Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Search re-directed

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Search re-directed

Unread postby Double Eagle » March 10th, 2009, 12:22 pm

My searches are being re-directed. HJT log is as follows:

Logfile of random's system information tool 1.05 (written by random/random)
Run by Exxx Hxxxxxx at 2009-03-10 11:07:31
Microsoft Windows XP Professional Service Pack 3
System drive C: has 243 GB (80%) free of 305 GB
Total RAM: 3070 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:34 AM, on 3/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Smc.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\windows\system32\spoolsv.exe
C:\PROGRA~1\APC\POWERC~1\agent\pbeagent.exe
C:\PROGRA~1\APC\POWERC~1\server\PBESER~1.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
C:\windows\System32\svchost.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\windows\system32\LxrJD31s.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\ofps.exe
C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe
C:\Program Files\Retrospect\Retrospect 7.6\retrorun.exe
C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
C:\windows\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
C:\windows\Explorer.EXE
C:\Program Files\Symantec AntiVirus\SmcGui.exe
C:\Program Files\Visioneer\OneTouch 4.0\OtMonEx.exe
C:\windows\system32\ctfmon.exe
C:\windows\system32\NWTRAY.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\PalmTether\TetherApp.exe
C:\windows\system32\rundll32.exe
C:\PROGRA~1\PALMTE~1\PALMON~1.EXE
C:\WINDOWS\system32\dpmw32.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Novell\Messenger\NMCL32.exe
C:\Documents and Settings\Eric Hardman\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\palmOne\palmOne 9-11-07\Hotsync.exe
C:\DOCUME~1\ERICHA~1\LOCALS~1\Temp\O.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\dllhost.exe
C:\windows\Explorer.EXE
C:\windows\system32\wscntfy.exe
C:\Documents and Settings\Eric Hardman\Desktop\RSIT.exe
C:\Program Files\trend micro\Eric Hardman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.drudgereport.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NWTRAY] "C:\windows\system32\NWTRAY.EXE"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PalmTether] "C:\Program Files\PalmTether\TetherApp.exe"
O4 - HKLM\..\Run: [P17Helper] "C:\windows\system32\rundll32.exe" P17.dll,P17Helper
O4 - HKLM\..\Run: [NDPS] "C:\WINDOWS\system32\dpmw32.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] "C:\windows\system32\dumprep.exe" 0 -k
O4 - HKLM\..\Run: [IntelMeM] "C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe"
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [DLPSP] "c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] "C:\windows\system32\ctfmon.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Novell Messenger] "C:\Novell\Messenger\NMCL32.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Eric Hardman\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\palmOne\palmOne 9-11-07\Hotsync.exe
O4 - Global Startup: OfficeView Pro.lnk = C:\Program Files\OfficeView Pro\ovproWS.exe
O8 - Extra context menu item: SnipeIt! eSnipe - http://www.esnipe.com/SnipeIt/SnipeItOpen3.asp
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Novell Messenger - {3C3171BC-1025-43d1-8D1D-61CF4B38A28F} - C:\Novell\MESSEN~1\NMCL32.exe
O9 - Extra 'Tools' menuitem: Novell Messenger - {3C3171BC-1025-43d1-8D1D-61CF4B38A28F} - C:\Novell\MESSEN~1\NMCL32.exe
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\windows\system32\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\windows\system32\SHDOCVW.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.econoenvelope.com/tdserver.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.symantec.com/techsup ... SupCtl.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsup ... mAData.cab
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec.com/techsupp/active ... rdtinf.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsup ... gctlsr.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.2.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex ... 0-3-36.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2059656062
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v ... b34246.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsup ... mAData.cab
O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} (FileOpenInstaller) - http://plugin.fileopen.com/current/FileOpen.CAB
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC PBE Agent (APCPBEAgent) - APC - C:\PROGRA~1\APC\POWERC~1\agent\pbeagent.exe
O23 - Service: APC PBE Server (APCPBEServer) - APC - C:\PROGRA~1\APC\POWERC~1\server\PBESER~1.EXE
O23 - Service: Ati HotKey Poller - Unknown owner - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c98df298a687c) (gupdate1c98df298a687c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\windows\SYSTEM32\LxrJD31s.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: OmniForm Printer - ScanSoft, Inc. - C:\WINDOWS\system32\ofps.exe
O23 - Service: OneTouch 4.0 Monitor - Visioneer Inc. - C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - EMC Corporation - C:\Program Files\Retrospect\Retrospect 7.6\retrorun.exe
O23 - Service: Retrospect Helper - EMC Corporation - C:\Program Files\Retrospect\Retrospect 7.6\rthlpsvc.exe
O23 - Service: Symantec Auto-upgrade Agent (Smcinst) - Unknown owner - C:\Program Files\Symantec AntiVirus\SmcLU\Setup\smcinst.exe (file missing)
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\SNAC.EXE
O23 - Service: Sprint PCS v3 Utility Service - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (http://www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
O24 - Desktop Component 0: (no name) - http://www.salina.k-state.edu/globalflyer/stats.gif

--
End of file - 16925 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachine.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3231388090-65079912-975580894-1007.job
C:\windows\tasks\User_Feed_Synchronization-{F0BC3C1D-31F3-42F1-8297-E44D156C5821}.job
C:\windows\tasks\wrSpySweeper_L08371F205AF64AC1AC033C9C17B61194.job
C:\windows\tasks\wrSpySweeper_L8F457ED40EA14FDD9E856139DCB79203.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2008-11-27 5759816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-05 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-05 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2008-11-27 5759816]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NWTRAY"=C:\windows\system32\NWTRAY.EXE [2002-03-12 28672]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-30 155648]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-01-03 98304]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2004-06-29 57393]
"PalmTether"=C:\Program Files\PalmTether\TetherApp.exe [2006-02-09 143360]
"P17Helper"=C:\windows\system32\P17.dll [2005-05-03 64512]
"NDPS"=C:\WINDOWS\system32\dpmw32.exe [2004-05-17 32859]
"KernelFaultCheck"=C:\windows\system32\dumprep.exe [2008-04-13 10752]
"IntelMeM"=C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe [2003-09-03 221184]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2004-06-29 40960]
"IAAnotif"=C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe [2004-12-17 135168]
"CTSysVol"=C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe [2003-09-17 57344]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-10-06 115560]
"Acrobat Assistant 7.0"=C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]
"DLPSP"=c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE [2005-01-13 126976]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-05 148888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-13 15360]
"RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2008-11-27 160592]
"Novell Messenger"=C:\Novell\Messenger\NMCL32.exe [2007-09-05 1417293]
"Google Update"=C:\Documents and Settings\Eric Hardman\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-02 133104]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-08-25 339968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLPSP]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpAgent]
C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe [2005-07-06 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Opware15]
C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe [2005-07-06 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF3 Registry Controller]
C:\Program Files\ScanSoft\OmniPage15.0\PDFConverter3\\RegistryController.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPScheduler]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe [2005-03-08 1695744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyHunter Security Suite]
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe [2009-01-13 864256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2009-01-20 6278520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WFXSwtch]
C:\PROGRA~1\WinFax\WFXSWTCH.exe [2002-12-12 28160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFaxAppPortStarter]
C:\windows\system32\wfxsnt40.exe [2002-12-12 45568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2003-09-18 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DataViz Inc Messenger.lnk]
C:\PROGRA~1\COMMON~1\DataViz\DVZINC~1.EXE [2006-11-08 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Principia Online Update.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Service Manager.lnk]
C:\PROGRA~1\MI6841~1\80\Tools\Binn\sqlmangr.exe [2005-05-03 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Eric Hardman^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2003-09-18 110592]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
HOTSYNCSHORTCUTNAME.lnk - C:\Program Files\palmOne\palmOne 9-11-07\Hotsync.exe
OfficeView Pro.lnk - C:\Program Files\OfficeView Pro\ovproWS.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-04-24 282624]
"{A213B520-C6C2-11d0-AF9D-008029E1027E}"=C:\Program Files\WinFax\WfxSeh32.Dll [1998-07-27 38400]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwv1_0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccEvtMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccSetMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antvirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"CompatibleRUPSecurity"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"ForceClassicControlPanel"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"C:\Program Files\Yahoo!\Messenger\YPager.exe"="C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\utorrent\utorrent.exe"="C:\Program Files\utorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\SYSTEM32\dpmw32.exe"="C:\WINDOWS\SYSTEM32\dpmw32.exe:*:Enabled:NDPS RPM & Notification Listener"
"C:\Program Files\Retrospect\Retrospect 7.5\Retrospect.exe"="C:\Program Files\Retrospect\Retrospect 7.5\Retrospect.exe:*:Enabled:Retrospect"
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe"="C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Program Files\APC\PowerChute Business Edition\agent\pbeagent.exe"="C:\Program Files\APC\PowerChute Business Edition\agent\pbeagent.exe:*:Disabled:PowerChute Business Edition Agent"
"C:\Program Files\APC\PowerChute Business Edition\server\pbeserver.exe"="C:\Program Files\APC\PowerChute Business Edition\server\pbeserver.exe:*:Disabled:PowerChute Business Edition Server"
"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe"="C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Program Files\Symantec AntiVirus\Smc.exe"="C:\Program Files\Symantec AntiVirus\Smc.exe:*:Enabled:SMC Service"
"C:\Program Files\Symantec AntiVirus\SNAC.EXE"="C:\Program Files\Symantec AntiVirus\SNAC.EXE:*:Enabled:SNAC Service"
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\SmartFTP Client\SmartFTP.exe"="C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 3.0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bcd046ea-5974-11db-9514-806d6172696f}]
shell\AutoRun\command - D:\autorun.bat


======File associations======

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 months======

2009-03-05 16:47:59 ----A---- C:\windows\system32\javaws.exe
2009-03-05 16:47:46 ----D---- C:\Program Files\Java
2009-03-05 16:42:15 ----A---- C:\windows\system32\javaw.exe
2009-03-05 16:42:15 ----A---- C:\windows\system32\java.exe
2009-03-05 09:40:12 ----D---- C:\Program Files\trend micro
2009-03-05 09:40:11 ----D---- C:\rsit
2009-03-03 14:19:21 ----A---- C:\windows\system32\deploytk.dll
2009-02-25 10:29:06 ----HDC---- C:\windows\$NtUninstallKB961118$
2009-02-25 10:28:42 ----HDC---- C:\windows\$NtUninstallKB967715$
2009-02-20 14:21:27 ----D---- C:\Documents and Settings\Eric Hardman\Application Data\Qualcomm
2009-02-20 14:20:20 ----D---- C:\Program Files\Qualcomm
2009-02-18 15:11:32 ----A---- C:\DVDPATH.TXT
2009-02-17 17:15:07 ----A---- C:\windows\system32\rmoc3260.dll
2009-02-17 17:15:07 ----A---- C:\windows\system32\pndx5032.dll
2009-02-17 17:15:07 ----A---- C:\windows\system32\pndx5016.dll
2009-02-17 17:15:07 ----A---- C:\windows\system32\pncrt.dll
2009-02-17 17:15:05 ----A---- C:\windows\system32\yv12vfw.dll
2009-02-17 17:15:04 ----A---- C:\windows\system32\xvidvfw.dll
2009-02-17 17:15:04 ----A---- C:\windows\system32\xvidcore.dll
2009-02-17 17:15:03 ----A---- C:\windows\system32\divx.dll
2009-02-17 17:15:02 ----A---- C:\windows\system32\ff_vfw.dll.manifest
2009-02-17 17:15:02 ----A---- C:\windows\system32\ff_vfw.dll
2009-02-17 17:15:00 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-02-17 16:51:13 ----D---- C:\Registry Backup
2009-02-17 15:49:12 ----A---- C:\windows\system32\unrar.dll
2009-02-17 15:49:10 ----D---- C:\Program Files\K-Lite Codec Pack
2009-02-17 15:27:18 ----A---- C:\windows\wininit.ini
2009-02-17 15:12:19 ----D---- C:\DECCHECK
2009-02-17 12:40:06 ----D---- C:\Documents and Settings\Eric Hardman\Application Data\Any Video Converter
2009-02-17 12:40:02 ----D---- C:\Program Files\Any Video Converter
2009-02-17 12:23:26 ----D---- C:\Documents and Settings\Eric Hardman\Application Data\AVS4YOU
2009-02-17 12:23:21 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2009-02-17 12:21:51 ----D---- C:\Program Files\Common Files\AVSMedia
2009-02-17 12:21:25 ----D---- C:\Program Files\AVS4YOU
2009-02-17 12:21:25 ----A---- C:\windows\system32\msxml3a.dll
2009-02-16 11:38:29 ----D---- C:\Program Files\Microsoft
2009-02-16 09:16:37 ----D---- C:\Documents and Settings\All Users\Application Data\LightScribe
2009-02-12 15:32:50 ----D---- C:\23ab77efd398b76d2fb840ae
2009-02-11 17:01:07 ----HDC---- C:\windows\$NtUninstallKB960715$

======List of files/folders modified in the last 1 months======

2009-03-10 11:04:54 ----D---- C:\windows\Temp
2009-03-10 11:02:56 ----D---- C:\Program Files
2009-03-10 10:56:40 ----D---- C:\windows\Prefetch
2009-03-10 10:25:00 ----A---- C:\windows\SchedLgU.Txt
2009-03-10 08:52:38 ----A---- C:\additdiag.txt
2009-03-09 14:10:26 ----A---- C:\windows\QUICKEN.INI
2009-03-09 14:00:05 ----SHD---- C:\System Volume Information
2009-03-09 13:14:33 ----D---- C:\Program Files\Quicken
2009-03-09 12:00:54 ----D---- C:\windows\repair
2009-03-09 12:00:41 ----D---- C:\windows\Registration
2009-03-09 12:00:07 ----D---- C:\Documents and Settings\All Users\Application Data\Retrospect
2009-03-09 08:35:22 ----D---- C:\windows\system32\CatRoot2
2009-03-09 08:29:17 ----D---- C:\windows\system32
2009-03-09 08:29:17 ----A---- C:\windows\system32\PerfStringBackup.INI
2009-03-09 08:27:59 ----A---- C:\windows\OV3Local.ini
2009-03-09 08:27:03 ----A---- C:\windows\DPRPMLOG.TXT
2009-03-09 08:25:06 ----A---- C:\windows\ModemLog_Intel(R) 537EP V9x DF PCI Modem.txt
2009-03-09 08:25:02 ----A---- C:\windows\ModemLog_Palm Modem.txt
2009-03-06 11:15:00 ----A---- C:\windows\WIN.INI
2009-03-06 11:15:00 ----A---- C:\windows\SYSTEM.INI
2009-03-06 09:33:03 ----HD---- C:\Config.Msi
2009-03-05 16:48:10 ----SHD---- C:\windows\Installer
2009-03-05 16:46:02 ----D---- C:\Program Files\Common Files
2009-03-05 16:33:06 ----D---- C:\Program Files\Poker Tracker V2
2009-03-05 16:33:06 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-03-05 15:51:56 ----D---- C:\Program Files\PokerStars
2009-03-05 12:58:55 ----D---- C:\windows\system32\drivers
2009-03-05 11:57:46 ----SD---- C:\Documents and Settings\Eric Hardman\Application Data\Microsoft
2009-03-05 11:57:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-03-04 17:44:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-03-02 17:13:53 ----D---- C:\Program Files\Full Tilt Poker
2009-03-02 17:04:23 ----D---- C:\WINDOWS
2009-03-02 14:36:41 ----HD---- C:\windows\inf
2009-02-27 10:37:00 ----D---- C:\Program Files\Microsoft Silverlight
2009-02-26 09:17:48 ----D---- C:\Program Files\SmartFTP Client 3.0 Setup Files
2009-02-25 14:31:25 ----D---- C:\Program Files\SmartFTP Client
2009-02-25 10:57:16 ----D---- C:\windows\system32\CatRoot
2009-02-25 10:29:14 ----RSHDC---- C:\windows\system32\dllcache
2009-02-25 10:28:54 ----A---- C:\windows\imsins.BAK
2009-02-25 10:19:40 ----D---- C:\Program Files\Registry Mechanic
2009-02-25 05:15:29 ----HD---- C:\windows\$hf_mig$
2009-02-24 16:40:00 ----D---- C:\Documents and Settings\Eric Hardman\Application Data\Roxio
2009-02-24 12:59:38 ----A---- C:\windows\APDFPRP.INI
2009-02-20 14:20:20 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-18 16:23:22 ----D---- C:\Program Files\Google
2009-02-18 16:23:22 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-02-18 16:20:07 ----D---- C:\Program Files\eBay
2009-02-18 16:19:39 ----D---- C:\Program Files\TEARS Software
2009-02-18 16:17:11 ----D---- C:\Program Files\ScanSoft
2009-02-18 16:17:10 ----D---- C:\windows\system32\DocucomRes6
2009-02-18 16:17:09 ----D---- C:\Documents and Settings\All Users\Application Data\ScanSoft
2009-02-18 15:10:41 ----D---- C:\temp_dvd
2009-02-18 12:19:28 ----D---- C:\Program Files\Dvd-cloner
2009-02-17 17:12:31 ----D---- C:\Program Files\DivX
2009-02-17 16:58:06 ----D---- C:\Documents and Settings\Eric Hardman\Application Data\DivX
2009-02-17 15:11:17 ----SD---- C:\windows\Downloaded Program Files
2009-02-16 11:38:06 ----HDC---- C:\windows\$NtUninstallKB943729$
2009-02-13 11:37:56 ----D---- C:\windows\Microsoft.NET
2009-02-13 11:37:53 ----RSD---- C:\windows\ASSEMBLY
2009-02-13 10:45:04 ----SD---- C:\windows\Tasks
2009-02-13 09:40:08 ----D---- C:\windows\SxsCaPendDel
2009-02-12 15:38:56 ----D---- C:\windows\WinSxS
2009-02-12 15:34:05 ----D---- C:\windows\system32\XPSViewer
2009-02-12 15:34:02 ----D---- C:\windows\system32\en-US
2009-02-12 15:33:58 ----RSD---- C:\windows\Fonts
2009-02-12 15:29:56 ----D---- C:\Program Files\Internet Explorer
2009-02-11 17:00:44 ----D---- C:\windows\ie7updates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Cdr4_xp;Cdr4_xp; C:\windows\system32\drivers\Cdr4_xp.sys [2007-08-15 9336]
R1 Cdralw2k;Cdralw2k; C:\windows\system32\drivers\Cdralw2k.sys [2007-08-15 9464]
R1 cdudf_xp;cdudf_xp; C:\windows\system32\drivers\cdudf_xp.sys [2005-03-08 291456]
R1 Cinemsup;Cinemsup; C:\windows\system32\drivers\Cinemsup.sys [2003-12-19 6656]
R1 DVDVRRdr_xp;DVDVRRdr_xp; C:\windows\system32\drivers\DVDVRRdr_xp.sys [2005-03-08 141184]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 omci;OMCI WDM Device Driver; C:\windows\system32\DRIVERS\omci.sys [2002-11-08 17217]
R1 pwd_2k;pwd_2k; C:\windows\system32\drivers\pwd_2k.sys [2005-03-08 117760]
R1 SCDEmu;SCDEmu; C:\windows\system32\drivers\SCDEmu.sys [2007-08-06 33052]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SRTSP;SRTSP; C:\windows\System32\Drivers\SRTSP.SYS [2009-02-03 279600]
R1 SRTSPX;SRTSPX; C:\windows\System32\Drivers\SRTSPX.SYS [2009-02-03 43824]
R1 SYMTDI;SYMTDI; C:\windows\System32\Drivers\SYMTDI.SYS [2008-10-06 191536]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 UDFReadr;UDFReadr; C:\windows\system32\drivers\UDFReadr.sys [2005-03-08 202496]
R2 Aspi32;Aspi32; C:\windows\System32\drivers\aspi32.sys [2006-06-23 16512]
R2 LxrJD31d;LxrJD31d; \??\C:\WINDOWS\system32\Drivers\LxrJD31d.sys []
R2 NetwareWorkstation;Novell Client for Windows; C:\windows\system32\NetWare\nwfs.sys [2005-02-16 494347]
R2 NWDHCP;Novell DHCP Inform Client; C:\windows\system32\NetWare\nwdhcp.sys [2004-08-16 17101]
R2 RESMGR;Novell NetWare Resource Manager; C:\windows\system32\NetWare\resmgr.sys [2004-06-01 27249]
R2 SRVLOC;Novell Service Location; C:\windows\system32\NetWare\srvloc.sys [2005-01-03 155405]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R2 WGX;Extend WG Protocol Driver; C:\windows\System32\Drivers\WGX.SYS [2009-02-03 38056]
R3 ati2mtag;ati2mtag; C:\windows\system32\DRIVERS\ati2mtag.sys [2004-08-25 787456]
R3 b57w2k;Broadcom NetXtreme 57xx Gigabit Controller; C:\windows\system32\DRIVERS\b57xp32.sys [2004-05-29 186112]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\windows\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 dvd_2K;dvd_2K; C:\windows\system32\drivers\dvd_2K.sys [2005-03-08 24064]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HidUsb;Microsoft HID Class Driver; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntelC51;IntelC51; C:\windows\system32\DRIVERS\IntelC51.sys [2004-03-05 1233525]
R3 IntelC52;IntelC52; C:\windows\system32\DRIVERS\IntelC52.sys [2004-03-05 647929]
R3 IntelC53;IntelC53; C:\windows\system32\DRIVERS\IntelC53.sys [2004-06-15 61157]
R3 mmc_2K;mmc_2K; C:\windows\system32\drivers\mmc_2K.sys [2005-03-08 23808]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\windows\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mohfilt;mohfilt; C:\windows\system32\DRIVERS\mohfilt.sys [2004-03-05 37048]
R3 mouhid;Mouse HID Driver; C:\windows\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090310.017\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090310.017\NAVEX15.SYS []
R3 NWDNS;Novell DNS Name Space Service Provider; C:\windows\system32\NetWare\nwdns.sys [2005-01-13 37196]
R3 NWHOST;Novell Host File Name Space Service Provider; C:\windows\system32\NetWare\NWHOST.sys [2004-02-17 11856]
R3 NWSLP;Novell SLP Name Space Service Provider; C:\windows\system32\NetWare\nwslp.sys [2005-01-03 20332]
R3 NWSNS;Novell Simple Naming Services; C:\windows\system32\NetWare\NWSNS.sys [2003-02-13 5808]
R3 ossrv;Creative OS Services Driver; C:\windows\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;SB Live! 24-bit; C:\windows\system32\drivers\P17.sys [2007-06-15 1127936]
R3 palmmdm;Palm Modem; C:\windows\system32\DRIVERS\palmmdm.sys [2006-01-30 9728]
R3 senfilt;senfilt; C:\windows\system32\drivers\senfilt.sys [2004-09-17 732928]
R3 smwdm;smwdm; C:\windows\system32\drivers\smwdm.sys [2005-01-27 260352]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; C:\windows\System32\Drivers\SYMREDRV.SYS [2008-10-06 27696]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\windows\system32\DRIVERS\tosporte.sys [2005-11-24 47104]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\windows\System32\Drivers\tosrfbd.sys [2005-11-22 108800]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\windows\System32\Drivers\tosrfbnp.sys [2005-09-15 36480]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\windows\system32\DRIVERS\Tosrfhid.sys [2005-12-01 62848]
R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\windows\System32\Drivers\tosrfusb.sys [2005-11-15 36736]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB Mass Storage Driver; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\windows\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S2 NWSIPX32;Novell NetWare IPX/SPX Transport Interface; C:\windows\system32\NetWare\nwsipx32.sys [2004-07-12 41888]
S3 BlueletAudio;Bluetooth Audio Service; C:\windows\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
S3 BT;Bluetooth PAN Network Adapter; C:\windows\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\windows\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\windows\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 bvrp_pci;bvrp_pci; C:\windows\system32\drivers\bvrp_pci.sys [2003-08-28 4272]
S3 CCDECODE;Closed Caption Decoder; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 COH_Mon;COH_Mon; \??\C:\windows\system32\Drivers\COH_Mon.sys []
S3 E100B;Intel(R) PRO Adapter Driver; C:\windows\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 fd_dbus;FutureDial USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\fd_dbus.sys [2003-06-11 44816]
S3 fd_dmdfl;FutureDial USB Modem Filter; C:\windows\system32\DRIVERS\fd_dmdfl.sys [2003-06-11 6000]
S3 fd_dmdm;FutureDial USB Modem Drivers; C:\windows\system32\DRIVERS\fd_dmdm.sys [2003-06-11 72912]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NDMSHLP;Device Monitor Helper Driver; \??\C:\Program Files\Common Files\HHD Software\Device Monitor\ndmshlp.sys []
S3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 NWSAP;Novell SAP Name Space Provider; C:\windows\system32\NetWare\NWSAP.sys [2003-02-26 23232]
S3 PalmUSBD;PalmUSBD; C:\windows\system32\drivers\PalmUSBD.sys [2008-11-26 16694]
S3 Pcouffin;Low level access layer for CD devices; C:\windows\System32\Drivers\Pcouffin.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2004-08-04 5888]
S3 SerMon;Serial Monitor Filter Driver; \??\C:\Program Files\HHD Software\Free Serial Port Monitor\sermon.sys []
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\windows\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 SRTSPL;SRTSPL; C:\windows\System32\Drivers\SRTSPL.SYS [2009-02-03 319664]
S3 SSKBFD;Webroot Spy Sweeper Keylogger Shield Keyboard Filter; C:\windows\System32\Drivers\sskbfd.sys [2008-01-04 23920]
S3 StillCam;Still Serial Digital Camera Driver; C:\windows\system32\DRIVERS\serscan.sys [2001-08-17 6784]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\windows\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\windows\system32\drivers\TosRfSnd.sys [2005-11-11 52864]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbprint;Microsoft USB PRINTER Class; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 VComm;Virtual Serial port driver; C:\windows\system32\DRIVERS\VComm.sys [2004-10-19 61312]
S3 wanatw;WAN Miniport (ATW); C:\windows\system32\DRIVERS\wanatw4.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 sr;System Restore Filter Driver; C:\windows\system32\DRIVERS\sr.sys [2008-04-13 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 APCPBEAgent;APC PBE Agent; C:\PROGRA~1\APC\POWERC~1\agent\pbeagent.exe [2006-08-22 28672]
R2 APCPBEServer;APC PBE Server; C:\PROGRA~1\APC\POWERC~1\server\PBESER~1.EXE [2006-08-22 45134]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\windows\system32\Ati2evxx.exe [2004-08-25 389120]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-06 108392]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-06 108392]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-13 44032]
R2 DLPWD;Dell Printer Status Watcher; c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE [2004-03-12 90112]
R2 DLSDB;Dell Printer Status Database; c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE [2004-03-12 135168]
R2 IAANTMon;IAA Event Monitor; C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe [2004-12-17 73852]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-05 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 LxrJD31s;Lexar JD31; C:\windows\system32\LxrJD31s.exe [2006-03-28 71168]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 OmniForm Printer;OmniForm Printer; C:\WINDOWS\system32\ofps.exe [2004-10-21 49152]
R2 OneTouch 4.0 Monitor;OneTouch 4.0 Monitor; C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe [2006-10-31 122880]
R2 RetroLauncher;Retrospect Launcher; C:\Program Files\Retrospect\Retrospect 7.6\retrorun.exe [2008-12-08 115992]
R2 SmcService;Symantec Management Client; C:\Program Files\Symantec AntiVirus\Smc.exe [2009-02-03 1795400]
R2 Sprint PCS v3 Utility Service;Sprint PCS v3 Utility Service; C:\Program Files\Sprint\Sprint PCS Connection Manager\CMSPCSUtilSvc.exe [2007-05-01 135168]
R2 Symantec AntiVirus;Symantec Endpoint Protection; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2009-02-03 2440120]
R2 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-09-09 1247600]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine; C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe [2008-12-07 3671408]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [2009-01-20 1090936]
R2 WSearch;Windows Search Service; C:\WINDOWS\system32\SearchIndexer.exe [2006-04-24 214528]
S2 ATI Smart;ATI Smart; C:\WINDOWS\SYSTEM32\ati2sgag.exe [2007-06-29 520192]
S2 Fax;Fax; C:\windows\system32\fxssvc.exe [2008-04-13 267776]
S2 gupdate1c98df298a687c;Google Update Service (gupdate1c98df298a687c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
S2 MSSQL$MICROSOFTSMLBIZ;MSSQL$MICROSOFTSMLBIZ; c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe [2005-05-04 9150464]
S2 Retrospect Helper;Retrospect Helper; C:\Program Files\Retrospect\Retrospect 7.6\rthlpsvc.exe [2008-12-08 128280]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2005-05-04 72704]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 cusrvc;Client Update Service for Novell; C:\WINDOWS\system32\cusrvc.exe [2005-01-18 36864]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-04 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2008-06-30 3093872]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-04-25 138504]
S3 Smcinst;Symantec Auto-upgrade Agent; C:\Program Files\Symantec AntiVirus\SmcLU\Setup\smcinst.exe []
S3 SNAC;Symantec Network Access Control; C:\Program Files\Symantec AntiVirus\SNAC.EXE [2009-02-03 320840]
S3 SQLAgent$MICROSOFTSMLBIZ;SQLAgent$MICROSOFTSMLBIZ; c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE [2005-05-03 323584]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Double Eagle
Active Member
 
Posts: 1
Joined: March 10th, 2009, 12:17 pm
Advertisement
Register to Remove

Re: Search re-directed

Unread postby Blade81 » March 22nd, 2009, 10:15 am

Being helped at Bleeping Computer. Topic closed.
User avatar
Blade81
Admin/Teacher
Admin/Teacher
 
Posts: 5245
Joined: July 17th, 2006, 3:36 am
Location: Finland


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 27 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware