) / MSXML4SP2: Security update for MSXML4 SP2 (KB941833) --- Startup entries list --- Located: HK_LM:Run, command: file: size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: HK_LM:Run, ccApp command: "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" file: c:\Program Files\Common Files\Symantec Shared\ccApp.exe size: 107112 MD5: D12509C433C20D2818E8C03C401A256F Located: HK_LM:Run, CPM6108e4d1 command: Rundll32.exe "C:\Windows\system32\timedora.dll",a file: C:\Windows\system32\timedora.dll size: 96903 MD5: C450E3A06EBAF0BC4DE34D9C1C6DDB31 Located: HK_LM:Run, GrooveMonitor command: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" file: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe size: 33648 MD5: 35DCD380D4D579D8B8EA91D5D8AE444C Located: HK_LM:Run, HP Software Update command: c:\Program Files\HP\HP Software Update\HPWuSchd2.exe file: c:\Program Files\HP\HP Software Update\HPWuSchd2.exe size: 49152 MD5: 821F73B833C4DAEBC33C1A9A4B16BB5A Located: HK_LM:Run, hpsysdrv command: c:\hp\support\hpsysdrv.exe file: c:\hp\support\hpsysdrv.exe size: 65536 MD5: 85B8925F1A477DF7AEC93CABBEB04F1F Located: HK_LM:Run, lavitulowo command: Rundll32.exe "C:\Windows\system32\zewehapo.dll",s file: C:\Windows\system32\zewehapo.dll size: 65659 MD5: 87B43A7F1BB10488CC6C35EACF0FA398 Located: HK_LM:Run, NvCplDaemon command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup file: C:\Windows\system32\NvCpl.dll size: 13584928 MD5: C5B510903FA7D47A0EC7AE561B3D7C84 Located: HK_LM:Run, NvMediaCenter command: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit file: C:\Windows\system32\NvMcTray.dll size: 92704 MD5: A58AE4B49BC1E44DB2E890577A4020E6 Located: HK_LM:Run, osCheck command: "c:\Program Files\Norton Internet Security\osCheck.exe" file: c:\Program Files\Norton Internet Security\osCheck.exe size: 22696 MD5: 9F9169BA9B0E44B6C86A5247CEC2CDEE Located: HK_LM:Run, RtHDVCpl command: RtHDVCpl.exe file: C:\Windows\RtHDVCpl.exe size: 4702208 MD5: 67908FFF414C4BA8019BCDE44281CE9F Located: HK_LM:Run, SunJavaUpdateSched command: "C:\Program Files\Java\jre6\bin\jusched.exe" file: C:\Program Files\Java\jre6\bin\jusched.exe size: 136600 MD5: B98FFA8288EFAABC436C30D198608345

--- Search result list --- Hint of the Day: Click the bar at the right of this to see more information! () Right Media: Tracking cookie (Internet Explorer: Tyler) (Cookie, nothing done) --- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) --- 2008-07-07 blindman.exe (1.0.0.8) 2008-07-07 SDFiles.exe (1.6.0.4) 2008-07-07 SDMain.exe (1.0.0.6) 2008-07-07 SDShred.exe (1.0.2.3) 2008-07-07 SDUpdate.exe (1.6.0.8) 2008-07-07 SDWinSec.exe (1.0.0.12) 2008-07-07 SpybotSD.exe (1.6.0.30) 2008-07-07 TeaTimer.exe (1.6.0.20) 2008-10-09 unins000.exe (51.49.0.0) 2008-07-07 Update.exe (1.6.0.7) 2008-07-07 advcheck.dll (1.6.1.12) 2007-04-02 aports.dll (2.1.0.0) 2008-06-14 DelZip179.dll (1.79.11.1) 2008-07-07 SDHelper.dll (1.6.0.12) 2008-06-19 sqlite3.dll 2008-07-07 Tools.dll (2.1.5.7) 2008-09-02 Includes\Adware.sbi (*) 2008-10-07 Includes\AdwareC.sbi (*) 2008-06-03 Includes\Cookies.sbi (*) 2008-09-02 Includes\Dialer.sbi (*) 2008-09-09 Includes\DialerC.sbi (*) 2008-07-23 Includes\HeavyDuty.sbi (*) 2008-09-02 Includes\Hijackers.sbi (*) 2008-10-07 Includes\HijackersC.sbi (*) 2008-09-09 Includes\Keyloggers.sbi (*) 2008-09-30 Includes\KeyloggersC.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2008-10-08 Includes\Malware.sbi (*) 2008-10-08 Includes\MalwareC.sbi (*) 2008-09-02 Includes\PUPS.sbi (*) 2008-10-07 Includes\PUPSC.sbi (*) 2007-11-07 Includes\Revision.sbi (*) 2008-06-18 Includes\Security.sbi (*) 2008-09-30 Includes\SecurityC.sbi (*) 2008-06-03 Includes\Spybots.sbi (*) 2008-06-03 Includes\SpybotsC.sbi (*) 2008-09-09 Includes\Spyware.sbi (*) 2008-09-23 Includes\SpywareC.sbi (*) 2008-06-03 Includes\Tracks.uti 2008-09-30 Includes\Trojans.sbi (*) 2008-10-07 Includes\TrojansC.sbi (*) 2008-03-04 Plugins\Chai.dll 2008-03-05 Plugins\Fennel.dll 2008-02-26 Plugins\Mate.dll 2007-12-24 Plugins\TCPIPAddress.dll

I think I have some sort of virus but I am not sure on how to scan for it or get rid of it. When I try to download anything online (using both IE, and FireFox) the download doesnt go through. I will start to download the file but it just stops in the middle of the download. I tried downloading the Malwarebytes software but I cant get it. The only way for me to bring files over is to download them from another computer and use a flashdrive to move it over. I had scanned with Spybot and it came up with virtumonde.prx I used the Fix button on there and it no longer comes up when I scan my computer with it. I am still getting popups when I open IE or FireFox. I also denied changes on some things I have never seen before when Spybot was up... It was denying the same thing every second so I was getting popups boxes telling me it was denied all over the right hand side of my screen. I exited Spybot and reopened it and havent been asked that again. Can someone please help me. My computer goes Extremely slow at times and seems to lock up, I would describe it more as freezing sometimes up to 2 minutes before everything catches up. It has completly froozen up to where I would have to just restart it. Its running Vista and I would say no more then 2 years old. If you can tell me what to do I will do my best to get back to your requests ASAP right now I am scanning with Spybot and will try and post the logs from it.