Thank you so much km2357 for taking the time to help me out.
You're the best.
Uninstall List:
2007 Microsoft Office Suite Service Pack 1 (SP1)
3Planesoft Screensaver Manager 1.1
ABBYY FineReader 6.0 Sprint
Actual Window Manager 4.3
Adobe Flash Player Plugin
Adobe Reader 8.1.2
AI RoboForm (All Users)
Apple Mobile Device Support
Apple Software Update
ATnotes Version 9.5
AutoHotkey 1.0.47.06
AVG Anti-Spyware 7.5
Avira AntiVir PersonalEdition Classic
Behavior Guard Add-on 5.5
CCleaner (remove only)
Citrix Presentation Server Client - Web Only
Clock Tray Skins 4
CrossLoop 2.11
Cursor Hider
DeskScapes
Driver Magician 3.18
ePrompter
FileMenu Tools
Firefox Preloader
GIMP 2.4.5
GOM Player
GTK+ 2.10.6-1 runtime environment
HijackThis 2.0.2
iFinger
Intel(R) Graphics Media Accelerator Driver
Intelligent Shutdown 1.26
iTunes
Lexmark 9300 Series
LiveUpdate 3.2 (Symantec Corporation)
LogonStudio Vista
Magic ISO Maker v5.4 (build 0239)
Microsoft IntelliType Pro 6.1
Microsoft Money 2007
Microsoft Money Shared Libraries
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C Runtime
Microsoft XML Parser
Mozilla Firefox (2.0.0.11)
Mozilla Firefox (3.0b4)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
Music AlarmClock v2.1.0
Mx Monitor 1.29 Eb
Nero 7 Premium
neroxml
Norton Ghost
PC Tools Firewall Plus 3.0
PowerISO
Presto! Forms 3.50.02
Presto! PageManager 7.12.10
Qliner Hotkeys 2.0
QuickTime
RealArcade
Registry Mechanic 7.0
Security Update for CAPICOM (KB931906)
Security Update for Excel 2007 (KB946974)
Security Update for Office 2007 (KB947801)
Security Update for Outlook 2007 (KB946983)
Security Update for Visio 2007 (KB947590)
SereneScreen Marine Aquarium 2
SigmaTel Audio
SmartFTP Client 2.5 Setup Files (remove only)
SnagIt 8
Spyware Doctor 5.5
Startup Delayer v2.3 (build 125)
Startup Explorer ver. 5.0.0.25
Super Fast Shutdown 1.0
Synaptics Pointing Device Driver
SyncBack
Taskbar Activate
TeamViewer 3
The Lost Watch 3D Screensaver 1.0
The Weather Channel Desktop 6
Trillian
UltimateDefrag
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb949037)
USB Safely Remove 3.3
VCRedistSetup
VersionTracker Pro Windows
VistaGlazz
WavePad Uninstall
Weather Services
Windows Media Player Firefox Plugin
Windows Sidebar Styler
WinZip 11.2
WordWeb
Your Uninstaller! 2008 Version 6.0
ComboFix 08-04-26.5 - Ben 2008-04-27 20:47:38.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.283 [GMT -4:00]
Running from: C:\Users\Ben\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Windows\system32\byXRLCRL.dll
C:\Windows\system32\efcYRHbb.dll
C:\Windows\System32\LRCLRXyb.ini
C:\Windows\System32\LRCLRXyb.ini2
D:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2008-03-28 to 2008-04-28 )))))))))))))))))))))))))))))))
.
2008-04-27 12:47 . 2008-04-27 12:50 <DIR> d-------- C:\Program Files\Startup Explorer
2008-04-27 00:08 . 2008-04-27 00:08 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-27 00:01 . 2008-04-27 00:01 11,432 --a------ C:\Windows\System32\drivers\PROCEXP100.SYS
2008-04-22 20:47 . 2008-04-27 20:35 54,156 --ah----- C:\Windows\QTFont.qfn
2008-04-22 20:47 . 2008-04-22 20:47 1,409 --a------ C:\Windows\QTFont.for
2008-04-21 23:41 . 2008-04-21 23:41 <DIR> d-------- C:\Users\All Users\TechSmith
2008-04-21 23:41 . 2008-04-21 23:41 <DIR> d-------- C:\ProgramData\TechSmith
2008-04-21 23:41 . 2008-04-21 23:41 <DIR> d-------- C:\Program Files\TechSmith
2008-04-21 23:37 . 2008-04-21 23:37 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-21 22:40 . 2008-04-21 22:40 <DIR> d-------- C:\Program Files\WordWeb
2008-04-21 22:40 . 2007-12-01 18:01 1,049,720 --a------ C:\Windows\wweb32.dll
2008-04-21 01:13 . 2008-04-21 01:13 <DIR> d-------- C:\Users\Ben\AppData\Roaming\SmartFTP
2008-04-21 01:12 . 2008-04-21 23:23 <DIR> d-------- C:\Program Files\SmartFTP Client
2008-04-21 01:10 . 2008-04-21 01:10 <DIR> d-------- C:\Program Files\SmartFTP Client 2.5 Setup Files
2008-04-20 03:03 . 2008-02-05 08:40 51,520 --a------ C:\Windows\System32\drivers\TfFsMon.sys
2008-04-20 03:03 . 2008-02-05 08:41 40,768 --a------ C:\Windows\System32\drivers\TfSysMon.sys
2008-04-20 03:03 . 2008-02-05 08:41 33,600 --a------ C:\Windows\System32\drivers\TfNetMon.sys
2008-04-20 03:03 . 2008-02-05 08:40 12,608 --a------ C:\Windows\System32\drivers\TfKbMon.sys
2008-04-20 02:36 . 2007-12-10 13:53 81,288 --a------ C:\Windows\System32\drivers\iksyssec.sys
2008-04-20 02:36 . 2007-12-10 13:53 66,952 --a------ C:\Windows\System32\drivers\iksysflt.sys
2008-04-20 02:36 . 2008-02-01 11:55 42,376 --a------ C:\Windows\System32\drivers\ikfilesec.sys
2008-04-20 02:36 . 2007-12-10 13:53 29,576 --a------ C:\Windows\System32\drivers\kcom.sys
2008-04-20 02:35 . 2008-04-20 02:35 <DIR> d-------- C:\Users\Ben\AppData\Roaming\PC Tools
2008-04-20 02:35 . 2008-04-27 20:27 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-04-18 23:25 . 2008-04-18 23:30 <DIR> d-------- C:\Users\Ben\AppData\Roaming\Windows Sidebar Styler
2008-04-18 23:25 . 2008-04-18 23:25 <DIR> d-------- C:\Program Files\Windows Sidebar Styler
2008-04-18 02:35 . 2008-04-18 02:35 29 --a------ C:\Windows\.wb4
2008-04-18 02:33 . 2007-09-12 17:58 58,792 --------- C:\Windows\System32\wbload.dll
2008-04-18 02:33 . 2007-07-11 14:06 42,672 --------- C:\Windows\System32\wbsys.dll
2008-04-18 01:53 . 2008-04-18 02:16 <DIR> d-------- C:\Program Files\Common Files\stardock
2008-04-18 01:34 . 1995-07-14 00:00 146,321 --a------ C:\Windows\System32\plus!.hlp
2008-04-18 01:34 . 1995-07-14 00:00 37,888 --a------ C:\Windows\System32\plustab.dll
2008-04-18 01:34 . 1995-06-01 12:00 1,300 --a------ C:\Windows\System32\cool.dll
2008-04-17 23:44 . 2000-10-20 01:05 25,088 --a------ C:\Windows\System32\msxml3a.dll
2008-04-15 23:32 . 2008-04-15 23:32 <DIR> d-------- C:\Program Files\Cursor Hider
2008-04-14 20:18 . 2008-04-14 20:18 21,735,936 --a------ C:\Windows\System32\imageres.dll
2008-04-14 14:43 . 2008-04-14 14:43 <DIR> d-------- C:\Program Files\The Weather Channel FW
2008-04-14 00:08 . 2008-04-14 20:14 <DIR> d-------- C:\Program Files\Trillian
2008-04-13 23:39 . 2008-04-14 00:05 <DIR> d-------- C:\Program Files\ICQ6
2008-04-13 01:59 . 2008-04-13 01:59 <DIR> d-------- C:\PFiles
2008-04-11 00:55 . 2008-04-11 00:55 <DIR> d-------- C:\Users\Ben\AppData\Roaming\Stardock
2008-04-11 00:55 . 2008-04-22 03:37 <DIR> d--h----- C:\Users\All Users\{4D84A86B-BFC2-4B9B-B3C4-207F5860E952}
2008-04-11 00:55 . 2008-04-22 03:37 <DIR> d--h----- C:\ProgramData\{4D84A86B-BFC2-4B9B-B3C4-207F5860E952}
2008-04-10 18:52 . 2008-04-10 18:54 <DIR> d-------- C:\Users\Ben\AppData\Roaming\ICAClient
2008-04-09 00:28 . 1997-07-19 16:55 1,347,344 --a------ C:\Windows\System32\msvbvm50.dll
2008-04-08 23:33 . 2008-04-08 23:33 <DIR> d-------- C:\Program Files\NCH Software
2008-04-08 21:25 . 2008-02-22 00:57 295,936 --a------ C:\Windows\System32\gdi32.dll
2008-04-08 21:24 . 2008-02-29 03:14 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-04-08 21:23 . 2008-02-29 03:11 988,216 --a------ C:\Windows\System32\winload.exe
2008-04-08 21:23 . 2008-02-29 03:11 927,288 --a------ C:\Windows\System32\winresume.exe
2008-04-08 21:23 . 2008-02-22 01:05 615,992 --a------ C:\Windows\System32\ci.dll
2008-04-08 21:23 . 2008-02-29 02:53 378,368 --a------ C:\Windows\System32\srcore.dll
2008-04-08 21:23 . 2008-02-29 00:12 318,464 --a------ C:\Windows\System32\rstrui.exe
2008-04-08 21:23 . 2008-02-29 02:53 46,592 --a------ C:\Windows\System32\setbcdlocale.dll
2008-04-08 21:23 . 2008-02-29 02:53 40,960 --a------ C:\Windows\System32\srclient.dll
2008-04-08 21:23 . 2008-02-29 00:12 14,848 --a------ C:\Windows\System32\srdelayed.exe
2008-04-08 21:22 . 2008-02-29 02:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
2008-04-08 21:21 . 2008-02-29 00:21 2,032,128 --a------ C:\Windows\System32\win32k.sys
2008-04-08 21:12 . 2008-02-21 22:50 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-04-08 21:12 . 2008-02-22 01:01 826,880 --a------ C:\Windows\System32\wininet.dll
2008-04-07 23:02 . 2008-04-07 23:07 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-04-07 22:12 . 2008-04-07 22:12 0 --a------ C:\Windows\Irremote.ini
2008-04-07 13:10 . 2008-04-07 13:10 <DIR> d--h----- C:\Windows\PIF
2008-04-07 00:06 . 2008-04-21 17:53 <DIR> d-------- C:\Program Files\SyncBack
2008-04-06 13:26 . 2008-04-06 13:26 <DIR> d-------- C:\Users\All Users\Avira
2008-04-06 13:26 . 2008-04-06 13:26 <DIR> d-------- C:\ProgramData\Avira
2008-04-06 13:26 . 2008-04-06 13:26 <DIR> d-------- C:\Program Files\Avira
2008-04-06 02:48 . 2008-04-21 19:18 <DIR> d-------- C:\BackUps
2008-04-06 02:31 . 2008-04-06 02:31 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-04-06 02:01 . 2008-04-06 02:01 <DIR> d-------- C:\Program Files\AutoHotkey
2008-04-06 01:47 . 2008-04-06 01:47 <DIR> d-------- C:\Program Files\iPod
2008-04-06 01:46 . 2008-04-06 01:47 <DIR> d-------- C:\Program Files\iTunes
2008-04-05 12:04 . 2007-10-31 09:32 172,032 --a------ C:\Windows\System32\igfxres.dll
2008-04-05 11:43 . 2008-04-05 12:37 <DIR> d-------- C:\Users\Ben\AppData\Roaming\VersionTracker Pro
2008-04-05 11:40 . 2008-04-05 11:45 <DIR> d-------- C:\Program Files\VersionTracker Pro
2008-04-05 11:18 . 2008-04-05 11:18 <DIR> d-------- C:\Program Files\Intel
2008-04-05 11:18 . 2007-07-26 16:15 53,248 --a------ C:\Windows\System32\CSVer.dll
2008-04-05 03:04 . 2008-04-05 03:04 <DIR> d-------- C:\Program Files\Citrix
2008-04-05 02:58 . 2008-04-05 02:58 <DIR> d-------- C:\Program Files\FileMenu Tools
2008-04-04 05:21 . 2008-04-04 05:22 <DIR> d-------- C:\Program Files\QuickTime
2008-04-03 13:33 . 2008-04-03 13:33 <DIR> d-------- C:\Windows\System32\IE updates
2008-04-03 13:33 . 2008-04-03 13:33 886,784 --a------ C:\Windows\ebook_library.dll
2008-04-03 13:24 . 2008-04-03 13:25 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-04-03 04:26 . 2008-04-03 14:54 81,984 --a------ C:\Windows\System32\bdod.bin
2008-04-03 04:21 . 2008-04-03 14:55 <DIR> d-------- C:\Program Files\Common Files\Softwin
2008-04-03 04:06 . 2008-04-03 04:36 <DIR> d-------- C:\Program Files\Your Uninstaller 2008
2008-04-03 04:05 . 2008-04-03 04:05 <DIR> d-------- C:\Windows\Profiles
2008-04-03 03:25 . 2008-04-03 03:25 <DIR> d-------- C:\Program Files\FirefoxPreloader
2008-04-03 03:25 . 2005-01-18 22:15 28,672 --a------ C:\Windows\System32\regclass.dll
2008-04-03 02:30 . 2008-04-03 02:33 <DIR> d-------- C:\Program Files\Super Fast Shutdown
2008-04-03 01:59 . 2007-12-20 17:13 136,416 --a------ C:\Windows\System32\drivers\symsnap.sys
2008-04-03 01:59 . 2008-01-19 20:12 128,104 --a------ C:\Windows\System32\drivers\WimFltr.sys
2008-04-03 01:59 . 2008-01-19 19:45 38,112 --a------ C:\Windows\System32\drivers\v2imount.sys
2008-04-03 01:59 . 2008-01-19 19:40 15,088 --a------ C:\Windows\System32\drivers\vproeventmonitor.sys
2008-04-03 01:57 . 2008-04-03 01:57 <DIR> d-------- C:\Program Files\Norton Ghost
2008-04-03 01:44 . 2008-04-03 01:44 <DIR> dr------- C:\Windows\System32\config\systemprofile\Videos
2008-04-03 01:44 . 2008-04-03 01:44 <DIR> dr------- C:\Windows\System32\config\systemprofile\Searches
2008-04-03 01:44 . 2008-04-03 01:44 <DIR> dr------- C:\Windows\System32\config\systemprofile\Saved Games
2008-04-03 01:44 . 2008-04-03 01:44 <DIR> dr------- C:\Windows\System32\config\systemprofile\Pictures
2008-04-03 01:44 . 2008-04-03 01:44 <DIR> dr------- C:\Windows\System32\config\systemprofile\Links
2008-04-03 01:44 . 2008-04-03 01:44 <DIR> dr------- C:\Windows\System32\config\systemprofile\Downloads
2008-04-03 01:44 . 2008-04-03 01:44 <DIR> dr------- C:\Windows\System32\config\systemprofile\Documents
2008-04-03 00:43 . 2008-04-27 20:44 <DIR> d-------- C:\Program Files\Mozilla Firefox 3 Beta 4
2008-04-03 00:06 . 2008-04-20 03:04 <DIR> d-------- C:\Users\All Users\PC Tools
2008-04-03 00:06 . 2008-04-20 03:04 <DIR> d-------- C:\ProgramData\PC Tools
2008-04-02 23:09 . 2008-04-02 22:49 152,576 --a------ C:\Windows\System32\SPWizUI.dll
2008-04-02 23:09 . 2008-04-02 22:49 47,560 --a------ C:\Windows\System32\SPReview.exe
2008-04-02 22:54 . 2008-01-18 23:33 599,552 --a------ C:\Windows\System32\vsp1cln.exe
2008-04-02 22:54 . 2008-01-18 23:33 193,024 --a------ C:\Windows\System32\recdisc.exe
2008-04-02 22:54 . 2008-01-18 23:36 142,336 --a------ C:\Windows\System32\spp.dll
2008-04-02 22:54 . 2008-01-18 23:36 28,160 --a------ C:\Windows\System32\sxproxy.dll
2008-04-02 22:54 . 2008-01-18 23:36 6,656 --a------ C:\Windows\System32\sdspres.dll
2008-04-02 22:49 . 2008-04-02 23:10 49,152 --a------ C:\Windows\SPInstall.etl
2008-04-02 22:49 . 2008-01-18 23:33 44,032 --a------ C:\Windows\System32\cbsra.exe
2008-04-02 22:32 . 2008-04-02 22:32 <DIR> d-------- C:\Users\All Users\Avg7
2008-04-02 22:32 . 2008-04-02 22:32 <DIR> d-------- C:\ProgramData\Avg7
2008-04-02 22:27 . 2007-12-20 08:10 995,383 --a------ C:\Windows\System32\temp.004
2008-03-28 23:37 . 2008-03-28 23:37 90,112 --a------ C:\Windows\System32\QuickTimeVR.qtx
2008-03-28 23:37 . 2008-03-28 23:37 57,344 --a------ C:\Windows\System32\QuickTime.qts
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-28 00:55 --------- d---a-w C:\ProgramData\TEMP
2008-04-28 00:53 --------- d-----w C:\Users\Ben\AppData\Roaming\uTorrent
2008-04-28 00:50 --------- d-----w C:\Program Files\ePrompter
2008-04-28 00:46 --------- d-----w C:\Users\Ben\AppData\Roaming\SiteAdvisor
2008-04-28 00:35 --------- d-----w C:\Program Files\Lx_cats
2008-04-24 23:46 --------- d-----w C:\Users\Ben\AppData\Roaming\gtk-2.0
2008-04-19 06:52 --------- d-----w C:\ProgramData\WinZip
2008-04-19 03:25 --------- d-----w C:\Program Files\Windows Sidebar
2008-04-18 05:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-14 00:39 --------- d-----w C:\Program Files\MxMonitor
2008-04-10 19:14 159,880 ----a-w C:\Windows\system32\drivers\pctfw2.sys
2008-04-09 06:04 --------- d-----w C:\Users\Ben\AppData\Roaming\TeamViewer
2008-04-09 02:28 --------- d-----w C:\ProgramData\Microsoft Help
2008-04-09 02:10 --------- d-----w C:\Program Files\Windows Mail
2008-04-08 03:02 --------- d-----w C:\ProgramData\Nero
2008-04-08 02:26 --------- d-----w C:\Program Files\Common Files\Nero
2008-04-07 22:15 --------- d-----w C:\ProgramData\Stardock
2008-04-07 17:31 --------- d-----w C:\Program Files\USB Safely Remove
2008-04-07 07:41 --------- d-----w C:\Program Files\PC Tools Firewall Plus
2008-04-06 05:46 --------- d-----w C:\ProgramData\Apple Computer
2008-04-05 07:05 --------- d-----w C:\Program Files\PowerISO
2008-04-05 06:05 --------- d-----w C:\Program Files\Clock Tray Skins
2008-04-03 19:58 --------- d-----w C:\Users\Ben\AppData\Roaming\r2 Studios
2008-04-03 16:53 --------- d-----w C:\Program Files\CrossLoop
2008-04-03 08:06 --------- d-----w C:\Users\Ben\AppData\Roaming\URSoft
2008-04-03 07:14 --------- d-----w C:\Program Files\Actual Window Manager
2008-04-03 06:01 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-03 05:57 --------- d-----w C:\ProgramData\Symantec
2008-04-03 04:07 --------- d-----w C:\Program Files\Common Files\PC Tools
2008-04-03 03:36 174 --sha-w C:\Program Files\desktop.ini
2008-04-03 03:25 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-04-03 03:25 --------- d-----w C:\Program Files\Windows Journal
2008-04-03 03:25 --------- d-----w C:\Program Files\Windows Defender
2008-04-03 03:25 --------- d-----w C:\Program Files\Windows Collaboration
2008-04-03 03:25 --------- d-----w C:\Program Files\Windows Calendar
2008-04-03 02:32 --------- d-----w C:\ProgramData\Grisoft
2007-11-30 15:08 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2007-08-17 04:37 218,416 ----a-w C:\Program Files\lxcq.log
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkinClock"="C:\Program Files\Clock Tray Skins\ClockTraySkins.exe" [2008-01-22 17:54 1329664]
"Actual Window Manager"="C:\Program Files\Actual Window Manager\ActualWindowManagerCenter.exe" [2006-12-15 04:03 850432]
"DW6"="C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2008-03-17 13:08 801904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartupDelayer"="C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe" [2007-07-12 05:35 25600]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-17 01:58 815104]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 20:08 813912]
"00Hotkeys"="C:\Program Files\Qliner Hotkeys\HotKeys.exe" [2006-12-01 20:13 45056]
"lxcqmon.exe"="C:\Program Files\Lexmark 9300 Series\lxcqmon.exe" [2006-10-23 10:51 286720]
"00PCTFW"="C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" [2008-03-28 14:37 2570136]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-11-12 15:07 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-11-12 15:07 166424]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-11-12 15:07 133656]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"LXCQCATS"="C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCQtime.dll" [2006-10-15 21:25 106496]
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Cursor Hider.lnk - C:\Program Files\Cursor Hider\CursorHider.exe [2008-02-28 08:57:45 571904]
ePrompter.lnk - C:\Program Files\ePrompter\ePrompter.exe [2007-09-06 11:51:28 1134592]
Minimize.ahk [2008-04-06 02:05:38 576]
Music AlarmClock v2.lnk - C:\Program Files\Music AlarmClock v2\macv2.exe [2007-09-06 11:27:47 2420736]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
SnagIt 8.lnk - C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe [2007-05-01 11:11:48 6395464]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWinKeys"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
"msacm.l3codec"= l3codecp.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-340049275-3702439742-4184287854-1000]
"EnableNotificationsRef"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C5DAF990-BBE2-4170-A7C2-A5148CE43CA3}"= UDP:C:\Windows\System32\lxcqcoms.exe:Lexmark Communications System
"{D85BF49C-EC63-4CC8-8917-3D30B7845826}"= TCP:C:\Windows\System32\lxcqcoms.exe:Lexmark Communications System
"{79E22280-8051-4024-A447-C13EE4BE7E73}"= Disabled:UDP:135:TCP Port 135
"{627E8DA3-EEE7-4006-B540-3186321CC525}"= Disabled:UDP:5000:TCP Port 5000
"{7788BA36-CC70-42C7-870A-E5E5C76E2F6F}"= Disabled:UDP:5001:TCP Port 5001
"{F122D52D-DBD0-43BA-8FBA-3FD54C434D9E}"= Disabled:UDP:5002:TCP Port 5002
"{14EFF643-B1C7-4005-8EB9-FAA796057DCB}"= Disabled:UDP:5003:TCP Port 5003
"{515DA81D-290A-4D42-85AF-7AF13D179F56}"= Disabled:UDP:5004:TCP Port 5004
"{F42C6A84-ED09-4230-8CAA-C751A1FA34F2}"= Disabled:UDP:5005:TCP Port 5005
"{EAC6C89B-AE63-4E1F-ADFB-59CFB1FECB73}"= Disabled:UDP:5006:TCP Port 5006
"{F2633306-2D46-421D-9C76-6D1272FD2067}"= Disabled:UDP:5007:TCP Port 5007
"{A4120EF8-E6A9-499A-9DB8-A4B76E03C2C4}"= Disabled:UDP:5008:TCP Port 5008
"{490749FA-6197-4ADA-A0DC-E8A1767651C5}"= Disabled:UDP:5009:TCP Port 5009
"{A62962DA-11FD-4D31-9FD4-149A5AAF550F}"= Disabled:UDP:5010:TCP Port 5010
"{A43B1BCA-F01E-49BE-B987-012468C15FE7}"= Disabled:UDP:5011:TCP Port 5011
"{2AE6973D-215E-475A-99FC-42B10472572D}"= Disabled:UDP:5012:TCP Port 5012
"{0EBD61A9-4521-4135-8FE1-8457365B6049}"= Disabled:UDP:5013:TCP Port 5013
"{342731DB-AA90-42FB-95BE-B16B3B98469F}"= Disabled:UDP:5014:TCP Port 5014
"{93BAA9FA-2245-48E9-829F-3B156AB375A6}"= Disabled:UDP:5015:TCP Port 5015
"{529A69FB-290A-46EA-BB0E-6FCE78888E07}"= Disabled:UDP:5016:TCP Port 5016
"{87CBD8C8-41B3-4020-8C3C-BAE779E84861}"= Disabled:UDP:5017:TCP Port 5017
"{7BAD5C47-E264-46DC-B726-AD846EF9D8C2}"= Disabled:UDP:5018:TCP Port 5018
"{1E449634-9B11-4802-B09F-4FE1C21042E5}"= Disabled:UDP:5019:TCP Port 5019
"{F9CEEEBE-C43B-4151-86B0-6B209429A03E}"= Disabled:UDP:5020:TCP Port 5020
"{1F4E207B-8BC0-4322-9D4F-B3B482D3965A}"= UDP:C:\Program Files\DiskTrix\UltimateDefrag\UDefrag.exe:UltimateDefrag V1.61
"{7998F1C2-ED4A-41F7-927B-1DF8E25BB9AB}"= TCP:C:\Program Files\DiskTrix\UltimateDefrag\UDefrag.exe:UltimateDefrag V1.61
"{87FDCB9E-F331-423D-8629-1040B699576E}"= UDP:F:\BackUps\BenJrFiles\System Programs\utorrent.exe:µTorrent
"{34396144-DC53-4A91-8AE1-5D4CAC134803}"= TCP:F:\BackUps\BenJrFiles\System Programs\utorrent.exe:µTorrent
"{7FF53C94-AC1E-4A27-AC8C-087ECED96F6B}"= UDP:C:\Program Files\utorrent\utorrent.exe:µTorrent
"{A95AB031-2804-4265-BEE5-429AF1B92305}"= TCP:C:\Program Files\utorrent\utorrent.exe:µTorrent
"{48E70622-6460-4629-9013-7D7AA2179D82}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{A9E60C0D-C836-4920-A614-D4C7847206AD}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 TfFsMon;TfFsMon;C:\Windows\system32\drivers\TfFsMon.sys [2008-02-05 08:40]
R0 TfSysMon;TfSysMon;C:\Windows\system32\drivers\TfSysMon.sys [2008-02-05 08:41]
R1 pctfw2;pctfw2;C:\Windows\System32\drivers\pctfw2.sys [2008-04-10 15:14]
R1 pctmp;PC Tools Firewall Memory Protection Driver;C:\Windows\system32\drivers\pctmp.sys [2007-11-09 17:00]
R1 pctssipc;PC Tools Security Suite IPC Driver;C:\Windows\system32\drivers\pctssipc.sys [2007-11-09 17:00]
R2 lxcq_device;lxcq_device;C:\Windows\system32\lxcqcoms.exe [2006-11-06 12:21]
R2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;C:\Windows\system32\dllhost.exe [2006-11-02 05:45]
R2 TeamViewer;TeamViewer 3;"C:\Program Files\TeamViewer3\TeamViewer_Host.exe" -service []
R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-10-31 09:47]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8187.sys [2007-11-19 07:59]
R3 SymSnapService;SymSnapService;"C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe" [2007-12-20 17:13]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 03:30]
S3 TfNetMon;TfNetMon;C:\Windows\system32\drivers\TfNetMon.sys [2008-02-05 08:41]
S3 ThreatFire;ThreatFire;C:\Program Files\Spyware Doctor\TFEngine\TFService.exe service []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\shell\AutoRun\command - H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{542b9508-bc93-11dc-b1ab-806e6f6e6963}]
\shell\AutoRun\command - I:\backup.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6a8bbcc-0329-11dd-87c4-00e0b8c60c72}]
\shell\AutoRun\command - H:\backup.bat
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-04-27 20:55:14
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\Windows\Explorer.exe
-> C:\Program Files\Clock Tray Skins\Clock.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\Windows\System32\audiodg.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\AutoHotkey\AutoHotkey.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\igfxsrvc.exe
C:\Program Files\TechSmith\SnagIt 8\TscHelp.exe
C:\Windows\System32\msdtc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
C:\Program Files\iFinger\iFinger.exe
C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe
C:\Program Files\ATnotes\ATnotes.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files\Taskbar Activate\TaskbarActivate.exe
C:\Program Files\uTorrent\utorrent.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
**************************************************************************
.
Completion time: 2008-04-27 21:02:10 - machine was rebooted [Ben]
ComboFix-quarantined-files.txt 2008-04-28 01:01:43
Pre-Run: 95,172,034,560 bytes free
Post-Run: 98,441,760,768 bytes free
323 --- E O F --- 2008-04-16 03:47:00
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:05:02 PM, on 4/27/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Qliner Hotkeys\HotKeys.exe
C:\Program Files\Lexmark 9300 Series\lxcqmon.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Clock Tray Skins\ClockTraySkins.exe
C:\Program Files\Actual Window Manager\ActualWindowManagerCenter.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Program Files\Cursor Hider\CursorHider.exe
C:\Program Files\ePrompter\ePrompter.exe
C:\Program Files\AutoHotkey\AutoHotkey.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
C:\Program Files\iFinger\iFinger.exe
C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe
C:\Program Files\ATnotes\ATnotes.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files\Taskbar Activate\TaskbarActivate.exe
C:\Program Files\uTorrent\utorrent.exe
C:\Windows\Explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\Windows\System32\wsqmcons.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [StartupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [00Hotkeys] "C:\Program Files\Qliner Hotkeys\HotKeys.exe"
O4 - HKLM\..\Run: [lxcqmon.exe] "C:\Program Files\Lexmark 9300 Series\lxcqmon.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCQCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCQtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Clock Tray Skins\ClockTraySkins.exe
O4 - HKCU\..\Run: [Actual Window Manager] "C:\Program Files\Actual Window Manager\ActualWindowManagerCenter.exe"
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Cursor Hider.lnk = C:\Program Files\Cursor Hider\CursorHider.exe
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Startup: Minimize.ahk
O4 - Startup: Music AlarmClock v2.lnk = C:\Program Files\Music AlarmClock v2\macv2.exe
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O8 - Extra context menu item: Customize Menu -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DesktopControlPanel.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxcq_device - - C:\Windows\system32\lxcqcoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
O23 - Service: TeamViewer 3 (TeamViewer) - Unknown owner - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
--
End of file - 8977 bytes