Active win32/tenga.gen virus - it took over

[Active] win32/tenga.gen virus - it took over

I followed the following post http://www.windowsbbs.com/malware-virus-removal/69707-please-help-me-virus-win32-tenga-gen.html here. I followed the instructions you gave to this person and have included the logs below. If I need to do anything else, please let me know. It seems as though this virus started on one computer and has made its way on to all three computers that are on the same network. The virus has grinded a lot of things to a halt, and it looks like it's targeted all of our .exe files.

This is a log file from ESET NOD32. I just copied the latest one. It seems to be a pattern of every hour or so it detects another file in System Volume Information being infected. It follows the pattern of finding the A0041838.exe file, except each time the file # goes up by 1 (ie. A0041839.exe, A0041840.exe...) Right now it has A0041781-41838.exe as detected.

12/19/2008 8:56:37 AM Real-time file system protection file C:\System Volume Information\_restore{797467F4-6026-4090-9C13-5D79D5F4A293}\RP364\A0041838.exe Win32/Tenga.gen virus cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:21:35 AM, on 12/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\DRoster\Firebird\bin\fbguard.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\DRoster\Firebird\bin\fbserver.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\UPSNA1Msgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\MICROSOFT SQL SERVER\80\TOOLS\BINN\sqlmangr.exe
C:\Documents and Settings\TigerDistrict2\Desktop\UPS\WSTD\WSTDMessaging.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://smallbusiness.att.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe "
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HelpCenter4.1] C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe /P HelpCenter4.1
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [NA1Messenger] C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\UPSNA1Msgr.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKUS\S-1-5-18\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\MICROSOFT SQL SERVER\80\TOOLS\BINN\sqlmangr.exe
O4 - Global Startup: UPS WorldShip Messaging Utility.lnk = UPS\WSTD\WSTDMessaging.exe
O4 - Global Startup: UPS WorldShip PLD Reminder Utility.lnk = UPS\WSTD\wstdPldReminder.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1194915182625
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - https://www.netchexonline.net/ActiveX/activexviewer.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe
O23 - Service: COM+ System Application (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\DRoster\Firebird\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\DRoster\Firebird\bin\fbserver.exe
O23 - Service: Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) - Unknown owner - c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (file missing)
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Windows CardSpace (idsvc) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe
O23 - Service: QoS RSVP (RSVP) - Unknown owner - C:\WINDOWS\system32\rsvp.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe

--
End of file - 11131 bytes


Find AWF report by noahdfear ©2006
Version 1.40

The current date is: Fri 12/19/2008
The current time is: 10:26:14.64


bak folders found
~~~~~~~~~~~



Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~



end of report

The Panda ActiveScan got to about 14%, and once it started to scan the System Volume Information folder, the A0041838.exe files (mentioned up top) started duplicating themselves every second causing NOD32 to continuously pop up warnings. I had to stop the scan so that they would stop duplicating. At the end, it gave me a results page that I was able to export to a .txt file. If you want that, let me know. I couldn't post it because it said my post was too long.

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Friday, December 19, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Friday, December 19, 2008 13:46:35
Records in database: 1486841
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\

Scan statistics:
Files scanned: 76849
Threat name: 1
Infected objects: 58
Suspicious objects: 0
Duration of the scan: 01:07:57


File name / Threat name / Threats count
C:\SPYWARE\backup\aspnet_compiler.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\aspnet_regbrowsers.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\aspnet_regsql.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\CasPol.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\caspol.VI0 Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\CasPol.VIR Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\ComSvcConfig.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\ConfigWizards.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\dfsvc.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\DotNetInstaller.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\DotNetInstaller.VI0 Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\DotNetInstaller.VIR Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\FileManagement.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\GZipUtilApp.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\IEExec.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\ieexec.VI0 Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\IEExec.VIR Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\infocard.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\InstallUtil.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\installutil.VI0 Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\InstallUtil.VIR Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\Intuit.QuickBooks.FCS.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\Intuit.QuickBooks.FCS.VIR Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\Intuit.Spc.Esd.WinClient.Application.ConfigUX.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\Intuit.Spc.Esd.WinClient.Application.Update.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\IntuitUpdate.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\IntuitUpdateConfig.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\IntuitUpdater.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\IntuitUpdateService.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\jsc.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\jsc.VI0 Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\jsc.VIR Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\MigPol.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\MigPolWin.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\MSBuild.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\PerformanceCounterInstaller.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\POS176125.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\PresentationFontCache.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\QBCFMonitorService.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\QBGDSPlugin.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\QBHelp.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\QBImport.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\QBServerUtilityMgr.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\QBWebConnector.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\RegAsm.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\regasm.VI0 Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\RegAsm.VIR Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\RegSvcs.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\regsvcs.VI0 Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\RegSvcs.VIR Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\ServiceModelReg.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\SMSvcHost.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\Support.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\tswpfwrp.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\Uninstall.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\UPSNA1Msgr.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\WsatConfig.exe Infected: Virus.Win32.Tenga.a 1
C:\SPYWARE\backup\XamlViewer_v0300.exe Infected: Virus.Win32.Tenga.a 1

The selected area was scanned.


Let me know if there is anything else that I need to do.

 

Sorry about it being in the wrong place. I'm new to this. Here's the requested info:

info.txt logfile of random's system information tool 1.05 2008-12-19 13:44:56

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{8186E1B9-DDC6-45B6-B9EB-C28947CBC4CF}
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AT&T Toolbar-->C:\Program Files\ATTToolbar\uninstall.exe
BellSouth Application Management-->C:\WINDOWS\Motive\BellSouth\UninstallAppManagement.exe
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CCC-->MsiExec.exe /I{95749C5B-BC37-41E3-8D39-EEF4C21A2825}
ClamWin Free Antivirus 0.94.1--> "C:\Program Files\ClamWin\unins000.exe "
Color LaserJet 2600n-->C:\Program Files\Zenographics\{B40D60B8-05DC-424A-B5AC-D4DD4A188C58}\setup.exe -u "HPCLJKCInstaller.dll=CLJ2600.INF "
Data Fax SoftModem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\HXFSETUP.EXE -U -IAsu200Ck.inf
Drivers Install For Linksys Easylink Advisor-->MsiExec.exe /I{A1960A82-DB70-474D-A86B-FA74466103C6}
DRoster--> "C:\Program Files\DRoster\unins000.exe "
ESET NOD32 Antivirus-->MsiExec.exe /I{57ECFB4D-FE11-491A-9AA0-0AF7C3ABC51D}
FastAccess® DSL Help Center 4.4--> "C:\Program Files\FastAccessDSL\HelpCenter43\unins000.exe "
FormsComponent-->MsiExec.exe /I{BC728F95-2D3F-4D05-9E1E-F2A3CEBF3FE8}
FOSS-->MsiExec.exe /I{EA9629DA-5715-48BA-B054-28169702B176}
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
High Definition Audio Driver Package - KB888111--> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe "
HijackThis 2.0.2--> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix 2050 for SQL Server 2000 ENU (KB948110)--> "C:\WINDOWS\$SQLUninstallSQL2000-KB948110-v8.00.2050-x86-ENU$\spuninst\spuninst.exe "
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Windows Internet Explorer 7 (KB947864)--> "C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe "
Hotfix for Windows Media Format 11 SDK (KB929399)--> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
Hotfix for Windows Media Player 11 (KB939683)--> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB896344)--> "C:\WINDOWS\$NtUninstallKB896344$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB914440)--> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB915865)--> "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB926239)--> "C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB935448)--> "C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Linksys EasyLink Advisor 1.6 (0032)-->rundll32 C:\PROGRA~1\LINKSY~1\AUInst.dll,ExUninstall
Macromedia FreeHand 10-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D826618-59C6-11D4-976E-00C04F8EEB39}\Setup.exe" -l0x9 UNINSTALL
Malwarebytes' Anti-Malware--> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe "
Microsoft .NET Framework 1.1 Hotfix (KB928366)--> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp "
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft Base Smart Card Cryptographic Service Provider Package--> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe "
Microsoft Compression Client Pack 1.0 for Windows XP--> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe "
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007--> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Desktop Engine (UPSWSDBSERVER)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft User-Mode Driver Framework Feature Pack 1.0--> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe "
MiniRingtone 1.5--> "C:\Program Files\MiniRingtone\unins000.exe "
Mozilla Firefox (2.0.0.18)-->C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.18)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSIChecker-->MsiExec.exe /I{C9D43B38-34AD-4EC2-B696-46F42D49D174}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
NA1Messenger-->MsiExec.exe /I{D44E7219-947E-4F1B-830E-66EF11ACC543}
Netflix Movie Viewer-->MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}
NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)--> "C:\Program Files\ESET\ESET NOD32 Antivirus\unins000.exe "
NRF-->MsiExec.exe /I{68AF09E3-1167-4771-903C-CCCDCF7E171C}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1033
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PolicyManager-->MsiExec.exe /I{56B59C2A-EFB8-44AC-88F5-3280171E4522}
psqlODBC-->MsiExec.exe /I{838E187D-8B7A-473D-B93C-C8E970B15D2B}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Ralink Wireless LAN-->C:\Program Files\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Reconciler-->MsiExec.exe /I{5AE59A84-B2F3-42CC-A246-5AF80F6EE770}
ReportServer-->MsiExec.exe /I{33035862-543C-4405-9CC6-08593CF2C25F}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Security Update for Windows Internet Explorer 7 (KB938127)--> "C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB939653)--> "C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB942615)--> "C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB944533)--> "C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB950759)--> "C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB953838)--> "C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB956390)--> "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB958215)--> "C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB960714)--> "C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB911564)--> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB952069)--> "C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB936782)--> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB954154)--> "C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe "
Security Update for Windows Media Player 6.4 (KB925398)--> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe "
Security Update for Windows Media Player 9 (KB936782)--> "C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe "
Security Update for Windows XP (KB890046)--> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe "
Security Update for Windows XP (KB893756)--> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896358)--> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896423)--> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896428)--> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899587)--> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899591)--> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe "
Security Update for Windows XP (KB900725)--> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe "
Security Update for Windows XP (KB901017)--> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe "
Security Update for Windows XP (KB901214)--> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe "
Security Update for Windows XP (KB902400)--> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe "
Security Update for Windows XP (KB904706)--> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905414)--> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905749)--> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe "
Security Update for Windows XP (KB908519)--> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911562)--> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911927)--> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe "
Security Update for Windows XP (KB913580)--> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe "
Security Update for Windows XP (KB914388)--> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe "
Security Update for Windows XP (KB914389)--> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917344)--> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917953)--> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe "
Security Update for Windows XP (KB918118)--> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe "
Security Update for Windows XP (KB918439)--> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe "
Security Update for Windows XP (KB919007)--> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920213)--> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920670)--> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920683)--> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920685)--> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe "
Security Update for Windows XP (KB921503)--> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe "
Security Update for Windows XP (KB922819)--> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923191)--> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923414)--> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923689)--> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB923980)--> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924270)--> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924496)--> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924667)--> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe "
Security Update for Windows XP (KB925902)--> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe "
Security Update for Windows XP (KB926255)--> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe "
Security Update for Windows XP (KB926436)--> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe "
Security Update for Windows XP (KB927779)--> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe "
Security Update for Windows XP (KB927802)--> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe "
Security Update for Windows XP (KB928255)--> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe "
Security Update for Windows XP (KB928843)--> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe "
Security Update for Windows XP (KB929123)--> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe "
Security Update for Windows XP (KB930178)--> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe "
Security Update for Windows XP (KB931261)--> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe "
Security Update for Windows XP (KB931784)--> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe "
Security Update for Windows XP (KB932168)--> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe "
Security Update for Windows XP (KB933729)--> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe "
Security Update for Windows XP (KB935839)--> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe "
Security Update for Windows XP (KB935840)--> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe "
Security Update for Windows XP (KB936021)--> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe "
Security Update for Windows XP (KB937894)--> "C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938127)--> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938464)--> "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938829)--> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe "
Security Update for Windows XP (KB939653)--> "C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941202)--> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941568)--> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569)--> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941644)--> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941693)--> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe "
Security Update for Windows XP (KB943055)--> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe "
Security Update for Windows XP (KB943460)--> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe "
Security Update for Windows XP (KB943485)--> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe "
Security Update for Windows XP (KB944653)--> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe "
Security Update for Windows XP (KB945553)--> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946026)--> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Security Update for Windows XP (KB948590)--> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe "
Security Update for Windows XP (KB948881)--> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950749)--> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950760)--> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376)--> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698)--> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951748)--> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Security Update for Windows XP (KB953839)--> "C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954211)--> "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954600)--> "C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe "
Security Update for Windows XP (KB955069)--> "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956391)--> "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956802)--> "C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957095)--> "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957097)--> "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958644)--> "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
Spybot - Search & Destroy--> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
Spyware Doctor 4.0--> "C:\Program Files\Spyware Doctor\unins000.exe "
Star TSP100 Driver Installer-->MsiExec.exe /I{2E5F915C-9F34-4754-8086-CD3B6609F30F}
SUPERAntiSpyware Professional-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
SupportSoft Assisted Service-->MsiExec.exe /I{5A3F6A80-7913-475E-8B96-477A952CFA43}
SupportUtility-->MsiExec.exe /I{C30E30A6-0AB5-470A-AB67-D322938F5429}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
System-->MsiExec.exe /I{DB2C58E0-6284-4B48-97F2-22A980B6360B}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}
Update for Windows XP (KB894391)--> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe "
Update for Windows XP (KB898461)--> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe "
Update for Windows XP (KB900485)--> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe "
Update for Windows XP (KB904942)--> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe "
Update for Windows XP (KB908531)--> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe "
Update for Windows XP (KB910437)--> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe "
Update for Windows XP (KB911280)--> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe "
Update for Windows XP (KB916595)--> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe "
Update for Windows XP (KB920342)--> "C:\WINDOWS\$NtUninstallKB920342$\spuninst\spuninst.exe "
Update for Windows XP (KB920872)--> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe "
Update for Windows XP (KB922582)--> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe "
Update for Windows XP (KB925720)--> "C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe "
Update for Windows XP (KB925876)--> "C:\WINDOWS\$NtUninstallKB925876$\spuninst\spuninst.exe "
Update for Windows XP (KB927891)--> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe "
Update for Windows XP (KB930916)--> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe "
Update for Windows XP (KB932823-v3)--> "C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe "
Update for Windows XP (KB933360)--> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe "
Update for Windows XP (KB938828)--> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe "
Update for Windows XP (KB942763)--> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe "
Update for Windows XP (KB951072-v2)--> "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe "
Update for Windows XP (KB955839)--> "C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe "
UPS WorldShip-->C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\Uninstall\Uninstall.exe
UPSDB-->MsiExec.exe /I{4AE3EAC8-FAD9-4ECC-A339-BBAD8C72DE71}
UPSICC-->MsiExec.exe /I{390160B4-D276-4A04-8002-8D3101A0D367}
UPSlinkHTTP-->MsiExec.exe /I{E358CC1E-4953-4E27-ADEB-8B27D8BBC20E}
UPSVCMM-->MsiExec.exe /I{1FAF0F08-7120-4192-BF6A-B1EC7E26A935}
WebHelp-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C5BD501-AD5D-4A75-9321-076509B438FC}\SETUP.exe" -l0x9 -removeonly
Windows Driver Package - Star Micronics TSP100 (07/26/2006 1.0.4.0)-->rundll32.exe C:\PROGRA~1\DIFX\7AA84A78695B31A503D9537A76801D74E0FD14BD\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\smjt100_03F895CF79735424923B8C732DF361D8492C9969\smjt100.inf
Windows Imaging Component--> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe "
Windows Installer 3.1 (KB893803)--> "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe "
Windows Internet Explorer 7--> "C:\WINDOWS\ie7\spuninst\spuninst.exe "
Windows Media Format 11 runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime--> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows Media Format SDK Hotfix - KB891122--> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe "
Windows Media Player 11--> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11--> "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe "
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859--> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe "
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip 11.2-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}
WorldShip-->MsiExec.exe /I{2A033A00-FE0D-4609-B0E8-2C49CC494FC8}

======Security center information======

AV: ESET NOD32 Antivirus 3.0 (disabled)
FW: ActiveArmor Firewall (disabled)

System event log

Computer Name: TIGERDIS2
Event Code: 7036
Message: The iPod Service service entered the running state.

Record Number: 10044
Source Name: Service Control Manager
Time Written: 20081114101011.000000-360
Event Type: information
User:

Computer Name: TIGERDIS2
Event Code: 7035
Message: The iPod Service service was successfully sent a start control.

Record Number: 10043
Source Name: Service Control Manager
Time Written: 20081114101011.000000-360
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: TIGERDIS2
Event Code: 7036
Message: The SSDP Discovery Service service entered the running state.

Record Number: 10042
Source Name: Service Control Manager
Time Written: 20081114101009.000000-360
Event Type: information
User:

Computer Name: TIGERDIS2
Event Code: 7035
Message: The SSDP Discovery Service service was successfully sent a start control.

Record Number: 10041
Source Name: Service Control Manager
Time Written: 20081114101009.000000-360
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: TIGERDIS2
Event Code: 7036
Message: The Application Layer Gateway Service service entered the running state.

Record Number: 10040
Source Name: Service Control Manager
Time Written: 20081114101008.000000-360
Event Type: information
User:

Application event log

Computer Name: TIGERDIS2
Event Code: 1
Message:
Record Number: 1008
Source Name: ASA 9.0
Time Written: 20080731093524.000000-300
Event Type: information
User:

Computer Name: TIGERDIS2
Event Code: 0
Message: Service started successfully.

Record Number: 1007
Source Name: QBCFMonitorService
Time Written: 20080731093523.000000-300
Event Type: information
User:

Computer Name: TIGERDIS2
Event Code: 0
Message: Service started successfully.

Record Number: 1006
Source Name: Intuit Update Service
Time Written: 20080731093520.000000-300
Event Type: information
User:

Computer Name: TIGERDIS2
Event Code: 1
Message:
Record Number: 1005
Source Name: Bonjour Service
Time Written: 20080731093519.000000-300
Event Type: information
User:

Computer Name: TIGERDIS2
Event Code: 4
Message:
Record Number: 1004
Source Name: QuickBooks
Time Written: 20080730155244.000000-300
Event Type: error
User:

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\
"windir "=%SystemRoot%
"FP_NO_HOST_CHECK "=NO
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION "=6b02
"NUMBER_OF_PROCESSORS "=2
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"CLASSPATH "=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA "=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------

 

Logfile of random's system information tool 1.05 (written by random/random)
Run by TigerDistrict2 at 2008-12-19 13:44:51
Microsoft Windows XP Professional Service Pack 2
System drive C: has 359 GB (94%) free of 382 GB
Total RAM: 1918 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:44:54 PM, on 12/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\DRoster\Firebird\bin\fbguard.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\DRoster\Firebird\bin\fbserver.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\UPSNA1Msgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MICROSOFT SQL SERVER\80\TOOLS\BINN\sqlmangr.exe
C:\Documents and Settings\TigerDistrict2\Desktop\UPS\WSTD\WSTDMessaging.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\TigerDistrict2\Local Settings\Temp\jkos-TigerDistrict2\binaries\ScanningProcess.exe
C:\Documents and Settings\TigerDistrict2\Local Settings\Temp\jkos-TigerDistrict2\binaries\ScanningProcess.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Documents and Settings\TigerDistrict2\Desktop\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\TigerDistrict2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://smallbusiness.att.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HelpCenter4.1] C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe /P HelpCenter4.1
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [NA1Messenger] C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\UPSNA1Msgr.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKUS\S-1-5-18\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\MICROSOFT SQL SERVER\80\TOOLS\BINN\sqlmangr.exe
O4 - Global Startup: UPS WorldShip Messaging Utility.lnk = UPS\WSTD\WSTDMessaging.exe
O4 - Global Startup: UPS WorldShip PLD Reminder Utility.lnk = UPS\WSTD\wstdPldReminder.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1194915182625
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - https://www.netchexonline.net/ActiveX/activexviewer.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe
O23 - Service: COM+ System Application (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\DRoster\Firebird\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\DRoster\Firebird\bin\fbserver.exe
O23 - Service: Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) - Unknown owner - c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (file missing)
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Windows CardSpace (idsvc) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe
O23 - Service: QoS RSVP (RSVP) - Unknown owner - C:\WINDOWS\system32\rsvp.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Windows Service Pack Installer update service (spupdsvc) - Unknown owner - C:\WINDOWS\system32\spupdsvc.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe

--
End of file - 11614 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}]
PCTools Site Guard - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll [2006-08-01 825528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-19 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B56A7D7D-6927-48C8-A975-17DF180C71AC}]
PCTools Browser Monitor - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll [2006-09-01 848496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-19 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-19 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ClamWin "=C:\Program Files\ClamWin\bin\ClamTray.exe [2008-11-09 86016]
"NvCplDaemon "=C:\WINDOWS\system32\NvCpl.dll [2007-10-04 8491008]
"nwiz "=nwiz.exe /install []
"NvMediaCenter "=C:\WINDOWS\system32\NvMcTray.dll [2007-10-04 81920]
"GrooveMonitor "=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-12-16 24064]
"SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-19 136600]
"RTHDCPL "=C:\WINDOWS\RTHDCPL.EXE [2008-02-13 16857600]
"Alcmtr "=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"QuickTime Task "=C:\Program Files\QuickTime\QTTask.exe [2008-12-16 413696]
"iTunesHelper "=C:\Program Files\iTunes\iTunesHelper.exe [2008-12-16 284160]
"Google Desktop Search "=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-16 24064]
"HelpCenter4.1 "=C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe [2008-12-16 192512]
"egui "=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2007-12-21 1443072]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NA1Messenger "=C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\UPSNA1Msgr.exe [2008-11-14 24576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"EasyLinkAdvisor "=C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe [2008-12-16 451072]
"SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-12-17 1809648]
"Spyware Doctor "=C:\Program Files\Spyware Doctor\swdoctor.exe [2006-09-23 2128016]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe
Service Manager.lnk - C:\Program Files\MICROSOFT SQL SERVER\80\TOOLS\BINN\sqlmangr.exe
UPS WorldShip Messaging Utility.lnk - C:\Documents and Settings\TigerDistrict2\Desktop\UPS\WSTD\WSTDMessaging.exe
UPS WorldShip PLD Reminder Utility.lnk - C:\Documents and Settings\TigerDistrict2\Desktop\UPS\WSTD\wstdPldReminder.exe

C:\Documents and Settings\TigerDistrict2\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS "= "C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2008-12-17 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-03 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe "= "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server "
"D:\SETUP.EXE "= "D:\SETUP.EXE:*:Enabled:Setup "
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE "= "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook "
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE "= "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove "
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE "= "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\EftSvr.exe "= "C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\EftSvr.exe:*:Enabled:EftSvr "
"C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\QBPOSLic.exe "= "C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\QBPOSLic.exe:*:Enabled:QBPOSLic "
"C:\Program Files\Bonjour\mDNSResponder.exe "= "C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour "
"C:\Program Files\iTunes\iTunes.exe "= "C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes "
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe "= "C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNetisabled:Intuit Update Shared Downloads Server "
"C:\Program Files\att-nap\McciBrowser.exe "= "C:\Program Files\att-nap\McciBrowser.exe:*:Enabled:motivebrowser.exe "
"C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\qbpos.exe "= "C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\qbpos.exe:*:Enabled:QuickBooks Point of Sale 7.0 "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{38af91a2-acd6-11dc-9205-0016441a39f7}]
shell\AutoRun\command - I:\SETUP.EXE
shell\VERB\command - I:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78c20c12-9182-11dc-91f6-806d6172696f}]
shell\AutoRun\command - D:\SETUP.EXE


======List of files/folders created in the last 3 months======

2008-12-19 13:44:51 ----D---- C:\rsit
2008-12-19 11:31:06 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-19 11:31:06 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-19 11:31:06 ----A---- C:\WINDOWS\system32\java.exe
2008-12-19 11:31:06 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-19 11:29:41 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-19 11:29:21 ----D---- C:\WINDOWS\LastGood
2008-12-19 10:21:17 ----D---- C:\Program Files\Trend Micro
2008-12-18 17:32:05 ----D---- C:\Program Files\Intuit
2008-12-18 17:32:05 ----D---- C:\Program Files\Common Files\Intuit
2008-12-18 17:32:05 ----D---- C:\Documents and Settings\All Users\Application Data\Intuit
2008-12-17 16:58:09 ----D---- C:\Program Files\MICROSOFT SQL SERVER
2008-12-17 16:53:22 ----A---- C:\WINDOWS\wstdUninstall.txt
2008-12-17 15:44:16 ----SHD---- C:\Config.Msi
2008-12-17 11:08:12 ----A---- C:\WINDOWS\win.tmp
2008-12-17 11:08:12 ----A---- C:\WINDOWS\system.tmp
2008-12-17 11:07:11 ----D---- C:\Documents and Settings\TigerDistrict2\Application Data\PC Tools
2008-12-17 10:32:34 ----D---- C:\Program Files\NOS
2008-12-17 10:32:34 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-12-16 17:04:27 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-12-16 17:03:54 ----D---- C:\Program Files\Common Files\Adobe
2008-12-16 17:03:54 ----D---- C:\Program Files\Adobe
2008-12-16 13:14:15 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-16 13:14:10 ----D---- C:\Program Files\SUPERAntiSpyware
2008-12-16 13:14:10 ----D---- C:\Documents and Settings\TigerDistrict2\Application Data\SUPERAntiSpyware.com
2008-12-16 13:13:02 ----D---- C:\Program Files\ESET
2008-12-16 13:13:02 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2008-12-16 11:45:20 ----D---- C:\SPYWARE
2008-12-16 10:44:44 ----D---- C:\Program Files\Spyware Doctor
2008-12-15 17:38:35 ----D---- C:\Program Files\Panda Security
2008-12-15 17:10:07 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-15 17:10:07 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-15 17:03:02 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-15 17:00:21 ----D---- C:\Program Files\WinRAR
2008-12-15 16:58:13 ----D---- C:\nod32
2008-12-15 16:52:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-15 16:52:40 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-15 16:50:48 ----D---- C:\WINDOWS\CSC
2008-12-15 16:50:42 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-11 03:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-11 03:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-11 03:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-11 03:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-09 12:33:42 ----D---- C:\Program Files\FastAccessDSL
2008-12-09 12:18:40 ----D---- C:\Documents and Settings\All Users\Application Data\ATTToolbar
2008-12-09 12:18:39 ----D---- C:\Program Files\ATTToolbar
2008-12-09 12:18:39 ----D---- C:\Documents and Settings\TigerDistrict2\Application Data\ATTToolbar
2008-12-09 12:18:21 ----D---- C:\WINDOWS\Motive
2008-12-09 12:18:19 ----D---- C:\Program Files\BellSouth Application Management
2008-12-09 12:18:17 ----D---- C:\Program Files\BellSouth
2008-12-09 12:08:46 ----D---- C:\Documents and Settings\TigerDistrict2\Application Data\Motive
2008-12-09 12:08:34 ----D---- C:\Program Files\att-nap
2008-12-09 12:08:31 ----D---- C:\Program Files\Common Files\Motive
2008-12-09 12:07:19 ----D---- C:\Documents and Settings\All Users\Application Data\Motive
2008-12-01 12:40:32 ----D---- C:\Program Files\Google
2008-11-12 16:59:33 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 16:59:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-10-24 02:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-23 02:00:25 ----D---- C:\WINDOWS\$SQLUninstallSQL2000-KB948110-v8.00.2050-x86-ENU$
2008-10-22 14:47:49 ----A---- C:\WINDOWS\DUNZLOG.TXT
2008-10-21 16:04:22 ----D---- C:\Program Files\psqlODBC
2008-10-21 15:49:06 ----A---- C:\WINDOWS\wstdUPSWSHIP.INI
2008-10-21 15:44:32 ----A---- C:\WINDOWS\system32\dbmsqlgc.dll
2008-10-21 15:44:32 ----A---- C:\WINDOWS\system32\dbmsgnet.dll
2008-10-21 15:44:17 ----A---- C:\WINDOWS\IsUninst.exe
2008-10-21 15:43:35 ----A---- C:\WINDOWS\ODBC.INI
2008-10-15 10:55:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 10:55:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 10:55:29 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 10:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 10:55:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-01 08:51:26 ----D---- C:\Program Files\iPod
2008-10-01 08:51:25 ----D---- C:\Program Files\iTunes
2008-10-01 08:51:25 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-01 08:50:57 ----D---- C:\Program Files\Bonjour
2008-10-01 08:50:30 ----D---- C:\Program Files\QuickTime
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll
2008-09-29 10:49:19 ----D---- C:\Program Files\MiniRingtone
2008-09-24 09:09:33 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-09-22 13:13:24 ----D---- C:\Documents and Settings\TigerDistrict2\Application Data\Simprit

======List of files/folders modified in the last 3 months======

2008-12-19 13:35:04 ----D---- C:\Program Files\Mozilla Thunderbird
2008-12-19 12:42:19 ----D---- C:\Program Files\Mozilla Firefox
2008-12-19 12:18:15 ----D---- C:\WINDOWS\Temp
2008-12-19 11:44:13 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-19 11:42:27 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-19 11:42:26 ----HD---- C:\WINDOWS\inf
2008-12-19 11:31:11 ----SHD---- C:\WINDOWS\Installer
2008-12-19 11:31:06 ----D---- C:\WINDOWS\system32
2008-12-19 11:30:48 ----D---- C:\Program Files\Java
2008-12-19 11:29:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-19 11:29:42 ----D---- C:\WINDOWS
2008-12-19 10:34:32 ----D---- C:\WINDOWS\system32\drivers
2008-12-19 10:21:17 ----RD---- C:\Program Files
2008-12-19 10:14:26 ----D---- C:\PUT UP
2008-12-19 10:06:28 ----D---- C:\WINDOWS\Prefetch
2008-12-19 03:00:19 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-18 17:55:58 ----RSD---- C:\WINDOWS\assembly
2008-12-18 17:49:37 ----A---- C:\WINDOWS\imsins.BAK
2008-12-18 17:32:05 ----D---- C:\Program Files\Common Files
2008-12-18 17:12:06 ----D---- C:\Documents and Settings\All Users\Application Data\Common Files
2008-12-18 17:07:35 ----RSD---- C:\WINDOWS\Fonts
2008-12-18 13:40:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-18 13:34:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-17 16:57:53 ----D---- C:\WINDOWS\WinSxS
2008-12-17 14:13:59 ----D---- C:\Documents and Settings\TigerDistrict2\Application Data\Adobe
2008-12-17 11:14:01 ----D---- C:\Program Files\ClamWin
2008-12-16 17:04:18 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-16 12:46:46 ----A---- C:\WINDOWS\winhlp32.exe
2008-12-16 12:46:44 ----A---- C:\WINDOWS\twunk_32.exe
2008-12-16 12:46:42 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-12-16 12:46:41 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-16 12:46:40 ----A---- C:\WINDOWS\system32\xcopy.exe
2008-12-16 12:46:39 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2008-12-16 12:46:38 ----A---- C:\WINDOWS\system32\WudfHost.exe
2008-12-16 12:46:37 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-16 12:46:36 ----A---- C:\WINDOWS\system32\wscript.exe
2008-12-16 12:46:35 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-12-16 12:46:35 ----A---- C:\WINDOWS\system32\write.exe
2008-12-16 12:46:34 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2008-12-16 12:46:34 ----A---- C:\WINDOWS\system32\wpdshextautoplay.exe
2008-12-16 12:46:33 ----A---- C:\WINDOWS\system32\wpabaln.exe
2008-12-16 12:46:30 ----A---- C:\WINDOWS\system32\WISPTIS.EXE
2008-12-16 12:46:29 ----A---- C:\WINDOWS\system32\winver.exe
2008-12-16 12:46:28 ----A---- C:\WINDOWS\system32\winmsd.exe
2008-12-16 12:46:28 ----A---- C:\WINDOWS\system32\winmine.exe
2008-12-16 12:46:27 ----A---- C:\WINDOWS\system32\winhlp32.exe
2008-12-16 12:46:27 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2008-12-16 12:46:26 ----A---- C:\WINDOWS\system32\winchat.exe
2008-12-16 12:46:25 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2008-12-16 12:46:24 ----A---- C:\WINDOWS\system32\wextract.exe
2008-12-16 12:46:23 ----A---- C:\WINDOWS\system32\wdfmgr.exe
2008-12-16 12:46:21 ----D---- C:\WINDOWS\system32\wbem
2008-12-16 12:46:12 ----A---- C:\WINDOWS\system32\w32tm.exe
2008-12-16 12:46:12 ----A---- C:\WINDOWS\system32\vssvc.exe
2008-12-16 12:46:11 ----A---- C:\WINDOWS\system32\vssadmin.exe
2008-12-16 12:46:11 ----A---- C:\WINDOWS\system32\verifier.exe
2008-12-16 12:46:10 ----A---- C:\WINDOWS\system32\verclsid.exe
2008-12-16 12:46:09 ----A---- C:\WINDOWS\system32\uwdf.exe
2008-12-16 12:46:08 ----A---- C:\WINDOWS\system32\utilman.exe
2008-12-16 12:46:08 ----A---- C:\WINDOWS\system32\usrshuta.exe
2008-12-16 12:46:07 ----A---- C:\WINDOWS\system32\usrprbda.exe
2008-12-16 12:46:07 ----A---- C:\WINDOWS\system32\usrmlnka.exe
2008-12-16 12:46:06 ----D---- C:\WINDOWS\system32\usmt
2008-12-16 12:46:03 ----A---- C:\WINDOWS\system32\userinit.exe
2008-12-16 12:46:02 ----D---- C:\WINDOWS\system32\URTTemp
2008-12-16 12:46:01 ----A---- C:\WINDOWS\system32\ups.exe
2008-12-16 12:46:01 ----A---- C:\WINDOWS\system32\upnpcont.exe
2008-12-16 12:46:00 ----A---- C:\WINDOWS\system32\unlodctr.exe
2008-12-16 12:45:59 ----A---- C:\WINDOWS\system32\tzchange.exe
2008-12-16 12:45:59 ----A---- C:\WINDOWS\system32\typeperf.exe
2008-12-16 12:45:56 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-16 12:45:56 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-16 12:45:55 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-16 12:45:55 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-12-16 12:45:54 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-16 12:45:53 ----A---- C:\WINDOWS\system32\tracert6.exe
2008-12-16 12:45:53 ----A---- C:\WINDOWS\system32\tracert.exe
2008-12-16 12:45:52 ----A---- C:\WINDOWS\system32\tracerpt.exe
2008-12-16 12:45:52 ----A---- C:\WINDOWS\system32\tourstart.exe
2008-12-16 12:45:51 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2008-12-16 12:45:51 ----A---- C:\WINDOWS\system32\tlntsess.exe
2008-12-16 12:45:50 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2008-12-16 12:45:50 ----A---- C:\WINDOWS\system32\tftp.exe
2008-12-16 12:45:49 ----A---- C:\WINDOWS\system32\telnet.exe
2008-12-16 12:45:49 ----A---- C:\WINDOWS\system32\tcpsvcs.exe
2008-12-16 12:45:48 ----A---- C:\WINDOWS\system32\tcmsetup.exe
2008-12-16 12:45:48 ----A---- C:\WINDOWS\system32\taskmgr.exe
2008-12-16 12:45:47 ----A---- C:\WINDOWS\system32\taskman.exe
2008-12-16 12:45:47 ----A---- C:\WINDOWS\system32\tasklist.exe
2008-12-16 12:45:46 ----A---- C:\WINDOWS\system32\taskkill.exe
2008-12-16 12:45:45 ----A---- C:\WINDOWS\system32\systray.exe
2008-12-16 12:45:45 ----A---- C:\WINDOWS\system32\systeminfo.exe
2008-12-16 12:45:44 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2008-12-16 12:45:43 ----A---- C:\WINDOWS\system32\syskey.exe
2008-12-16 12:45:42 ----A---- C:\WINDOWS\system32\syncapp.exe
2008-12-16 12:45:42 ----A---- C:\WINDOWS\system32\subst.exe
2008-12-16 12:45:41 ----A---- C:\WINDOWS\system32\stimon.exe
2008-12-16 12:45:40 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-16 12:45:39 ----A---- C:\WINDOWS\system32\sprestrt.exe
2008-12-16 12:45:26 ----A---- C:\WINDOWS\system32\spnpinst.exe
2008-12-16 12:45:25 ----A---- C:\WINDOWS\system32\spiisupd.exe
2008-12-16 12:45:25 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-16 12:45:24 ----A---- C:\WINDOWS\system32\sort.exe
2008-12-16 12:45:24 ----A---- C:\WINDOWS\system32\sol.exe
2008-12-16 12:45:23 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-12-16 12:45:23 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-12-16 12:45:22 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2008-12-16 12:45:21 ----A---- C:\WINDOWS\system32\smbinst.exe
2008-12-16 12:45:21 ----A---- C:\WINDOWS\system32\skeys.exe
2008-12-16 12:45:20 ----A---- C:\WINDOWS\system32\sigverif.exe
2008-12-16 12:45:20 ----A---- C:\WINDOWS\system32\shutdown.exe
2008-12-16 12:45:19 ----A---- C:\WINDOWS\system32\shrpubw.exe
2008-12-16 12:45:18 ----A---- C:\WINDOWS\system32\shmgrate.exe
2008-12-16 12:45:18 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-16 12:45:17 ----A---- C:\WINDOWS\system32\sfc.exe
2008-12-16 12:45:16 ----A---- C:\WINDOWS\system32\setup.exe
2008-12-16 12:45:15 ----A---- C:\WINDOWS\system32\sethc.exe
2008-12-16 12:45:15 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-16 12:45:14 ----A---- C:\WINDOWS\system32\secedit.exe
2008-12-16 12:45:13 ----A---- C:\WINDOWS\system32\sdbinst.exe
2008-12-16 12:45:13 ----A---- C:\WINDOWS\system32\schtasks.exe
2008-12-16 12:45:12 ----A---- C:\WINDOWS\system32\scardsvr.exe
2008-12-16 12:45:12 ----A---- C:\WINDOWS\system32\sc.exe
2008-12-16 12:45:11 ----A---- C:\WINDOWS\system32\savedump.exe
2008-12-16 12:45:10 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-16 12:45:10 ----A---- C:\WINDOWS\system32\runonce.exe
2008-12-16 12:45:09 ----A---- C:\WINDOWS\system32\runas.exe
2008-12-16 12:45:09 ----A---- C:\WINDOWS\system32\rtcshare.exe
2008-12-16 12:45:08 ----A---- C:\WINDOWS\system32\rsvp.exe
2008-12-16 12:45:08 ----A---- C:\WINDOWS\system32\rsopprov.exe
2008-12-16 12:45:07 ----A---- C:\WINDOWS\system32\rsnotify.exe
2008-12-16 12:45:07 ----A---- C:\WINDOWS\system32\rsmui.exe
2008-12-16 12:45:06 ----A---- C:\WINDOWS\system32\rsmsink.exe
2008-12-16 12:45:06 ----A---- C:\WINDOWS\system32\rsm.exe
2008-12-16 12:45:05 ----A---- C:\WINDOWS\system32\rsh.exe
2008-12-16 12:45:04 ----A---- C:\WINDOWS\system32\routemon.exe
2008-12-16 12:45:04 ----A---- C:\WINDOWS\system32\route.exe
2008-12-16 12:45:03 ----D---- C:\WINDOWS\system32\Restore
2008-12-16 12:45:03 ----A---- C:\WINDOWS\system32\rexec.exe
2008-12-16 12:45:01 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-16 12:45:01 ----A---- C:\WINDOWS\system32\replace.exe
2008-12-16 12:45:00 ----A---- C:\WINDOWS\system32\relog.exe
2008-12-16 12:45:00 ----A---- C:\WINDOWS\system32\regwiz.exe
2008-12-16 12:44:59 ----A---- C:\WINDOWS\system32\regsvr32.exe
2008-12-16 12:44:59 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-16 12:44:58 ----A---- C:\WINDOWS\system32\regedt32.exe
2008-12-16 12:44:58 ----A---- C:\WINDOWS\system32\reg.exe
2008-12-16 12:44:57 ----A---- C:\WINDOWS\system32\recover.exe
2008-12-16 12:44:57 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-16 12:44:56 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-16 12:44:56 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-16 12:44:55 ----A---- C:\WINDOWS\system32\rcp.exe
2008-12-16 12:44:55 ----A---- C:\WINDOWS\system32\rcimlby.exe
2008-12-16 12:44:54 ----A---- C:\WINDOWS\system32\rasphone.exe
2008-12-16 12:44:53 ----A---- C:\WINDOWS\system32\rasdial.exe
2008-12-16 12:44:53 ----A---- C:\WINDOWS\system32\rasautou.exe
2008-12-16 12:44:52 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-16 12:44:52 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-16 12:44:51 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-16 12:44:50 ----A---- C:\WINDOWS\system32\proxycfg.exe
2008-12-16 12:44:49 ----A---- C:\WINDOWS\system32\proquota.exe
2008-12-16 12:44:49 ----A---- C:\WINDOWS\system32\progman.exe
2008-12-16 12:44:48 ----A---- C:\WINDOWS\system32\print.exe
2008-12-16 12:44:48 ----A---- C:\WINDOWS\system32\PresentationHost.exe
2008-12-16 12:44:47 ----A---- C:\WINDOWS\system32\powercfg.exe
2008-12-16 12:44:46 ----A---- C:\WINDOWS\system32\pintool.exe
2008-12-16 12:44:45 ----A---- C:\WINDOWS\system32\ping6.exe
2008-12-16 12:44:45 ----A---- C:\WINDOWS\system32\ping.exe
2008-12-16 12:44:44 ----A---- C:\WINDOWS\system32\perfmon.exe
2008-12-16 12:44:44 ----A---- C:\WINDOWS\system32\pentnt.exe
2008-12-16 12:44:43 ----A---- C:\WINDOWS\system32\pathping.exe
2008-12-16 12:44:42 ----A---- C:\WINDOWS\system32\packager.exe
2008-12-16 12:44:42 ----A---- C:\WINDOWS\system32\osuninst.exe
2008-12-16 12:44:41 ----A---- C:\WINDOWS\system32\osk.exe
2008-12-16 12:44:41 ----A---- C:\WINDOWS\system32\openfiles.exe
2008-12-16 12:44:40 ----D---- C:\WINDOWS\system32\oobe
2008-12-16 12:44:37 ----A---- C:\WINDOWS\system32\odbcconf.exe
2008-12-16 12:44:37 ----A---- C:\WINDOWS\system32\odbcad32.exe
2008-12-16 12:44:36 ----A---- C:\WINDOWS\system32\nwscript.exe
2008-12-16 12:44:35 ----A---- C:\WINDOWS\system32\nwiz.exe
2008-12-16 12:44:34 ----A---- C:\WINDOWS\system32\nvunrm.exe
2008-12-16 12:44:34 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-12-16 12:44:33 ----A---- C:\WINDOWS\system32\nvuide.exe
2008-12-16 12:44:33 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-12-16 12:44:31 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2008-12-16 12:44:30 ----A---- C:\WINDOWS\system32\nvcplui.exe
2008-12-16 12:44:29 ----A---- C:\WINDOWS\system32\nvcolor.exe
2008-12-16 12:44:28 ----A---- C:\WINDOWS\system32\nvappbar.exe
2008-12-16 12:44:27 ----A---- C:\WINDOWS\system32\ntvdm.exe
2008-12-16 12:44:27 ----A---- C:\WINDOWS\system32\ntsd.exe
2008-12-16 12:44:26 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-12-16 12:44:25 ----A---- C:\WINDOWS\system32\ntbackup.exe
2008-12-16 12:44:24 ----D---- C:\WINDOWS\system32\npp
2008-12-16 12:44:24 ----A---- C:\WINDOWS\system32\nslookup.exe
2008-12-16 12:44:23 ----A---- C:\WINDOWS\system32\notepad.exe
2008-12-16 12:44:22 ----A---- C:\WINDOWS\system32\netstat.exe
2008-12-16 12:44:22 ----A---- C:\WINDOWS\system32\netsh.exe
2008-12-16 12:44:21 ----A---- C:\WINDOWS\system32\netsetup.exe
2008-12-16 12:44:20 ----A---- C:\WINDOWS\system32\netdde.exe
2008-12-16 12:44:20 ----A---- C:\WINDOWS\system32\net1.exe
2008-12-16 12:44:19 ----A---- C:\WINDOWS\system32\net.exe
2008-12-16 12:44:19 ----A---- C:\WINDOWS\system32\nddeapir.exe
2008-12-16 12:44:18 ----A---- C:\WINDOWS\system32\nbtstat.exe
2008-12-16 12:44:17 ----A---- C:\WINDOWS\system32\narrator.exe
2008-12-16 12:44:12 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-16 12:44:11 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-16 12:44:11 ----A---- C:\WINDOWS\system32\msswchx.exe
2008-12-16 12:44:09 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-12-16 12:44:08 ----A---- C:\WINDOWS\system32\msiexec.exe
2008-12-16 12:44:07 ----A---- C:\WINDOWS\system32\mshta.exe
2008-12-16 12:44:06 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-12-16 12:44:06 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-16 12:44:05 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2008-12-16 12:44:04 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-16 12:44:01 ----A---- C:\WINDOWS\system32\mrinfo.exe
2008-12-16 12:44:00 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
2008-12-16 12:44:00 ----A---- C:\WINDOWS\system32\mqsvc.exe
2008-12-16 12:43:59 ----A---- C:\WINDOWS\system32\mqbkup.exe
2008-12-16 12:43:58 ----A---- C:\WINDOWS\system32\mpnotify.exe
2008-12-16 12:43:58 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-12-16 12:43:57 ----A---- C:\WINDOWS\system32\mountvol.exe
2008-12-16 12:43:56 ----A---- C:\WINDOWS\system32\mobsync.exe
2008-12-16 12:43:56 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-16 12:43:55 ----A---- C:\WINDOWS\system32\mmc.exe
2008-12-16 12:43:54 ----A---- C:\WINDOWS\system32\migpwd.exe
2008-12-16 12:43:52 ----A---- C:\WINDOWS\system32\makecab.exe
2008-12-16 12:43:51 ----A---- C:\WINDOWS\system32\magnify.exe
2008-12-16 12:43:47 ----A---- C:\WINDOWS\system32\lpr.exe
2008-12-16 12:43:46 ----A---- C:\WINDOWS\system32\lpq.exe
2008-12-16 12:43:46 ----A---- C:\WINDOWS\system32\logonui.exe
2008-12-16 12:43:45 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-16 12:43:45 ----A---- C:\WINDOWS\system32\logman.exe
2008-12-16 12:43:44 ----A---- C:\WINDOWS\system32\logagent.exe
2008-12-16 12:43:43 ----A---- C:\WINDOWS\system32\lodctr.exe
2008-12-16 12:43:43 ----A---- C:\WINDOWS\system32\locator.exe
2008-12-16 12:43:42 ----A---- C:\WINDOWS\system32\lnkstub.exe
2008-12-16 12:43:42 ----A---- C:\WINDOWS\system32\lights.exe
2008-12-16 12:43:41 ----A---- C:\WINDOWS\system32\label.exe
2008-12-16 12:43:40 ----A---- C:\WINDOWS\system32\keystone.exe
2008-12-16 12:43:36 ----A---- C:\WINDOWS\system32\ipxroute.exe
2008-12-16 12:43:36 ----A---- C:\WINDOWS\system32\ipv6.exe
2008-12-16 12:43:35 ----A---- C:\WINDOWS\system32\ipsec6.exe
2008-12-16 12:43:34 ----A---- C:\WINDOWS\system32\ipconfig.exe
2008-12-16 12:43:33 ----A---- C:\WINDOWS\system32\imapi.exe
2008-12-16 12:43:31 ----A---- C:\WINDOWS\system32\iexpress.exe
2008-12-16 12:43:31 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-12-16 12:43:30 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-12-16 12:43:29 ----A---- C:\WINDOWS\system32\icardagt.exe
2008-12-16 12:43:27 ----A---- C:\WINDOWS\system32\hostname.exe
2008-12-16 12:43:26 ----A---- C:\WINDOWS\system32\help.exe
2008-12-16 12:43:26 ----A---- C:\WINDOWS\system32\HdAShCut.exe
2008-12-16 12:43:24 ----A---- C:\WINDOWS\system32\grpconv.exe
2008-12-16 12:43:24 ----A---- C:\WINDOWS\system32\gpupdate.exe
2008-12-16 12:43:23 ----A---- C:\WINDOWS\system32\gpresult.exe
2008-12-16 12:43:22 ----A---- C:\WINDOWS\system32\getmac.exe
2008-12-16 12:43:22 ----A---- C:\WINDOWS\system32\GetHostIP.exe
2008-12-16 12:43:21 ----A---- C:\WINDOWS\system32\ftp.exe
2008-12-16 12:43:21 ----A---- C:\WINDOWS\system32\fsutil.exe
2008-12-16 12:43:20 ----A---- C:\WINDOWS\system32\fsquirt.exe
2008-12-16 12:43:20 ----A---- C:\WINDOWS\system32\freecell.exe
2008-12-16 12:43:19 ----A---- C:\WINDOWS\system32\forcedos.exe
2008-12-16 12:43:19 ----A---- C:\WINDOWS\system32\fontview.exe
2008-12-16 12:43:18 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-12-16 12:43:18 ----A---- C:\WINDOWS\system32\fixmapi.exe
2008-12-16 12:43:17 ----A---- C:\WINDOWS\system32\finger.exe
2008-12-16 12:43:17 ----A---- C:\WINDOWS\system32\findstr.exe
2008-12-16 12:43:16 ----A---- C:\WINDOWS\system32\find.exe
2008-12-16 12:43:16 ----A---- C:\WINDOWS\system32\fc.exe
2008-12-16 12:43:15 ----A---- C:\WINDOWS\system32\extrac32.exe
2008-12-16 12:43:14 ----A---- C:\WINDOWS\system32\expand.exe
2008-12-16 12:43:14 ----A---- C:\WINDOWS\system32\eventvwr.exe
2008-12-16 12:43:13 ----A---- C:\WINDOWS\system32\eventtriggers.exe
2008-12-16 12:43:13 ----A---- C:\WINDOWS\system32\eventcreate.exe
2008-12-16 12:43:12 ----A---- C:\WINDOWS\system32\eudcedit.exe
2008-12-16 12:43:12 ----A---- C:\WINDOWS\system32\esentutl.exe
2008-12-16 12:43:10 ----A---- C:\WINDOWS\system32\dxdiag.exe
2008-12-16 12:43:09 ----A---- C:\WINDOWS\system32\dwwin.exe
2008-12-16 12:43:08 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2008-12-16 12:43:08 ----A---- C:\WINDOWS\system32\dvdplay.exe
2008-12-16 12:43:07 ----A---- C:\WINDOWS\system32\dumprep.exe
2008-12-16 12:43:06 ----A---- C:\WINDOWS\system32\drwtsn32.exe
2008-12-16 12:43:05 ----A---- C:\WINDOWS\system32\drmupgds.exe
2008-12-16 12:42:58 ----A---- C:\WINDOWS\system32\driverquery.exe
2008-12-16 12:42:58 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2008-12-16 12:42:57 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2008-12-16 12:42:56 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2008-12-16 12:42:56 ----A---- C:\WINDOWS\system32\doskey.exe
2008-12-16 12:42:55 ----A---- C:\WINDOWS\system32\dns-sd.exe
2008-12-16 12:42:55 ----A---- C:\WINDOWS\system32\dmremote.exe
2008-12-16 12:42:54 ----A---- C:\WINDOWS\system32\dmadmin.exe
2008-12-16 12:42:54 ----A---- C:\WINDOWS\system32\dllhst3g.exe
2008-12-16 12:42:53 ----A---- C:\WINDOWS\system32\dllhost.exe
2008-12-16 12:39:09 ----A---- C:\WINDOWS\system32\diskperf.exe
2008-12-16 12:39:08 ----A---- C:\WINDOWS\system32\diskpart.exe
2008-12-16 12:39:07 ----A---- C:\WINDOWS\system32\diantz.exe
2008-12-16 12:39:06 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2008-12-16 12:39:06 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2008-12-16 12:39:05 ----A---- C:\WINDOWS\system32\defrag.exe
2008-12-16 12:39:04 ----A---- C:\WINDOWS\system32\ddeshare.exe
2008-12-16 12:39:04 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-16 12:39:01 ----A---- C:\WINDOWS\system32\cscript.exe
2008-12-16 12:39:00 ----A---- C:\WINDOWS\system32\convert.exe
2008-12-16 12:39:00 ----A---- C:\WINDOWS\system32\control.exe
2008-12-16 12:38:59 ----A---- C:\WINDOWS\system32\conime.exe
2008-12-16 12:38:57 ----A---- C:\WINDOWS\system32\compact.exe
2008-12-16 12:38:56 ----A---- C:\WINDOWS\system32\comp.exe
2008-12-16 12:38:55 ----D---- C:\WINDOWS\system32\Com
2008-12-16 12:38:54 ----A---- C:\WINDOWS\system32\cmstp.exe
2008-12-16 12:38:54 ----A---- C:\WINDOWS\system32\cmmon32.exe
2008-12-16 12:38:53 ----A---- C:\WINDOWS\system32\cmdl32.exe
2008-12-16 12:38:53 ----A---- C:\WINDOWS\system32\cmd.exe
2008-12-16 12:38:52 ----A---- C:\WINDOWS\system32\clipsrv.exe
2008-12-16 12:38:52 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-12-16 12:38:51 ----A---- C:\WINDOWS\system32\cliconfg.exe
2008-12-16 12:38:51 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2008-12-16 12:38:50 ----A---- C:\WINDOWS\system32\ckcnv.exe
2008-12-16 12:38:50 ----A---- C:\WINDOWS\system32\cisvc.exe
2008-12-16 12:38:49 ----A---- C:\WINDOWS\system32\cipher.exe
2008-12-16 12:38:49 ----A---- C:\WINDOWS\system32\cidaemon.exe
2008-12-16 12:38:48 ----A---- C:\WINDOWS\system32\chkntfs.exe
2008-12-16 12:38:48 ----A---- C:\WINDOWS\system32\chkdsk.exe
2008-12-16 12:38:47 ----A---- C:\WINDOWS\system32\charmap.exe
2008-12-16 12:38:42 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2008-12-16 12:38:42 ----A---- C:\WINDOWS\system32\calc.exe
2008-12-16 12:38:41 ----A---- C:\WINDOWS\system32\cacls.exe
2008-12-16 12:38:41 ----A---- C:\WINDOWS\system32\bootvrfy.exe
2008-12-16 12:38:40 ----A---- C:\WINDOWS\system32\bootok.exe
2008-12-16 12:38:40 ----A---- C:\WINDOWS\system32\bootcfg.exe
2008-12-16 12:38:39 ----A---- C:\WINDOWS\system32\blastcln.exe
2008-12-16 12:38:38 ----A---- C:\WINDOWS\system32\autolfn.exe
2008-12-16 12:38:37 ----A---- C:\WINDOWS\system32\autofmt.exe
2008-12-16 12:38:37 ----A---- C:\WINDOWS\system32\autoconv.exe
2008-12-16 12:38:36 ----A---- C:\WINDOWS\system32\autochk.exe
2008-12-16 12:38:36 ----A---- C:\WINDOWS\system32\auditusr.exe
2008-12-16 12:38:35 ----A---- C:\WINDOWS\system32\attrib.exe
2008-12-16 12:38:34 ----A---- C:\WINDOWS\system32\atmadm.exe
2008-12-16 12:38:34 ----A---- C:\WINDOWS\system32\at.exe
2008-12-16 12:38:33 ----A---- C:\WINDOWS\system32\asr_pfu.exe
2008-12-16 12:38:33 ----A---- C:\WINDOWS\system32\asr_ldm.exe
2008-12-16 12:38:32 ----A---- C:\WINDOWS\system32\asr_fmt.exe
2008-12-16 12:38:32 ----A---- C:\WINDOWS\system32\arp.exe
2008-12-16 12:38:31 ----A---- C:\WINDOWS\system32\ahui.exe
2008-12-16 12:38:30 ----A---- C:\WINDOWS\system32\actmovie.exe
2008-12-16 12:38:30 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-12-16 12:33:11 ----A---- C:\WINDOWS\regedit.exe
2008-12-16 12:32:50 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-12-16 12:32:49 ----D---- C:\WINDOWS\network diagnostic
2008-12-16 12:32:49 ----D---- C:\WINDOWS\mui
2008-12-16 12:32:47 ----D---- C:\WINDOWS\msagent
2008-12-16 12:27:31 ----HDC---- C:\WINDOWS\ie7
2008-12-16 12:27:29 ----A---- C:\WINDOWS\HideWin.exe
2008-12-16 12:27:28 ----A---- C:\WINDOWS\hh.exe
2008-12-16 12:25:49 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-12-16 12:25:45 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-12-16 12:25:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-12-16 12:25:06 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2008-12-16 12:25:01 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-12-16 12:24:58 ----HDC---- C:\WINDOWS\$NtUninstallKB939653$
2008-12-16 12:24:56 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2008-12-16 12:24:44 ----HDC---- C:\WINDOWS\$NtUninstallKB931784$
2008-12-16 12:24:29 ----HDC---- C:\WINDOWS\$NtUninstallKB925876$
2008-12-16 12:24:28 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2008-12-16 12:24:18 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2008-12-16 12:24:12 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2008-12-16 12:23:57 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2008-12-16 12:23:50 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2008-12-16 12:23:48 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2008-12-16 12:23:47 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2008-12-16 12:23:46 ----HDC---- C:\WINDOWS\$NtUninstallKB896344$
2008-12-16 12:23:40 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2008-12-16 12:23:37 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2008-12-16 12:23:30 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-12-16 12:17:44 ----D---- C:\Program Files\Windows NT
2008-12-16 12:17:42 ----D---- C:\Program Files\Windows Media Player
2008-12-16 12:17:34 ----D---- C:\Program Files\Windows Media Connect 2
2008-12-16 12:17:32 ----D---- C:\Program Files\SystemRequirementsLab
2008-12-16 12:16:26 ----D---- C:\Program Files\Outlook Express
2008-12-16 12:16:11 ----D---- C:\Program Files\NetMeeting
2008-12-16 12:14:58 ----D---- C:\Program Files\Movie Maker
2008-12-16 12:12:22 ----D---- C:\Program Files\Messenger
2008-12-16 12:11:56 ----D---- C:\Program Files\Linksys EasyLink Advisor
2008-12-16 12:07:40 ----D---- C:\Program Files\Internet Explorer
2008-12-16 12:07:10 ----D---- C:\Program Files\DRoster
2008-12-16 12:04:26 ----D---- C:\Program Files\Apple Software Update
2008-12-16 10:54:11 ----D---- C:\temp
2008-12-15 17:45:23 ----SHD---- C:\RECYCLER
2008-12-15 17:04:03 ----D---- C:\Program Files\MSN
2008-12-15 16:50:52 ----D---- C:\Documents and Settings
2008-12-13 00:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-11 03:02:15 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-12-09 15:24:38 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-09 12:33:46 ----D---- C:\Program Files\Common Files\supportsoft
2008-12-01 12:41:14 ----D---- C:\WINDOWS\system32\config
2008-11-18 15:24:12 ----D---- C:\WINDOWS\Help
2008-10-23 07:01:36 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-22 07:50:30 ----D---- C:\Program Files\Microsoft Silverlight
2008-10-21 15:48:16 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-16 14:38:40 ----A---- C:\WINDOWS\system32\wininet.dll
2008-10-16 14:38:39 ----N---- C:\WINDOWS\system32\occache.dll
2008-10-16 14:38:39 ----N---- C:\WINDOWS\system32\mstime.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\url.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-10-16 14:38:38 ----N---- C:\WINDOWS\system32\msrating.dll
2008-10-16 14:38:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-10-16 14:38:37 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-10-16 14:38:37 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-16 14:38:35 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-10-16 14:38:35 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-10-16 14:38:35 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-10-16 14:38:35 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-10-16 14:38:35 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-10-16 14:38:35 ----A---- C:\WINDOWS\system32\icardie.dll
2008-10-16 14:38:34 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-10-16 14:38:34 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-10-16 14:38:34 ----A---- C:\WINDOWS\system32\advpack.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\muweb.dll
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-10-15 10:57:55 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 01:04:53 ----N---- C:\WINDOWS\system32\ieakui.dll
2008-10-03 04:15:47 ----A---- C:\WINDOWS\system32\strmdll.dll
2008-10-01 08:51:36 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-10-01 08:50:33 ----D---- C:\Program Files\Common Files\Apple
2008-09-24 09:09:33 ----D---- C:\WINDOWS\Debug

 

Logfile of random's system information tool 1.05 (written by random/random)
Run by TigerDistrict2 at 2008-12-19 13:44:51
Microsoft Windows XP Professional Service Pack 2
System drive C: has 359 GB (94%) free of 382 GB
Total RAM: 1918 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:44:54 PM, on 12/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\DRoster\Firebird\bin\fbguard.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\DRoster\Firebird\bin\fbserver.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\UPSNA1Msgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MICROSOFT SQL SERVER\80\TOOLS\BINN\sqlmangr.exe
C:\Documents and Settings\TigerDistrict2\Desktop\UPS\WSTD\WSTDMessaging.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\TigerDistrict2\Local Settings\Temp\jkos-TigerDistrict2\binaries\ScanningProcess.exe
C:\Documents and Settings\TigerDistrict2\Local Settings\Temp\jkos-TigerDistrict2\binaries\ScanningProcess.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Documents and Settings\TigerDistrict2\Desktop\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\TigerDistrict2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://smallbusiness.att.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HelpCenter4.1] C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe /P HelpCenter4.1
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [NA1Messenger] C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\UPSNA1Msgr.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKUS\S-1-5-18\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\MICROSOFT SQL SERVER\80\TOOLS\BINN\sqlmangr.exe
O4 - Global Startup: UPS WorldShip Messaging Utility.lnk = UPS\WSTD\WSTDMessaging.exe
O4 - Global Startup: UPS WorldShip PLD Reminder Utility.lnk = UPS\WSTD\wstdPldReminder.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1194915182625
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - https://www.netchexonline.net/ActiveX/activexviewer.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe
O23 - Service: COM+ System Application (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\DRoster\Firebird\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\DRoster\Firebird\bin\fbserver.exe
O23 - Service: Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) - Unknown owner - c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (file missing)
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Windows CardSpace (idsvc) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe
O23 - Service: QoS RSVP (RSVP) - Unknown owner - C:\WINDOWS\system32\rsvp.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Windows Service Pack Installer update service (spupdsvc) - Unknown owner - C:\WINDOWS\system32\spupdsvc.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe

--
End of file - 11614 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}]
PCTools Site Guard - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll [2006-08-01 825528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-19 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B56A7D7D-6927-48C8-A975-17DF180C71AC}]
PCTools Browser Monitor - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll [2006-09-01 848496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-19 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-19 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ClamWin "=C:\Program Files\ClamWin\bin\ClamTray.exe [2008-11-09 86016]
"NvCplDaemon "=C:\WINDOWS\system32\NvCpl.dll [2007-10-04 8491008]
"nwiz "=nwiz.exe /install []
"NvMediaCenter "=C:\WINDOWS\system32\NvMcTray.dll [2007-10-04 81920]
"GrooveMonitor "=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-12-16 24064]
"SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-19 136600]
"RTHDCPL "=C:\WINDOWS\RTHDCPL.EXE [2008-02-13 16857600]
"Alcmtr "=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"QuickTime Task "=C:\Program Files\QuickTime\QTTask.exe [2008-12-16 413696]
"iTunesHelper "=C:\Program Files\iTunes\iTunesHelper.exe [2008-12-16 284160]
"Google Desktop Search "=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-16 24064]
"HelpCenter4.1 "=C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe [2008-12-16 192512]
"egui "=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2007-12-21 1443072]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NA1Messenger "=C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\UPSNA1Msgr.exe [2008-11-14 24576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"EasyLinkAdvisor "=C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe [2008-12-16 451072]
"SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-12-17 1809648]
"Spyware Doctor "=C:\Program Files\Spyware Doctor\swdoctor.exe [2006-09-23 2128016]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe
Service Manager.lnk - C:\Program Files\MICROSOFT SQL SERVER\80\TOOLS\BINN\sqlmangr.exe
UPS WorldShip Messaging Utility.lnk - C:\Documents and Settings\TigerDistrict2\Desktop\UPS\WSTD\WSTDMessaging.exe
UPS WorldShip PLD Reminder Utility.lnk - C:\Documents and Settings\TigerDistrict2\Desktop\UPS\WSTD\wstdPldReminder.exe

C:\Documents and Settings\TigerDistrict2\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS "= "C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2008-12-17 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-03 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe "= "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server "
"D:\SETUP.EXE "= "D:\SETUP.EXE:*:Enabled:Setup "
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE "= "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook "
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE "= "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove "
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE "= "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\EftSvr.exe "= "C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\EftSvr.exe:*:Enabled:EftSvr "
"C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\QBPOSLic.exe "= "C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\QBPOSLic.exe:*:Enabled:QBPOSLic "
"C:\Program Files\Bonjour\mDNSResponder.exe "= "C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour "
"C:\Program Files\iTunes\iTunes.exe "= "C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes "
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe "= "C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNetisabled:Intuit Update Shared Downloads Server "
"C:\Program Files\att-nap\McciBrowser.exe "= "C:\Program Files\att-nap\McciBrowser.exe:*:Enabled:motivebrowser.exe "
"C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\qbpos.exe "= "C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\qbpos.exe:*:Enabled:QuickBooks Point of Sale 7.0 "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{38af91a2-acd6-11dc-9205-0016441a39f7}]
shell\AutoRun\command - I:\SETUP.EXE
shell\VERB\command - I:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78c20c12-9182-11dc-91f6-806d6172696f}]
shell\AutoRun\command - D:\SETUP.EXE


======List of files/folders created in the last 3 months======

2008-12-19 13:44:51 ----D---- C:\rsit
2008-12-19 11:31:06 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-19 11:31:06 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-19 11:31:06 ----A---- C:\WINDOWS\system32\java.exe
2008-12-19 11:31:06 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-19 11:29:41 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-19 11:29:21 ----D---- C:\WINDOWS\LastGood
2008-12-19 10:21:17 ----D---- C:\Program Files\Trend Micro
2008-12-18 17:32:05 ----D---- C:\Program Files\Intuit
2008-12-18 17:32:05 ----D---- C:\Program Files\Common Files\Intuit
2008-12-18 17:32:05 ----D---- C:\Documents and Settings\All Users\Application Data\Intuit
2008-12-17 16:58:09 ----D---- C:\Program Files\MICROSOFT SQL SERVER
2008-12-17 16:53:22 ----A---- C:\WINDOWS\wstdUninstall.txt
2008-12-17 15:44:16 ----SHD---- C:\Config.Msi
2008-12-17 11:08:12 ----A---- C:\WINDOWS\win.tmp
2008-12-17 11:08:12 ----A---- C:\WINDOWS\system.tmp
2008-12-17 11:07:11 ----D---- C:\Documents and Settings\TigerDistrict2\Application Data\PC Tools
2008-12-17 10:32:34 ----D---- C:\Program Files\NOS
2008-12-17 10:32:34 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-12-16 17:04:27 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-12-16 17:03:54 ----D---- C:\Program Files\Common Files\Adobe
2008-12-16 17:03:54 ----D---- C:\Program Files\Adobe
2008-12-16 13:14:15 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-16 13:14:10 ----D---- C:\Program Files\SUPERAntiSpyware
2008-12-16 13:14:10 ----D---- C:\Documents and Settings\TigerDistrict2\Application Data\SUPERAntiSpyware.com
2008-12-16 13:13:02 ----D---- C:\Program Files\ESET
2008-12-16 13:13:02 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2008-12-16 11:45:20 ----D---- C:\SPYWARE
2008-12-16 10:44:44 ----D---- C:\Program Files\Spyware Doctor
2008-12-15 17:38:35 ----D---- C:\Program Files\Panda Security
2008-12-15 17:10:07 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-15 17:10:07 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-15 17:03:02 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-15 17:00:21 ----D---- C:\Program Files\WinRAR
2008-12-15 16:58:13 ----D---- C:\nod32
2008-12-15 16:52:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-15 16:52:40 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-15 16:50:48 ----D---- C:\WINDOWS\CSC
2008-12-15 16:50:42 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-11 03:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-11 03:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-11 03:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-11 03:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-09 12:33:42 ----D---- C:\Program Files\FastAccessDSL
2008-12-09 12:18:40 ----D---- C:\Documents and Settings\All Users\Application Data\ATTToolbar
2008-12-09 12:18:39 ----D---- C:\Program Files\ATTToolbar
2008-12-09 12:18:39 ----D---- C:\Documents and Settings\TigerDistrict2\Application Data\ATTToolbar
2008-12-09 12:18:21 ----D---- C:\WINDOWS\Motive
2008-12-09 12:18:19 ----D---- C:\Program Files\BellSouth Application Management
2008-12-09 12:18:17 ----D---- C:\Program Files\BellSouth
2008-12-09 12:08:46 ----D---- C:\Documents and Settings\TigerDistrict2\Application Data\Motive
2008-12-09 12:08:34 ----D---- C:\Program Files\att-nap
2008-12-09 12:08:31 ----D---- C:\Program Files\Common Files\Motive
2008-12-09 12:07:19 ----D---- C:\Documents and Settings\All Users\Application Data\Motive
2008-12-01 12:40:32 ----D---- C:\Program Files\Google
2008-11-12 16:59:33 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 16:59:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-10-24 02:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-23 02:00:25 ----D---- C:\WINDOWS\$SQLUninstallSQL2000-KB948110-v8.00.2050-x86-ENU$
2008-10-22 14:47:49 ----A---- C:\WINDOWS\DUNZLOG.TXT
2008-10-21 16:04:22 ----D---- C:\Program Files\psqlODBC
2008-10-21 15:49:06 ----A---- C:\WINDOWS\wstdUPSWSHIP.INI
2008-10-21 15:44:32 ----A---- C:\WINDOWS\system32\dbmsqlgc.dll
2008-10-21 15:44:32 ----A---- C:\WINDOWS\system32\dbmsgnet.dll
2008-10-21 15:44:17 ----A---- C:\WINDOWS\IsUninst.exe
2008-10-21 15:43:35 ----A---- C:\WINDOWS\ODBC.INI
2008-10-15 10:55:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 10:55:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 10:55:29 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 10:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 10:55:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-01 08:51:26 ----D---- C:\Program Files\iPod
2008-10-01 08:51:25 ----D---- C:\Program Files\iTunes
2008-10-01 08:51:25 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-01 08:50:57 ----D---- C:\Program Files\Bonjour
2008-10-01 08:50:30 ----D---- C:\Program Files\QuickTime
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll
2008-09-29 10:49:19 ----D---- C:\Program Files\MiniRingtone
2008-09-24 09:09:33 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-09-22 13:13:24 ----D---- C:\Documents and Settings\TigerDistrict2\Application Data\Simprit

======List of files/folders modified in the last 3 months======

2008-12-19 13:35:04 ----D---- C:\Program Files\Mozilla Thunderbird
2008-12-19 12:42:19 ----D---- C:\Program Files\Mozilla Firefox
2008-12-19 12:18:15 ----D---- C:\WINDOWS\Temp
2008-12-19 11:44:13 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-19 11:42:27 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-19 11:42:26 ----HD---- C:\WINDOWS\inf
2008-12-19 11:31:11 ----SHD---- C:\WINDOWS\Installer
2008-12-19 11:31:06 ----D---- C:\WINDOWS\system32
2008-12-19 11:30:48 ----D---- C:\Program Files\Java
2008-12-19 11:29:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-19 11:29:42 ----D---- C:\WINDOWS
2008-12-19 10:34:32 ----D---- C:\WINDOWS\system32\drivers
2008-12-19 10:21:17 ----RD---- C:\Program Files
2008-12-19 10:14:26 ----D---- C:\PUT UP
2008-12-19 10:06:28 ----D---- C:\WINDOWS\Prefetch
2008-12-19 03:00:19 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-18 17:55:58 ----RSD---- C:\WINDOWS\assembly
2008-12-18 17:49:37 ----A---- C:\WINDOWS\imsins.BAK
2008-12-18 17:32:05 ----D---- C:\Program Files\Common Files
2008-12-18 17:12:06 ----D---- C:\Documents and Settings\All Users\Application Data\Common Files
2008-12-18 17:07:35 ----RSD---- C:\WINDOWS\Fonts
2008-12-18 13:40:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-18 13:34:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-17 16:57:53 ----D---- C:\WINDOWS\WinSxS
2008-12-17 14:13:59 ----D---- C:\Documents and Settings\TigerDistrict2\Application Data\Adobe
2008-12-17 11:14:01 ----D---- C:\Program Files\ClamWin
2008-12-16 17:04:18 ----D---- C:\Documents and Settings\All

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 33800]
R1 ikhfile;File Security Kernel Anti-Spyware Driver; C:\WINDOWS\system32\drivers\ikhfile.sys [2006-07-10 30592]
R1 ikhlayer;Kernel Anti-Spyware Driver; C:\WINDOWS\system32\drivers\ikhlayer.sys [2006-08-24 51072]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-11-12 21419]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 elagopro;GoProto Protocol Driver for LELA; C:\WINDOWS\system32\DRIVERS\elagopro.sys [2007-03-22 28672]
R2 elaunidr;UniDriver for LELA; C:\WINDOWS\system32\DRIVERS\elaunidr.sys [2007-03-22 5376]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2004-12-15 220928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-02-14 4676096]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-07-11 20480]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
R4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-03 73472]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 RT73;USB Wireless 802.11 b/g Adaptor Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2007-10-01 451968]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\WINDOWS\TEMP\mc2C.tmp []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\DRoster\Firebird\bin\fbguard.exe [2008-12-16 65536]
R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2008-12-16 20480]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-19 152984]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2008-12-16 303104]
R2 MSSQL$UPSWSDBSERVER;MSSQL$UPSWSDBSERVER; C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe [2008-05-25 9154560]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2008-12-16 131072]
R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2008-12-16 65536]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-04 155716]
R2 SDhelper;PC Tools Spyware Doctor; C:\Program Files\Spyware Doctor\sdhelp.exe [2006-07-14 895160]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\DRoster\Firebird\bin\fbserver.exe [2008-12-16 1527808]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-12-16 531456]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-12-16 110592]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-16 233472]
S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2008-12-16 16896]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-12-16 24576]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-12-16 60928]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2007-12-21 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe []
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-16 24064]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-12-16 58880]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-12-16 434176]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-12-16 138240]
S3 SQLAgent$UPSWSDBSERVER;SQLAgent$UPSWSDBSERVER; C:\DOCUMENTS AND SETTINGS\TIGERDISTRICT2\DESKTOP\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlagent.EXE [2005-05-03 323584]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2008-12-16 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe []

-----------------EOF-----------------

 

Here's the ActiveScan Report

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-12-19 17:54:45
PROTECTIONS: 1
MALWARE: 33
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
ESET NOD32 Antivirus 3.0 3.0 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.trafficmp.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.casalemedia.com/]
00139061 Cookie/Doubleclick TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.doubleclick.net/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Cookies\tigerdistrict2@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.atdmt.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.247realmedia.com/]
00145457 Cookie/FastClick TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.fastclick.net/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.tribalfusion.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.mediaplex.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.mediaplex.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.mediaplex.com/]
00159564 Cookie/WUpd TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.revenue.net/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.com.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.xiti.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.statcounter.com/]
00168048 Cookie/Overture TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.perf.overture.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[ad.yieldmanager.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.burstnet.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.burstnet.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.burstnet.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Cookies\tigerdistrict2@serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.bs.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Cookies\tigerdistrict2@bs.serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.bs.serving-sys.com/]
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[www.burstbeacon.com/]
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][server.iad.liveperson.net/]
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][server.iad.liveperson.net/]
00168114 Cookie/onestat.com TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][stat.onestat.com/]
00168114 Cookie/onestat.com TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[stat.onestat.com/]
00168114 Cookie/onestat.com TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][stat.onestat.com/]
00168114 Cookie/onestat.com TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][stat.onestat.com/]
00168114 Cookie/onestat.com TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[stat.onestat.com/]
00168114 Cookie/onestat.com TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Cookies\tigerdistrict2@stat.onestat[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Cookies\tigerdistrict2@advertising[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.advertising.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Cookies\tigerdistrict2@ads.pointroll[2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.ads.pointroll.com/]
00170554 Cookie/Overture TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.overture.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.realmedia.com/]

 

The rest of the active scan report...


00170556 Cookie/RealMedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.realmedia.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Cookies\tigerdistrict2@questionmarket[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Application Data\Mozilla\Firefox\Profiles\bnw0f2xz.default\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.questionmarket.com/]
00172221 Cookie/Zedo TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.zedo.com/]
00173520 Cookie/Bluestreak TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.bluestreak.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.adrevolver.com/]
00187950 Cookie/bravenetA TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.bravenet.com/]
00194327 Cookie/Go TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.go.com/]
00194327 Cookie/Go TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.go.com/]
00194327 Cookie/Go TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.go.com/]
00194327 Cookie/Go TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.go.com/]
00194327 Cookie/Go TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.go.com/]
00194327 Cookie/Go TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\TigerDistrict2\Cookies\tigerdistrict2@go[1].txt
00194327 Cookie/Go TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.go.com/]
00194327 Cookie/Go TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.go.com/]
00194327 Cookie/Go TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.go.com/]
00194327 Cookie/Go TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.go.com/]
00199984 Cookie/Searchportal TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][searchportal.information.com/]
00207338 Cookie/Target TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.target.com/]
00207862 Cookie/did-it TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.did-it.com/]
00207862 Cookie/did-it TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.did-it.com/]
00207862 Cookie/did-it TrackingCookie No 0 No No C:\Documents and Settings\TigerDistrict2\Local Settings\Application Data\SupportSoft\HelpCenter4.1\TigerDistrict2\state\backup\co\cookies.txt\113966_5ca42570f_[cookies.txt][.did-it.com/]
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d2z0pld1.default\cookies.txt[.did-it.com/]
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d2z0pld1.default\cookies.txt[.did-it.com/]
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d2z0pld1.default\cookies.txt[.did-it.com/]
;===================================================================================================================================================================================
SUSPECTS
Sent Location m
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description m
;===================================================================================================================================================================================
;===================================================================================================================================================================================

 

This tool tends to be quite aggressive, so please be sure to configure it exactly as listed below. I only want to see a Report of what it finds.

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Doubleclick the drweb-cureit.exe file and click 'Start' to run the express scan. This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.

• Once the short scan has finished, we need to change the default settings.
• In the Menu Bar at the top, click 'Setting'>Change Settings.
• Click on the Actions tab
• Using the drop down menus, change each item under Objects and Malware to [color= "Blue"] Report[/color]
• Next, 'tick' Complete Scan.
• Click the green arrow at the right, and the scan will start.
• Click 'No to All' if it asks if you want to cure/move the file.
• After the scan has completed, in the Dr.Web CureIt menu on top, click File and choose Save Report List
• Save the report to your desktop. The report will be called DrWeb.csv
• Close Dr.Web Cureit.
• Post the contents of the log from Dr.Web you saved previously in your next reply.

 

Process.exe;C:\Documents and Settings\TigerDistrict2;Tool.Prockill;;
CAVSNLV8CA33I21DCA802HP8CAJ77AC2CAGVUE9UCA6GPAK4CAGAD22ECA2XZ140CAA9T4ABCAUB5HRICAHRAR2PCAE3VIBTCA12UR0ICAKBWS8GCARUTHITCA2L8T8;C:\Documents and Settings\TigerDistrict2\Local Settings\Temporary Internet Files\Content.IE5\KDCV0NF4\CAVSNLV8CA33I21DCA802HP8C;Modification of Win32.Yasv.924;;
CAVSNLV8CA33I21DCA802HP8CAJ77AC2CAGVUE9UCA6GPAK4CAGAD22ECA2XZ140CAA9T4ABCAUB5HRICAHRAR2PCAE3VIBTCA12UR0ICAKBWS8GCARUTHITCA2L8T8;C:\Documents and Settings\TigerDistrict2\Local Settings\Temporary Internet Files\Content.IE5\KDCV0NF4;Archive contains infected objects;;
InstallHelper.exe;C:\Program Files\Common Files\Motive;Probably DLOADER.Trojan;;
aspnet_compiler.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
aspnet_regbrowsers.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
aspnet_regsql.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
CasPol.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
caspol.VI0;C:\SPYWARE\backup;Win32.Gael.3666;;
CasPol.VIR;C:\SPYWARE\backup;Win32.Gael.3666;;
ComSvcConfig.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
ConfigWizards.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
dfsvc.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
DotNetInstaller.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
DotNetInstaller.VI0;C:\SPYWARE\backup;Win32.Gael.3666;;
DotNetInstaller.VIR;C:\SPYWARE\backup;Win32.Gael.3666;;
FileManagement.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
GZipUtilApp.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
IEExec.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
ieexec.VI0;C:\SPYWARE\backup;Win32.Gael.3666;;
IEExec.VIR;C:\SPYWARE\backup;Win32.Gael.3666;;
infocard.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
InstallUtil.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
installutil.VI0;C:\SPYWARE\backup;Win32.Gael.3666;;
InstallUtil.VIR;C:\SPYWARE\backup;Win32.Gael.3666;;
Intuit.QuickBooks.FCS.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
Intuit.QuickBooks.FCS.VIR;C:\SPYWARE\backup;Win32.Gael.3666;;
Intuit.Spc.Esd.WinClient.Application.ConfigUX.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
Intuit.Spc.Esd.WinClient.Application.Update.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
IntuitUpdate.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
IntuitUpdateConfig.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
IntuitUpdater.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
IntuitUpdateService.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
jsc.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
jsc.VI0;C:\SPYWARE\backup;Win32.Gael.3666;;
jsc.VIR;C:\SPYWARE\backup;Win32.Gael.3666;;
MigPol.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
MigPolWin.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
MSBuild.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
PerformanceCounterInstaller.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
POS176125.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
PresentationFontCache.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
QBCFMonitorService.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
QBGDSPlugin.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
QBHelp.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
QBImport.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
QBServerUtilityMgr.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
QBWebConnector.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
RegAsm.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
regasm.VI0;C:\SPYWARE\backup;Win32.Gael.3666;;
RegAsm.VIR;C:\SPYWARE\backup;Win32.Gael.3666;;
RegSvcs.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
regsvcs.VI0;C:\SPYWARE\backup;Win32.Gael.3666;;
RegSvcs.VIR;C:\SPYWARE\backup;Win32.Gael.3666;;
ServiceModelReg.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
SMSvcHost.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
Support.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
tswpfwrp.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
Uninstall.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
UPSNA1Msgr.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
WsatConfig.exe;C:\SPYWARE\backup;Win32.Gael.3666;;
XamlViewer_v0300.exe;C:\SPYWARE\backup;Win32.Gael.3666;;

 

Appears only the items in the C:\SPYWARE\backup folder are infected, so remove everything in that folder. If that is Spyware Terminator's quarantine folder, best to remove those items via the Spyware Terminator interface.

Download ATF Cleaner by Atribune and save it to your Desktop.

• Double click ATF-Cleaner.exe to run the program.
• Check the boxes to the left of:
  
  
  • Windows Temp
  • Current User Temp
  • All Users Temp
  • Temporary Internet Files
  • Prefetch
  • Java Cache
  • Recycle bin
  
  
• The rest are optional - if you want it to remove everything check "Select All ".
• Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK then exit.

Reboot

Now, lets clear out System Restore, provided everything appears to be working normally.

Clear past system restore points and create a new one.
Right click My Computer and select Properties. On the System Restore tab, check the box to turn System Restore off. Click Apply. Now, uncheck the box and click Apply to turn System Restore back on. Click OK, then OK to close the System Properties dialog.

Verify a new restore point was created.
Click Start>All Programs>Accessories>System Tools>System Restore
Select 'Restore my computer to an earlier time', then click next.
You should have a newly created System Checkpoint available. If so, click Cancel. If not, click Back and select 'Create a restore point' then click Next. Give the restore point a name and click next.


That should be all that's necessary. Let me know if there is any other abnormal behavior or further detections.

 

I don't have Spyware Terminator on my computer. Should I be concerned about this? Could it be one of the other Spyware programs I have (SUPERAntiSpyware, Spyware Doctor, Spybot - Search and Destroy)?

 

My apologies. I meant Spyware Doctor. I had just reviewed another with Spyware Terminator.

 

I did everything you asked. That computer seems to be fine. I'm about to check my other computers on the same network...

Do you mind if I post the reports for those, as well? It seems to be better on the computer mentioned above, but getting worse on the other computers.

 

That's would be fine.

 

COMPUTER 2

Logfile of random's system information tool 1.05 (written by random/random)
Run by TigerDistrict at 2008-12-22 19:52:37
Microsoft Windows XP Professional Service Pack 3
System drive C: has 349 GB (91%) free of 382 GB
Total RAM: 1918 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:52:58 PM, on 12/22/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Downlo~1\MyWebEx\319\atnthost.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\Downlo~1\MyWebEx\319\RAAGTAPP.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Common Files\Intuit\Entitlement Client\v5\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\DatabaseServer\QBPOSDBServiceV7.exe
C:\PROGRA~1\Intuit\2QUICK~1\QBDBMgrN.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\DatabaseServer\QBDBMgrN.exe
C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\DatabaseServer\QBDBMgrN.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\UPS\WSTD\UPSNA1Msgr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdater.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Downlo~1\MyWebEx\319\raagtx.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\UPS\WSTD\WSTDMessaging.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\qbpos.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Documents and Settings\TigerDistrict\Local Settings\Temp\jkos-TigerDistrict\binaries\ScanningProcess.exe
C:\Documents and Settings\TigerDistrict\Local Settings\Temp\jkos-TigerDistrict\binaries\ScanningProcess.exe
C:\Documents and Settings\TigerDistrict\Desktop\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\TigerDistrict.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NA1Messenger] C:\UPS\WSTD\UPSNA1Msgr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [IntuitUpdater] "C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdater.exe" /command startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe "
O4 - S-1-5-18 Startup: QuickBooks Remote Access.lnk = ? (User 'SYSTEM')
O4 - S-1-5-18 Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: UPS WorldShip Messaging Utility.lnk = WSTD\WSTDMessaging.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: UPS WorldShip PLD Reminder Utility.lnk = WSTD\wstdPldReminder.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: QuickBooks Remote Access.lnk = ? (User 'Default user')
O4 - .DEFAULT Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (User 'Default user')
O4 - .DEFAULT Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (User 'Default user')
O4 - .DEFAULT Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (User 'Default user')
O4 - .DEFAULT Startup: UPS WorldShip Messaging Utility.lnk = WSTD\WSTDMessaging.exe (User 'Default user')
O4 - .DEFAULT Startup: UPS WorldShip PLD Reminder Utility.lnk = WSTD\wstdPldReminder.exe (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: QuickBooks Remote Access.lnk = ?
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: UPS WorldShip Messaging Utility.lnk = WSTD\WSTDMessaging.exe
O4 - Global Startup: UPS WorldShip PLD Reminder Utility.lnk = WSTD\wstdPldReminder.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://ra.intuit.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1194908459515
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - https://www.netchexonline.net/ActiveX/activexviewer.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: intu-help-qb1 - {9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\2QuickBooks 2008\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbpos - {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - C:\WINDOWS\system32\QBPOSProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: WebEx Remote Access Agent (atnthost) - WebEx Communications, Inc. - C:\WINDOWS\Downlo~1\MyWebEx\319\atnthost.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Intuit Entitlement Service v5 - Intuit, Inc. - C:\Program Files\Common Files\Intuit\Entitlement Client\v5\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: QBPOS Database Manager v7 (QBPOSDBServiceV7) - Intuit Inc. - C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\DatabaseServer\QBPOSDBServiceV7.exe
O23 - Service: QuickBooksDB18 - iAnywhere Solutions, Inc. - C:\PROGRA~1\Intuit\2QUICK~1\QBDBMgrN.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 12233 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-09 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-09 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-09 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon "=C:\WINDOWS\system32\NvCpl.dll [2007-10-04 8491008]
"nwiz "=nwiz.exe /install []
"NvMediaCenter "=C:\WINDOWS\system32\NvMcTray.dll [2007-10-04 81920]
"NA1Messenger "=C:\UPS\WSTD\UPSNA1Msgr.exe [2007-12-13 20480]
"RTHDCPL "=C:\WINDOWS\RTHDCPL.EXE [2007-11-12 16855552]
"Alcmtr "=C:\WINDOWS\ALCMTR.EXE [2007-11-12 69632]
"ClamWin "=C:\Program Files\ClamWin\bin\ClamTray.exe [2008-11-04 86016]
"GrooveMonitor "=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-09 136600]
"AdobeCS4ServiceManager "=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"egui "=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2007-12-21 1443072]
"IntuitUpdater "=C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdater.exe [2007-08-15 38176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-12-16 1506544]
"AdobeUpdater "=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2008-11-11 2356088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
QuickBooks Remote Access.lnk - C:\WINDOWS\Downlo~1\MyWebEx\319\raagtx.exe
QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
UPS WorldShip Messaging Utility.lnk - C:\UPS\WSTD\WSTDMessaging.exe
UPS WorldShip PLD Reminder Utility.lnk - C:\UPS\WSTD\wstdPldReminder.exe

C:\Documents and Settings\TigerDistrict\Start Menu\Programs\Startup
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2007-04-19 294912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"D:\SETUP.EXE "= "D:\SETUP.EXE:*:Enabled:Setup "
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE "= "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook "
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE "= "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove "
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE "= "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote "
"C:\Program Files\Intuit\WH QuickBooks Point of Sale 7.0\qbpos.exe "= "C:\Program Files\Intuit\WH QuickBooks Point of Sale 7.0\qbpos.exe:*:Enabled:QuickBooks Point of Sale 7.0 "
"C:\Program Files\Intuit\WH QuickBooks Point of Sale 7.0\EftSvr.exe "= "C:\Program Files\Intuit\WH QuickBooks Point of Sale 7.0\EftSvr.exe:*:Enabled:EftSvr "
"C:\Program Files\Intuit\WH QuickBooks Point of Sale 7.0\DataImporter.exe "= "C:\Program Files\Intuit\WH QuickBooks Point of Sale 7.0\DataImporter.exe:*:EnabledataImporter "
"C:\Program Files\Intuit\WH QuickBooks Point of Sale 7.0\DatabaseServer\QBDBMgr.exe "= "C:\Program Files\Intuit\WH QuickBooks Point of Sale 7.0\DatabaseServer\QBDBMgr.exe:*:Enabled:QBDBMgr "
"C:\Program Files\Intuit\WH QuickBooks Point of Sale 7.0\DatabaseServer\QBDBMgrN.exe "= "C:\Program Files\Intuit\WH QuickBooks Point of Sale 7.0\DatabaseServer\QBDBMgrN.exe:*:Enabled:QBDBMgrN "
"C:\Program Files\Intuit\WH QuickBooks Point of Sale 7.0\DatabaseServer\QBPOSDBServiceV7.exe "= "C:\Program Files\Intuit\WH QuickBooks Point of Sale 7.0\DatabaseServer\QBPOSDBServiceV7.exe:*:Enabled:QBPOSDBServiceV7 "
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe "= "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*isabled:Apache HTTP Server "
"C:\Program Files\Intuit\2QuickBooks 2008\QBDBMgrN.exe "= "C:\Program Files\Intuit\2QuickBooks 2008\QBDBMgrN.exe:*:Enabled:QuickBooks 2008 Data Manager "
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe "= "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 "
"C:\Program Files\Common Files\Intuit\Entitlement Client\v5\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe "= "C:\Program Files\Common Files\Intuit\Entitlement Client\v5\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe:LocalSubNet:Enabled:Intuit Entitlement Service v5 "
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe "= "C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNetisabled:Intuit Update Shared Downloads Server "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

======List of files/folders created in the last 3 months======

2008-12-22 19:52:39 ----D---- C:\Program Files\trend micro
2008-12-22 19:52:37 ----D---- C:\rsit
2008-12-19 17:48:30 ----D---- C:\WINDOWS\LastGood
2008-12-19 17:48:07 ----D---- C:\Program Files\Panda Security
2008-12-16 13:39:56 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-16 13:39:52 ----D---- C:\Program Files\SUPERAntiSpyware
2008-12-16 13:39:52 ----D---- C:\Documents and Settings\TigerDistrict\Application Data\SUPERAntiSpyware.com
2008-12-16 11:29:02 ----D---- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-12-16 11:28:47 ----D---- C:\Program Files\Security Task Manager
2008-12-16 11:16:01 ----D---- C:\Program Files\Lavasoft
2008-12-16 11:16:00 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-12-16 11:14:56 ----D---- C:\WINDOWS\pss
2008-12-16 11:12:48 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-15 18:14:23 ----D---- C:\Program Files\ESET
2008-12-15 18:14:23 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2008-12-13 03:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-13 03:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-13 03:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-12 03:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-12 03:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-12 03:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-11 16:44:49 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-12-11 16:40:25 ----D---- C:\Documents and Settings\All Users\Application Data\ALM
2008-12-11 16:34:52 ----D---- C:\Program Files\Adobe Media Player
2008-12-11 16:33:34 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-12-11 16:16:10 ----D---- C:\Program Files\Common Files\Macrovision Shared
2008-12-11 16:10:51 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-12-11 16:09:45 ----D---- C:\WINDOWS\Prefetch
2008-12-11 15:59:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-11 15:59:25 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-11 15:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-11 15:58:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-11 15:58:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-11 15:58:24 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-11 15:58:09 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-11 15:57:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-11 15:57:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-11 15:57:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-11 15:57:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-11 15:56:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-11 15:56:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-12-11 15:56:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-11 15:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-11 15:55:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-11 15:55:36 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-11 15:55:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-11 15:52:32 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-12-11 15:52:32 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-12-11 15:52:32 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\credssp.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\azroles.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-12-11 15:52:31 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\onex.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\napstat.exe
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\mssha.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-12-11 15:52:30 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\slserv.exe
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\slgen.dll
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\setupn.exe
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\qutil.dll
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-12-11 15:52:29 ----N---- C:\WINDOWS\system32\qagent.dll
2008-12-11 15:52:28 ----N---- C:\WINDOWS\slrundll.exe
2008-12-11 15:52:28 ----D---- C:\WINDOWS\system32\scripting
2008-12-11 15:52:28 ----D---- C:\WINDOWS\system32\en
2008-12-11 15:52:28 ----D---- C:\WINDOWS\system32\bits
2008-12-11 15:52:28 ----D---- C:\WINDOWS\l2schemas
2008-12-11 15:50:42 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-11 15:48:43 ----A---- C:\WINDOWS\003397_.tmp
2008-12-11 15:47:22 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-09 17:12:56 ----D---- C:\Documents and Settings\TigerDistrict\Application Data\Help
2008-12-09 16:28:14 ----A---- C:\WINDOWS\system32\pcdlib32.dll
2008-12-09 16:28:14 ----A---- C:\WINDOWS\system32\MSVCRT10.DLL
2008-12-09 16:26:19 ----A---- C:\WINDOWS\uninst.exe
2008-12-09 16:13:30 ----D---- C:\Documents and Settings\TigerDistrict\Application Data\OpenOffice.org
2008-12-09 12:00:15 ----D---- C:\Program Files\JRE
2008-12-09 12:00:11 ----D---- C:\Program Files\OpenOffice.org 3
2008-12-09 10:56:46 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-04 11:23:01 ----D---- C:\Program Files\MagicDisc
2008-11-13 03:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2008-11-13 03:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2008-11-04 14:50:07 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-10-30 09:45:48 ----A---- C:\WINDOWS\system32\javaws.exe
2008-10-30 09:45:48 ----A---- C:\WINDOWS\system32\javaw.exe
2008-10-30 09:45:48 ----A---- C:\WINDOWS\system32\java.exe
2008-10-24 02:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-10-22 10:16:05 ----D---- C:\spoolerlogs
2008-10-15 02:00:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-10-15 02:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 02:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-10-15 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-10-15 02:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll

======List of files/folders modified in the last 3 months======

2008-12-22 19:53:00 ----D---- C:\WINDOWS\Temp
2008-12-22 19:52:39 ----RD---- C:\Program Files
2008-12-22 16:55:07 ----D---- C:\Program Files\Mozilla Thunderbird
2008-12-22 15:31:46 ----D---- C:\Program Files\Mozilla Firefox
2008-12-19 17:51:01 ----D---- C:\WINDOWS\system32\drivers
2008-12-19 17:48:32 ----HD---- C:\WINDOWS\inf
2008-12-19 17:48:31 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-19 17:48:30 ----D---- C:\WINDOWS
2008-12-19 10:24:50 ----A---- C:\WINDOWS\wstdUPSWSHIP.INI
2008-12-19 10:17:38 ----D---- C:\WINDOWS\system32\ias
2008-12-18 16:37:19 ----SHD---- C:\WINDOWS\Installer
2008-12-18 16:37:18 ----SHD---- C:\Config.Msi
2008-12-18 16:36:54 ----D---- C:\WINDOWS\system32
2008-12-18 16:36:27 ----RSD---- C:\WINDOWS\assembly
2008-12-18 03:00:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-18 03:00:24 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-17 16:41:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-17 14:55:23 ----D---- C:\Program Files\Intuit
2008-12-17 14:55:23 ----D---- C:\Program Files\Common Files\Intuit
2008-12-17 12:12:45 ----D---- C:\Documents and Settings\All Users\Application Data\Intuit
2008-12-16 12:46:23 ----D---- C:\UPS
2008-12-16 12:41:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-16 12:39:57 ----A---- C:\WINDOWS\ODBC.INI
2008-12-16 12:38:20 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-16 12:33:19 ----D---- C:\Program Files\Common Files
2008-12-16 11:15:17 ----SH---- C:\boot.ini
2008-12-16 11:15:17 ----A---- C:\WINDOWS\win.ini
2008-12-16 11:15:17 ----A---- C:\WINDOWS\system.ini
2008-12-16 11:14:44 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-15 18:15:09 ----A---- C:\163.75_forceware_winxp_32bit_english_whql.exe
2008-12-15 18:11:19 ----RSD---- C:\WINDOWS\Fonts
2008-12-13 03:00:52 ----A---- C:\WINDOWS\imsins.BAK
2008-12-13 00:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 03:02:11 ----D---- C:\Program Files\Internet Explorer
2008-12-11 16:58:18 ----D---- C:\Documents and Settings\TigerDistrict\Application Data\Adobe
2008-12-11 16:42:28 ----D---- C:\WINDOWS\WinSxS
2008-12-11 16:42:05 ----D---- C:\Program Files\Adobe
2008-12-11 16:38:54 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-11 16:38:52 ----D---- C:\Program Files\Common Files\Adobe
2008-12-11 16:10:57 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-11 16:09:51 ----A---- C:\WINDOWS\setuplog.txt
2008-12-11 16:09:18 ----D---- C:\WINDOWS\system32\Setup
2008-12-11 16:09:18 ----D---- C:\WINDOWS\AppPatch
2008-12-11 16:09:17 ----D---- C:\WINDOWS\system32\wbem
2008-12-11 16:09:17 ----D---- C:\WINDOWS\system32\Com
2008-12-11 15:59:50 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-11 15:55:47 ----D---- C:\Program Files\Messenger
2008-12-11 15:55:02 ----D---- C:\WINDOWS\security
2008-12-11 15:52:32 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-11 15:52:32 ----D---- C:\WINDOWS\network diagnostic
2008-12-11 15:52:32 ----D---- C:\WINDOWS\ime
2008-12-11 15:52:32 ----D---- C:\WINDOWS\Help
2008-12-11 15:52:28 ----D---- C:\WINDOWS\system32\usmt
2008-12-11 15:52:28 ----D---- C:\WINDOWS\system32\en-us
2008-12-11 15:52:28 ----D---- C:\WINDOWS\PeerNet
2008-12-11 15:52:28 ----D---- C:\Program Files\Movie Maker
2008-12-11 15:50:36 ----D---- C:\WINDOWS\system32\Restore
2008-12-11 15:50:36 ----D---- C:\WINDOWS\system32\npp
2008-12-11 15:50:36 ----D---- C:\WINDOWS\mui
2008-12-11 15:50:36 ----D---- C:\WINDOWS\msagent
2008-12-11 15:50:35 ----D---- C:\WINDOWS\srchasst
2008-12-11 15:50:34 ----D---- C:\Program Files\NetMeeting
2008-12-11 15:50:33 ----D---- C:\Program Files\Windows NT
2008-12-11 15:50:33 ----D---- C:\Program Files\Windows Media Player
2008-12-11 15:50:32 ----D---- C:\Program Files\Outlook Express
2008-12-11 15:50:31 ----D---- C:\Program Files\Common Files\System
2008-12-11 15:50:23 ----D---- C:\WINDOWS\system32\oobe
2008-12-11 15:50:22 ----D---- C:\WINDOWS\system
2008-12-11 15:48:40 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-11 15:47:21 ----D---- C:\WINDOWS\ehome
2008-12-09 17:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-09 10:56:36 ----D---- C:\Program Files\Java
2008-10-23 06:36:14 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-23 04:06:59 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-10-16 14:38:40 ----A---- C:\WINDOWS\system32\wininet.dll
2008-10-16 14:38:39 ----N---- C:\WINDOWS\system32\occache.dll
2008-10-16 14:38:39 ----N---- C:\WINDOWS\system32\mstime.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\url.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-10-16 14:38:38 ----N---- C:\WINDOWS\system32\msrating.dll
2008-10-16 14:38:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-10-16 14:38:37 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-10-16 14:38:37 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-16 14:38:35 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-10-16 14:38:35 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-10-16 14:38:35 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-10-16 14:38:35 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-10-16 14:38:35 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-10-16 14:38:35 ----A---- C:\WINDOWS\system32\icardie.dll
2008-10-16 14:38:34 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-10-16 14:38:34 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-10-16 14:38:34 ----A---- C:\WINDOWS\system32\advpack.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-16 07:11:09 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2008-10-16 07:11:09 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-10-15 10:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 01:04:53 ----N---- C:\WINDOWS\system32\ieakui.dll
2008-10-03 04:02:42 ----A---- C:\WINDOWS\system32\strmdll.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 33800]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-11-12 21419]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2004-12-15 220928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-12 4620288]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-07-28 116736]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-07-11 20480]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 RT73;USB Wireless 802.11 b/g Adaptor Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2007-10-01 451968]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-10-29 587096]
R2 atnthost;WebEx Remote Access Agent; C:\WINDOWS\Downlo~1\MyWebEx\319\atnthost.exe [2008-01-23 16784]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2006-04-03 20543]
R2 Intuit Entitlement Service v5;Intuit Entitlement Service v5; C:\Program Files\Common Files\Intuit\Entitlement Client\v5\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe [2008-01-29 20480]
R2 IntuitUpdateService;Intuit Update Service; C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [2007-08-15 20480]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-09 152984]
R2 MSSQL$UPSWSDBSERVER;MSSQL$UPSWSDBSERVER; C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe [2005-05-04 9150464]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-07-13 131131]
R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2006-07-13 65599]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-04 155716]
R2 QBCFMonitorService;QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [2008-10-22 20480]
R2 QBPOSDBServiceV7;QBPOS Database Manager v7; C:\Program Files\Intuit\QuickBooks Point of Sale 7.0\DatabaseServer\QBPOSDBServiceV7.exe [2008-05-02 2616144]
R2 QuickBooksDB18;QuickBooksDB18; C:\PROGRA~1\Intuit\2QUICK~1\QBDBMgrN.exe [2006-09-13 128536]
S2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2006-05-12 439248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2007-12-21 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-11 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MSSQL$NR2005;MSSQL$NR2005; C:\Program Files\Microsoft SQL Server\MSSQL$NR2005\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 QBFCService;Intuit QuickBooks FCS; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [2007-05-24 61440]
S3 SQLAgent$NR2005;SQLAgent$NR2005; C:\Program Files\Microsoft SQL Server\MSSQL$NR2005\Binn\sqlagent.EXE [2002-12-17 311872]
S3 SQLAgent$UPSWSDBSERVER;SQLAgent$UPSWSDBSERVER; C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlagent.EXE [2005-05-03 323584]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

 

COMPUTER 2

info.txt logfile of random's system information tool 1.05 2008-12-22 19:53:09

======Uninstall list======

-->MsiExec.exe /I{8ED4E82B-8CEA-40DE-826C-37AC7B941F81}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{447716E9-424F-4DA4-92C3-A52B597E1EC7}\Setup.exe" -l0x9 -remove -s -f1 "C:\Program Files\InstallShield Installation Information\{447716E9-424F-4DA4-92C3-A52B597E1EC7}\setup.iss" -f2 "C:\Program Files\InstallShield Installation Information\{447716E9-424F-4DA4-92C3-A52B597E1EC7}\remove.log" -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DE4AC83-5D22-40C5-B4D1-CC2285C0CAA0}\Setup.exe" -l0x9 -remove -s -f1 "C:\Program Files\InstallShield Installation Information\{8DE4AC83-5D22-40C5-B4D1-CC2285C0CAA0}\setup.iss" -f2 "C:\Program Files\InstallShield Installation Information\{8DE4AC83-5D22-40C5-B4D1-CC2285C0CAA0}\remove.log" -removeonly
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe Creative Suite 4 Master Collection-->C:\Program Files\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02\Setup.exe --uninstall=1
Adobe Creative Suite 4 Master Collection-->MsiExec.exe /I{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Dreamweaver CS4-->MsiExec.exe /I{30C8AA56-4088-426F-91D1-0EDFD3A25678}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe Encore CS4 Codecs-->MsiExec.exe /I{FB2A5FCC-B81B-48C2-A009-7804694D83E9}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{8186E1B9-DDC6-45B6-B9EB-C28947CBC4CF}
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC}
Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Premiere Pro CS4 Third Party Content-->MsiExec.exe /I{C938BE91-3BB5-4B84-9EF6-88F0505D0038}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}
Adobe Soundbooth CS4 Codecs-->MsiExec.exe /I{52232EF4-CC12-4C21-ABCF-ADB79618302D}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Broadcom 802.11 Wireless LAN Adapter--> "C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey= "Software\Broadcom\802.11\UninstallInfo" /rootdir= "C:\Program Files\Broadcom\Broadcom 802.11\Driver "
CCC-->MsiExec.exe /I{95749C5B-BC37-41E3-8D39-EEF4C21A2825}
ClamWin Free Antivirus 0.94.1--> "C:\Program Files\ClamWin\unins000.exe "
Color LaserJet 2600n-->C:\Program Files\Zenographics\{994EDA61-2A75-4FB6-A25D-CC70B1E4C6D8}\setup.exe -u "HPCLJKCInstaller.dll=CLJ2600.INF "
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Data Fax SoftModem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\HXFSETUP.EXE -U -IAsu200Ck.inf
ESET NOD32 Antivirus-->MsiExec.exe /I{57ECFB4D-FE11-491A-9AA0-0AF7C3ABC51D}
FormsComponent-->MsiExec.exe /I{BC728F95-2D3F-4D05-9E1E-F2A3CEBF3FE8}
FOSS-->MsiExec.exe /I{EA9629DA-5715-48BA-B054-28169702B176}
High Definition Audio Driver Package - KB888111--> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe "
HijackThis 2.0.2--> "C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Windows Internet Explorer 7 (KB947864)--> "C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe "
Hotfix for Windows Media Format 11 SDK (KB929399)--> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
Hotfix for Windows Media Player 11 (KB939683)--> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
MagicDisc 2.7.105-->C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
Microsoft .NET Framework 1.1 Hotfix (KB928366)--> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp "
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft Base Smart Card Cryptographic Service Provider Package--> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe "
Microsoft Compression Client Pack 1.0 for Windows XP--> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe "
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007--> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE}
Microsoft SQL Server Desktop Engine (NeatReceipts Professional)-->C:\Program Files\NeatReceipts Professional\UninstallNR2005.exe
Microsoft SQL Server Desktop Engine (UPSWSDBSERVER)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft User-Mode Driver Framework Feature Pack 1.0--> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe "
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.18)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSIChecker-->MsiExec.exe /I{C9D43B38-34AD-4EC2-B696-46F42D49D174}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
NA1Messenger-->MsiExec.exe /I{9376D1C4-434F-40C9-90AC-ED6F22D36F3A}
NA1Messenger-->MsiExec.exe /I{D44E7219-947E-4F1B-830E-66EF11ACC543}
NeatReceipts Professional v2.5.5-->C:\Program Files\NeatReceipts Professional\uninstallNR.exe
Netflix Movie Viewer-->MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}
NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)--> "C:\Program Files\ESET\ESET NOD32 Antivirus\unins000.exe "
NRF-->MsiExec.exe /I{68AF09E3-1167-4771-903C-CCCDCF7E171C}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuide.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1033
OpenOffice.org 3.0-->MsiExec.exe /I{F44DA61E-720D-4E79-871F-F6E628B33242}
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
PolicyManager-->MsiExec.exe /I{56B59C2A-EFB8-44AC-88F5-3280171E4522}
psqlODBC-->MsiExec.exe /I{838E187D-8B7A-473D-B93C-C8E970B15D2B}
QuickBooks Point of Sale 7.0-->MsiExec.exe /I{B5C54F05-F7C0-4F3A-9C3E-2062CF722B3F}
QuickBooks Premier: Retail Edition 2008-->msiexec.exe /I {8ED4E82B-8CEA-40DE-826C-37AC7B941F81} UNIQUE_NAME= "retail" QBFULLNAME= "QuickBooks Premier: Retail Edition 2008" ADDREMOVE=1
QuickBooks Product Listing Service-->MsiExec.exe /I{55584E16-4D70-44EE-93DD-F144E8B7D4B7}
QuickBooks Remote Access-->MsiExec.exe /I{26518E9D-031C-4BF9-907E-B2A91AEB9096}
Ralink Wireless LAN-->C:\Program Files\InstallShield Installation Information\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}\setup.exe -runfromtemp -l0x0009 -removeonly
Ralink Wireless LAN-->C:\Program Files\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Reconciler-->MsiExec.exe /I{5AE59A84-B2F3-42CC-A246-5AF80F6EE770}
ReportServer-->MsiExec.exe /I{33035862-543C-4405-9CC6-08593CF2C25F}
RRU-->MsiExec.exe /I{ED782024-4713-4DD6-85FA-B2B038DE4007}
Security Task Manager 1.7g-->C:\Program Files\Security Task Manager\Uninstal.exe "C:\Documents and Settings\All Users\Start Menu\Programs\Security Task Manager "
Security Update for Windows Internet Explorer 7 (KB938127)--> "C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB939653)--> "C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB942615)--> "C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB944533)--> "C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB950759)--> "C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB953838)--> "C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB956390)--> "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB958215)--> "C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB960714)--> "C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB952069)--> "C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB936782)--> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB954154)--> "C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)--> "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569)--> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950760)--> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376)--> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698)--> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951748)--> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Security Update for Windows XP (KB953839)--> "C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954211)--> "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954459)--> "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954600)--> "C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe "
Security Update for Windows XP (KB955069)--> "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956391)--> "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956802)--> "C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957095)--> "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957097)--> "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958644)--> "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
SUPERAntiSpyware Professional-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
SupportSoft Assisted Service-->MsiExec.exe /I{5A3F6A80-7913-475E-8B96-477A952CFA43}
SupportUtility-->MsiExec.exe /I{C30E30A6-0AB5-470A-AB67-D322938F5429}
System-->MsiExec.exe /I{DB2C58E0-6284-4B48-97F2-22A980B6360B}
Update for Windows XP (KB951072-v2)--> "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe "
Update for Windows XP (KB951978)--> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
Update for Windows XP (KB955839)--> "C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe "
UPS WorldShip-->C:\UPS\WSTD\Uninstall\Uninstall.exe
UPSDB-->MsiExec.exe /I{4AE3EAC8-FAD9-4ECC-A339-BBAD8C72DE71}
UPSICC-->MsiExec.exe /I{390160B4-D276-4A04-8002-8D3101A0D367}
UPSlinkHTTP-->MsiExec.exe /I{E358CC1E-4953-4E27-ADEB-8B27D8BBC20E}
VNC Free Edition 4.1.2--> "C:\Program Files\RealVNC\VNC4\unins000.exe "
WebHelp-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C5BD501-AD5D-4A75-9321-076509B438FC}\Setup.exe" -l0x9 -removeonly
Windows Imaging Component--> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe "
Windows Media Format 11 runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime--> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows Media Format SDK Hotfix - KB891122--> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe "
Windows Media Player 11--> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11--> "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe "
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
WinSCP 4.0.5--> "C:\Program Files\WinSCP\unins000.exe "
WorldShip-->MsiExec.exe /I{2A033A00-FE0D-4609-B0E8-2C49CC494FC8}

======Security center information======

AV: ESET NOD32 Antivirus 3.0 (disabled)
FW: ActiveArmor Firewall (disabled)

System event log

Computer Name: WAREHOUSE1
Event Code: 7035
Message: The HTTP SSL service was successfully sent a start control.

Record Number: 6742
Source Name: Service Control Manager
Time Written: 20080725122317.000000-300
Event Type: information
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: WAREHOUSE1
Event Code: 20192
Message: A certificate could not be found. Connections that use the L2TP protocol over IPSec
require the installation of a machine certificate, also known as a computer
certificate. No L2TP calls will be accepted.

Record Number: 6741
Source Name: RemoteAccess
Time Written: 20080725122317.000000-300
Event Type: warning
User:

Computer Name: WAREHOUSE1
Event Code: 20106
Message: Unable to add the interface {3A3079A5-9BE3-40A9-A6CF-B7F8210DE82C} with the Router Manager for the IP protocol. The
following error occurred: Cannot complete this function.


Record Number: 6740
Source Name: RemoteAccess
Time Written: 20080725122317.000000-300
Event Type: error
User:

Computer Name: WAREHOUSE1
Event Code: 7036
Message: The Universal Plug and Play Device Host service entered the running state.

Record Number: 6739
Source Name: Service Control Manager
Time Written: 20080725122317.000000-300
Event Type: information
User:

Computer Name: WAREHOUSE1
Event Code: 7035
Message: The Universal Plug and Play Device Host service was successfully sent a start control.

Record Number: 6738
Source Name: Service Control Manager
Time Written: 20080725122317.000000-300
Event Type: information
User: NT AUTHORITY\SYSTEM

Application event log

Computer Name: WAREHOUSE1
Event Code: 19011
Message:
Record Number: 3657
Source Name: MSSQL$UPSWSDBSERVER
Time Written: 20080909153424.000000-300
Event Type: warning
User:

Computer Name: WAREHOUSE1
Event Code: 0
Message: Service started successfully.

Record Number: 3656
Source Name: Intuit Update Service
Time Written: 20080909153424.000000-300
Event Type: information
User:

Computer Name: WAREHOUSE1
Event Code: 0
Message: Service started successfully.

Record Number: 3655
Source Name: QBCFMonitorService
Time Written: 20080909153423.000000-300
Event Type: information
User:

Computer Name: WAREHOUSE1
Event Code: 0
Message: Service started successfully.

Record Number: 3654
Source Name: Intuit Entitlement Service v5
Time Written: 20080909153422.000000-300
Event Type: information
User:

Computer Name: WAREHOUSE1
Event Code: 4
Message: QuickBooks: Premier Retail Edition 2008

Record Number: 3653
Source Name: QuickBooks
Time Written: 20080909121813.000000-300
Event Type: error
User:

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Common Files\Intuit\QBPOSSDKRuntime
"windir "=%SystemRoot%
"FP_NO_HOST_CHECK "=NO
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION "=6b02
"NUMBER_OF_PROCESSORS "=2
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP

-----------------EOF-----------------

 

Please run Dr.Web on this computer as outlined here then post the resulting log.

 

Dr Web is still running on Computer 2. In the meantime, I'm sending you all of the stats for Computer 3.

Logfile of random's system information tool 1.05 (written by random/random)
Run by Tigerdistrict3 at 2008-12-22 19:48:30
Microsoft Windows XP Professional Service Pack 2
System drive C: has 27 GB (52%) free of 51 GB
Total RAM: 1918 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:48:34 PM, on 12/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Documents and Settings\Tigerdistrict3\Desktop\RSIT.exe
C:\Program Files\trend micro\Tigerdistrict3.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {766df2c5-8c2b-456e-8b0a-7ca238708e39} - C:\WINDOWS\SYSTEM32\TJXIOQ.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
O4 - HKLM\..\Run: [NA1Messenger] C:\UPS\WSTD\UPSNA1Msgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: UPS WorldShip Messaging Utility.lnk = C:\UPS\WSTD\WSTDMessaging.exe
O4 - Global Startup: UPS WorldShip PLD Reminder Utility.lnk = C:\UPS\WSTD\wstdPldReminder.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1197920083140
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - https://www.netchexonline.net/ActiveX/activexviewer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{96BC7991-4CCF-45F0-A081-F882F6B55DD4}: NameServer = 205.152.132.23
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: ,C:\WINDOWS\system32\hufabaro.dll tjxioq.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe
O23 - Service: COM+ System Application (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe
O23 - Service: QoS RSVP (RSVP) - Unknown owner - C:\WINDOWS\system32\rsvp.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe

--
End of file - 7645 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\yfrhjugv.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-12 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{766df2c5-8c2b-456e-8b0a-7ca238708e39}]
C:\WINDOWS\SYSTEM32\TJXIOQ.DLL [2008-12-16 129024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-12 34816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor "=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-12-16 24064]
"NA1Messenger "=C:\UPS\WSTD\UPSNA1Msgr.exe []
"NvCplDaemon "=C:\WINDOWS\system32\NvCpl.dll [2007-10-04 8491008]
"nwiz "=nwiz.exe /install []
"NvMediaCenter "=C:\WINDOWS\system32\NvMcTray.dll [2007-10-04 81920]
"RTHDCPL "=C:\WINDOWS\RTHDCPL.EXE [2008-12-16 16857088]
"Alcmtr "=C:\WINDOWS\ALCMTR.EXE [2008-12-15 69632]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-12-15 34304]
"QuickTime Task "=C:\Program Files\QuickTime\qttask.exe [2008-12-15 413696]
"ClamWin "=C:\Program Files\ClamWin\bin\ClamTray.exe [2008-12-16 86016]
"SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-16 131072]
"egui "=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2007-12-21 1443072]
"iTunesHelper "=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-12-16 15360]
"SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-12-16 1809648]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
UPS WorldShip Messaging Utility.lnk - C:\UPS\WSTD\WSTDMessaging.exe
UPS WorldShip PLD Reminder Utility.lnk - C:\UPS\WSTD\wstdPldReminder.exe

C:\Documents and Settings\Tigerdistrict3\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS "= ",C:\WINDOWS\system32\hufabaro.dll tjxioq.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2008-12-16 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages "=msv1_0
C:\WINDOWS\system32\opnmLBQH
"notification packages "=scecli
C:\WINDOWS\system32\hufabaro.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE "= "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook "
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE "= "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove "
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE "= "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote "
"C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe "= "C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe:*:Enabled:UPS WorldShip MSDE "
"D:\SETUP.EXE "= "D:\SETUP.EXE:*:Enabled:Setup "
"C:\WINDOWS\system32\spoolsv.exe "= "C:\WINDOWS\system32\spoolsv.exe:*isabled:Spooler SubSystem App "
"C:\Program Files\Bonjour\mDNSResponder.exe "= "C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour "
"C:\Program Files\WinSCP\WinSCP.exe "= "C:\Program Files\WinSCP\WinSCP.exe:*:Enabled:Windows SFTP, FTP and SCP client "
"C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe "= "C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe:*:Enabledreamweaver MX "
"C:\WINDOWS\explorer.exe "= "C:\WINDOWS\explorer.exe:*:Enabled:explorer "
"C:\WINDOWS\system32\rundll32.exe "= "C:\WINDOWS\system32\rundll32.exe:*:Enabled:rundll32 "
"C:\WINDOWS\system32\logonui.exe "= "C:\WINDOWS\system32\logonui.exe:*:Enabled:logonui "
"C:\WINDOWS\system32\winlogon.exe "= "C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon "
"C:\Program Files\iTunes\iTunes.exe "= "C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\CDStart.Exe
shell\Install\command - D:\Stub.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d40a8112-ac8f-11dc-a685-806d6172696f}]
shell\AutoRun\command - I:\autorun.exe index.html


======File associations======

.js - open - "C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1 "

======List of files/folders created in the last 3 months======

2008-12-22 19:48:30 ----D---- C:\rsit
2008-12-22 19:48:30 ----D---- C:\Program Files\trend micro
2008-12-22 15:37:28 ----A---- C:\WINDOWS\system32\symant.dll
2008-12-17 16:50:04 ----A---- C:\WINDOWS\system32\InstallBackup.txt
2008-12-17 16:50:04 ----A---- C:\WINDOWS\system32\Install_10.0.40.txt
2008-12-16 16:31:30 ----D---- C:\Program Files\iPod
2008-12-16 16:31:28 ----D---- C:\Program Files\iTunes
2008-12-16 16:31:28 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-16 15:10:58 ----D---- C:\Documents and Settings\All Users\Application Data\WinZipSE
2008-12-16 15:10:57 ----D---- C:\Program Files\WinZip Self-Extractor
2008-12-16 13:01:18 ----D---- C:\Program Files\Webtools
2008-12-16 13:01:06 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-16 13:00:58 ----D---- C:\Program Files\SUPERAntiSpyware
2008-12-16 13:00:56 ----D---- C:\Documents and Settings\Tigerdistrict3\Application Data\SUPERAntiSpyware.com
2008-12-16 12:58:16 ----N---- C:\WINDOWS\system32\tjxioq.dll
2008-12-16 12:57:32 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-16 12:56:49 ----SHD---- C:\Config.Msi
2008-12-16 12:56:33 ----D---- C:\Program Files\Mjcore
2008-12-16 12:55:49 ----A---- C:\WINDOWS\system32\rsqaoldj.dll
2008-12-16 03:40:24 ----SH---- C:\WINDOWS\system32\pafigewi.exe
2008-12-15 17:59:59 ----D---- C:\Program Files\Panda Security
2008-12-15 17:24:42 ----SHD---- C:\WINDOWS\CSC
2008-12-15 17:24:36 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-15 17:21:04 ----D---- C:\Program Files\ESET
2008-12-15 17:21:04 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2008-12-15 17:18:25 ----D---- C:\Documents and Settings\Tigerdistrict3\Application Data\WinRAR
2008-12-15 17:18:10 ----D---- C:\Program Files\WinRAR
2008-12-12 13:36:01 ----N---- C:\WINDOWS\system32\xgocppyo.dll
2008-12-12 09:54:40 ----D---- C:\WINDOWS\Sun
2008-12-12 09:53:09 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-12 09:53:09 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-12 09:53:09 ----A---- C:\WINDOWS\system32\java.exe
2008-12-12 09:53:09 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-12 09:52:58 ----D---- C:\Program Files\Java
2008-12-12 09:51:44 ----D---- C:\Documents and Settings\Tigerdistrict3\Application Data\Sun
2008-12-11 13:37:43 ----N---- C:\WINDOWS\system32\fyvrkexb.dll
2008-12-10 11:35:59 ----D---- C:\Documents and Settings\Tigerdistrict3\Application Data\.clamwin
2008-12-10 11:35:53 ----D---- C:\Program Files\ClamWin
2008-12-10 10:34:12 ----SHD---- C:\WINDOWS\VGlnZXJEaXN0cmljdDM
2008-12-10 10:34:03 ----D---- C:\WINDOWS\system32\ki3
2008-12-10 10:34:03 ----D---- C:\WINDOWS\system32\in
2008-12-10 10:34:03 ----D---- C:\WINDOWS\system32\C
2008-12-10 10:24:52 ----A---- C:\WINDOWS\system32\a38c05a8-.txt
2008-12-10 10:24:30 ----ASH---- C:\WINDOWS\system32\HQBLmnpo.ini2
2008-12-10 10:24:30 ----ASH---- C:\WINDOWS\system32\HQBLmnpo.ini
2008-12-10 10:19:23 ----A---- C:\WINDOWS\system32\prunnet.exe
2008-11-12 17:03:59 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 17:03:54 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-10-27 12:25:46 ----D---- C:\Program Files\Common Files\Macromedia
2008-10-27 12:25:18 ----D---- C:\Program Files\Macromedia
2008-10-24 15:51:09 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-20 14:50:29 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-10-20 09:04:42 ----D---- C:\Program Files\Safari
2008-10-16 02:00:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 02:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 02:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 02:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-16 02:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll
2008-09-26 09:48:22 ----D---- C:\Documents and Settings\Tigerdistrict3\Application Data\Sony Corporation
2008-09-26 09:45:30 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-09-26 09:45:30 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-09-26 09:45:30 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-09-26 09:45:30 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-09-26 09:45:30 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-09-26 09:45:26 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-09-26 09:45:26 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-09-26 09:45:26 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-09-26 09:45:25 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-09-26 09:45:25 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-09-26 09:45:25 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-09-26 09:45:25 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-09-26 09:45:25 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-09-26 09:45:25 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-09-26 09:45:23 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-09-26 09:44:37 ----A---- C:\WINDOWS\system32\vxblock.dll
2008-09-26 09:44:37 ----A---- C:\WINDOWS\system32\PxInsI64.exe
2008-09-26 09:44:37 ----A---- C:\WINDOWS\system32\PxInsA64.exe
2008-09-26 09:44:37 ----A---- C:\WINDOWS\system32\pxhpinst.exe
2008-09-26 09:44:37 ----A---- C:\WINDOWS\system32\PxCpyI64.exe
2008-09-26 09:44:37 ----A---- C:\WINDOWS\system32\PxCpyA64.exe
2008-09-26 09:39:47 ----D---- C:\Program Files\Sony
2008-09-24 08:52:44 ----D---- C:\WINDOWS\system32\CatRoot_bak

======List of files/folders modified in the last 3 months======

2008-12-22 19:48:30 ----RD---- C:\Program Files
2008-12-22 19:47:47 ----D---- C:\WINDOWS\Prefetch
2008-12-22 19:33:54 ----D---- C:\Program Files\Mozilla Firefox
2008-12-22 19:23:09 ----D---- C:\WINDOWS\Temp
2008-12-22 19:13:28 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-22 17:17:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-22 16:36:01 ----D---- C:\WINDOWS\system32
2008-12-22 10:09:30 ----D---- C:\Program Files\Mozilla Thunderbird
2008-12-19 17:53:01 ----D---- C:\WINDOWS\system32\drivers
2008-12-17 16:51:03 ----D---- C:\WINDOWS
2008-12-17 16:51:03 ----D---- C:\Program Files\Common Files
2008-12-16 16:32:01 ----SHD---- C:\WINDOWS\Installer
2008-12-16 12:52:13 ----A---- C:\WINDOWS\winhlp32.exe
2008-12-16 12:52:12 ----A---- C:\WINDOWS\twunk_32.exe
2008-12-16 12:52:11 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-12-16 12:52:08 ----A---- C:\WINDOWS\system32\xcopy.exe
2008-12-16 12:52:07 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2008-12-16 12:52:07 ----A---- C:\WINDOWS\system32\WudfHost.exe
2008-12-16 12:52:06 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-16 12:52:05 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-16 12:52:05 ----A---- C:\WINDOWS\system32\wscript.exe
2008-12-16 12:52:04 ----A---- C:\WINDOWS\system32\write.exe
2008-12-16 12:52:04 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2008-12-16 12:52:03 ----A---- C:\WINDOWS\system32\wpdshextautoplay.exe
2008-12-16 12:52:02 ----A---- C:\WINDOWS\system32\wpabaln.exe
2008-12-16 12:52:00 ----A---- C:\WINDOWS\system32\WISPTIS.EXE
2008-12-16 12:51:59 ----A---- C:\WINDOWS\system32\winver.exe
2008-12-16 12:51:59 ----A---- C:\WINDOWS\system32\winmsd.exe
2008-12-16 12:51:58 ----A---- C:\WINDOWS\system32\winmine.exe
2008-12-16 12:51:58 ----A---- C:\WINDOWS\system32\winhlp32.exe
2008-12-16 12:51:57 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2008-12-16 12:51:57 ----A---- C:\WINDOWS\system32\winchat.exe
2008-12-16 12:51:56 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2008-12-16 12:51:55 ----A---- C:\WINDOWS\system32\WgaTray.exe
2008-12-16 12:51:55 ----A---- C:\WINDOWS\system32\wextract.exe
2008-12-16 12:51:54 ----A---- C:\WINDOWS\system32\wdfmgr.exe
2008-12-16 12:51:53 ----D---- C:\WINDOWS\system32\wbem
2008-12-16 12:51:45 ----A---- C:\WINDOWS\system32\w32tm.exe
2008-12-16 12:51:44 ----A---- C:\WINDOWS\system32\vssvc.exe
2008-12-16 12:51:44 ----A---- C:\WINDOWS\system32\vssadmin.exe
2008-12-16 12:51:43 ----A---- C:\WINDOWS\system32\verifier.exe
2008-12-16 12:51:42 ----A---- C:\WINDOWS\system32\uwdf.exe
2008-12-16 12:51:42 ----A---- C:\WINDOWS\system32\utilman.exe
2008-12-16 12:51:41 ----A---- C:\WINDOWS\system32\usrshuta.exe
2008-12-16 12:51:41 ----A---- C:\WINDOWS\system32\usrprbda.exe
2008-12-16 12:51:40 ----A---- C:\WINDOWS\system32\usrmlnka.exe
2008-12-16 12:51:39 ----D---- C:\WINDOWS\system32\usmt
2008-12-16 12:51:37 ----D---- C:\WINDOWS\system32\URTTemp
2008-12-16 12:51:37 ----A---- C:\WINDOWS\system32\ups.exe
2008-12-16 12:51:36 ----A---- C:\WINDOWS\system32\upnpcont.exe
2008-12-16 12:51:35 ----A---- C:\WINDOWS\system32\unlodctr.exe
2008-12-16 12:51:35 ----A---- C:\WINDOWS\system32\tzchange.exe
2008-12-16 12:51:34 ----A---- C:\WINDOWS\system32\typeperf.exe
2008-12-16 12:51:33 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-16 12:51:33 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-16 12:51:32 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-16 12:51:32 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-12-16 12:51:31 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-16 12:51:30 ----A---- C:\WINDOWS\system32\tracert6.exe
2008-12-16 12:51:30 ----A---- C:\WINDOWS\system32\tracert.exe
2008-12-16 12:51:30 ----A---- C:\WINDOWS\system32\tracerpt.exe
2008-12-16 12:51:29 ----A---- C:\WINDOWS\system32\tourstart.exe
2008-12-16 12:51:29 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2008-12-16 12:51:28 ----A---- C:\WINDOWS\system32\tlntsess.exe
2008-12-16 12:51:28 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2008-12-16 12:51:27 ----A---- C:\WINDOWS\system32\tftp.exe
2008-12-16 12:51:27 ----A---- C:\WINDOWS\system32\telnet.exe
2008-12-16 12:51:26 ----A---- C:\WINDOWS\system32\tcpsvcs.exe
2008-12-16 12:51:26 ----A---- C:\WINDOWS\system32\tcmsetup.exe
2008-12-16 12:51:25 ----A---- C:\WINDOWS\system32\taskmgr.exe
2008-12-16 12:51:25 ----A---- C:\WINDOWS\system32\taskman.exe
2008-12-16 12:51:24 ----A---- C:\WINDOWS\system32\tasklist.exe
2008-12-16 12:51:24 ----A---- C:\WINDOWS\system32\taskkill.exe
2008-12-16 12:51:23 ----A---- C:\WINDOWS\system32\systray.exe
2008-12-16 12:51:23 ----A---- C:\WINDOWS\system32\systeminfo.exe
2008-12-16 12:51:22 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2008-12-16 12:51:21 ----A---- C:\WINDOWS\system32\syskey.exe
2008-12-16 12:51:20 ----A---- C:\WINDOWS\system32\syncapp.exe
2008-12-16 12:51:20 ----A---- C:\WINDOWS\system32\subst.exe
2008-12-16 12:51:19 ----A---- C:\WINDOWS\system32\stimon.exe
2008-12-16 12:51:18 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-16 12:51:18 ----A---- C:\WINDOWS\system32\sprestrt.exe
2008-12-16 12:51:17 ----A---- C:\WINDOWS\system32\spoolsv.exe
2008-12-16 12:51:09 ----A---- C:\WINDOWS\system32\spnpinst.exe
2008-12-16 12:51:08 ----A---- C:\WINDOWS\system32\spiisupd.exe
2008-12-16 12:51:08 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-16 12:51:07 ----A---- C:\WINDOWS\system32\sort.exe
2008-12-16 12:51:07 ----A---- C:\WINDOWS\system32\sol.exe
2008-12-16 12:51:06 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-12-16 12:51:06 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-12-16 12:51:05 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2008-12-16 12:51:05 ----A---- C:\WINDOWS\system32\smbinst.exe
2008-12-16 12:51:04 ----A---- C:\WINDOWS\system32\skeys.exe
2008-12-16 12:51:04 ----A---- C:\WINDOWS\system32\sigverif.exe
2008-12-16 12:51:03 ----A---- C:\WINDOWS\system32\shutdown.exe
2008-12-16 12:51:02 ----A---- C:\WINDOWS\system32\shrpubw.exe
2008-12-16 12:51:02 ----A---- C:\WINDOWS\system32\shmgrate.exe
2008-12-16 12:51:01 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-16 12:51:00 ----A---- C:\WINDOWS\system32\sfc.exe
2008-12-16 12:51:00 ----A---- C:\WINDOWS\system32\setup.exe
2008-12-16 12:50:59 ----A---- C:\WINDOWS\system32\sethc.exe
2008-12-16 12:50:59 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-16 12:50:58 ----A---- C:\WINDOWS\system32\secedit.exe
2008-12-16 12:50:57 ----A---- C:\WINDOWS\system32\sdbinst.exe
2008-12-16 12:50:57 ----A---- C:\WINDOWS\system32\schtasks.exe
2008-12-16 12:50:56 ----A---- C:\WINDOWS\system32\scardsvr.exe
2008-12-16 12:50:56 ----A---- C:\WINDOWS\system32\sc.exe
2008-12-16 12:50:55 ----A---- C:\WINDOWS\system32\savedump.exe
2008-12-16 12:50:55 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-16 12:50:54 ----A---- C:\WINDOWS\system32\runonce.exe
2008-12-16 12:50:54 ----A---- C:\WINDOWS\system32\rundll32.exe
2008-12-16 12:50:53 ----A---- C:\WINDOWS\system32\runas.exe
2008-12-16 12:50:53 ----A---- C:\WINDOWS\system32\rtcshare.exe
2008-12-16 12:50:52 ----A---- C:\WINDOWS\system32\rsvp.exe
2008-12-16 12:50:52 ----A---- C:\WINDOWS\system32\rsopprov.exe
2008-12-16 12:50:51 ----A---- C:\WINDOWS\system32\rsnotify.exe
2008-12-16 12:50:51 ----A---- C:\WINDOWS\system32\rsmui.exe
2008-12-16 12:50:50 ----A---- C:\WINDOWS\system32\rsmsink.exe
2008-12-16 12:50:50 ----A---- C:\WINDOWS\system32\rsm.exe
2008-12-16 12:50:49 ----A---- C:\WINDOWS\system32\rsh.exe
2008-12-16 12:50:49 ----A---- C:\WINDOWS\system32\routemon.exe
2008-12-16 12:50:48 ----A---- C:\WINDOWS\system32\route.exe
2008-12-16 12:50:47 ----D---- C:\WINDOWS\system32\Restore
2008-12-16 12:50:47 ----A---- C:\WINDOWS\system32\rexec.exe
2008-12-16 12:50:46 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-16 12:50:45 ----A---- C:\WINDOWS\system32\replace.exe
2008-12-16 12:50:45 ----A---- C:\WINDOWS\system32\relog.exe
2008-12-16 12:50:44 ----A---- C:\WINDOWS\system32\regwiz.exe
2008-12-16 12:50:44 ----A---- C:\WINDOWS\system32\regsvr32.exe
2008-12-16 12:50:43 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-16 12:50:43 ----A---- C:\WINDOWS\system32\regedt32.exe
2008-12-16 12:50:42 ----A---- C:\WINDOWS\system32\reg.exe
2008-12-16 12:50:42 ----A---- C:\WINDOWS\system32\recover.exe
2008-12-16 12:50:41 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-16 12:50:41 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-16 12:50:40 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-16 12:50:40 ----A---- C:\WINDOWS\system32\rcp.exe
2008-12-16 12:50:39 ----A---- C:\WINDOWS\system32\rcimlby.exe
2008-12-16 12:50:39 ----A---- C:\WINDOWS\system32\rasphone.exe
2008-12-16 12:50:38 ----A---- C:\WINDOWS\system32\rasdial.exe
2008-12-16 12:50:38 ----A---- C:\WINDOWS\system32\rasautou.exe
2008-12-16 12:50:37 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-16 12:50:36 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-16 12:50:35 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-16 12:50:32 ----A---- C:\WINDOWS\system32\proxycfg.exe
2008-12-16 12:50:32 ----A---- C:\WINDOWS\system32\proquota.exe
2008-12-16 12:50:31 ----A---- C:\WINDOWS\system32\progman.exe
2008-12-16 12:50:31 ----A---- C:\WINDOWS\system32\print.exe
2008-12-16 12:50:30 ----A---- C:\WINDOWS\system32\powercfg.exe
2008-12-16 12:50:29 ----A---- C:\WINDOWS\system32\ping6.exe
2008-12-16 12:50:29 ----A---- C:\WINDOWS\system32\ping.exe
2008-12-16 12:50:28 ----A---- C:\WINDOWS\system32\perfmon.exe
2008-12-16 12:50:28 ----A---- C:\WINDOWS\system32\pentnt.exe
2008-12-16 12:50:27 ----A---- C:\WINDOWS\system32\pathping.exe
2008-12-16 12:50:27 ----A---- C:\WINDOWS\system32\packager.exe
2008-12-16 12:50:26 ----A---- C:\WINDOWS\system32\osuninst.exe
2008-12-16 12:50:26 ----A---- C:\WINDOWS\system32\osk.exe
2008-12-16 12:50:25 ----A---- C:\WINDOWS\system32\openfiles.exe
2008-12-16 12:50:24 ----D---- C:\WINDOWS\system32\oobe
2008-12-16 12:50:22 ----A---- C:\WINDOWS\system32\odbcconf.exe
2008-12-16 12:50:22 ----A---- C:\WINDOWS\system32\odbcad32.exe
2008-12-16 12:50:21 ----A---- C:\WINDOWS\system32\nwscript.exe
2008-12-16 12:50:20 ----A---- C:\WINDOWS\system32\nvunrm.exe
2008-12-16 12:50:19 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-12-16 12:50:19 ----A---- C:\WINDOWS\system32\nvuide.exe
2008-12-16 12:50:18 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-12-16 12:50:18 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2008-12-16 12:50:17 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2008-12-16 12:50:16 ----A---- C:\WINDOWS\system32\nvcplui.exe
2008-12-16 12:50:15 ----A---- C:\WINDOWS\system32\nvcolor.exe
2008-12-16 12:50:15 ----A---- C:\WINDOWS\system32\nvappbar.exe
2008-12-16 12:50:14 ----A---- C:\WINDOWS\system32\ntvdm.exe
2008-12-16 12:50:13 ----A---- C:\WINDOWS\system32\ntsd.exe
2008-12-16 12:50:12 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-12-16 12:50:12 ----A---- C:\WINDOWS\system32\ntbackup.exe
2008-12-16 12:50:11 ----A---- C:\WINDOWS\system32\nslookup.exe
2008-12-16 12:50:10 ----D---- C:\WINDOWS\system32\npp
2008-12-16 12:50:10 ----A---- C:\WINDOWS\system32\notepad.exe
2008-12-16 12:50:09 ----A---- C:\WINDOWS\system32\netstat.exe
2008-12-16 12:50:09 ----A---- C:\WINDOWS\system32\netsh.exe
2008-12-16 12:50:08 ----A---- C:\WINDOWS\system32\netsetup.exe
2008-12-16 12:50:07 ----A---- C:\WINDOWS\system32\netdde.exe
2008-12-16 12:50:07 ----A---- C:\WINDOWS\system32\net1.exe
2008-12-16 12:50:06 ----A---- C:\WINDOWS\system32\net.exe
2008-12-16 12:50:06 ----A---- C:\WINDOWS\system32\nddeapir.exe
2008-12-16 12:50:05 ----A---- C:\WINDOWS\system32\nbtstat.exe
2008-12-16 12:50:05 ----A---- C:\WINDOWS\system32\narrator.exe
2008-12-16 12:50:00 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-16 12:50:00 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-16 12:49:59 ----A---- C:\WINDOWS\system32\msswchx.exe
2008-12-16 12:49:58 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-12-16 12:49:57 ----A---- C:\WINDOWS\system32\msiexec.exe
2008-12-16 12:49:56 ----A---- C:\WINDOWS\system32\mshta.exe
2008-12-16 12:49:56 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-12-16 12:49:55 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-16 12:49:55 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2008-12-16 12:49:54 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-16 12:49:53 ----A---- C:\WINDOWS\system32\mrinfo.exe
2008-12-16 12:49:52 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
2008-12-16 12:49:52 ----A---- C:\WINDOWS\system32\mqsvc.exe
2008-12-16 12:49:51 ----A---- C:\WINDOWS\system32\mqbkup.exe
2008-12-16 12:49:50 ----A---- C:\WINDOWS\system32\mpnotify.exe
2008-12-16 12:49:50 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-12-16 12:49:49 ----A---- C:\WINDOWS\system32\mountvol.exe
2008-12-16 12:49:49 ----A---- C:\WINDOWS\system32\mobsync.exe
2008-12-16 12:49:48 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-16 12:49:47 ----A---- C:\WINDOWS\system32\mmc.exe
2008-12-16 12:49:47 ----A---- C:\WINDOWS\system32\migpwd.exe
2008-12-16 12:49:45 ----A---- C:\WINDOWS\system32\makecab.exe
2008-12-16 12:49:45 ----A---- C:\WINDOWS\system32\magnify.exe
2008-12-16 12:49:41 ----A---- C:\WINDOWS\system32\lpr.exe
2008-12-16 12:49:41 ----A---- C:\WINDOWS\system32\lpq.exe
2008-12-16 12:49:40 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-16 12:49:40 ----A---- C:\WINDOWS\system32\logman.exe
2008-12-16 12:49:39 ----A---- C:\WINDOWS\system32\logagent.exe
2008-12-16 12:49:39 ----A---- C:\WINDOWS\system32\lodctr.exe
2008-12-16 12:49:38 ----A---- C:\WINDOWS\system32\locator.exe
2008-12-16 12:49:38 ----A---- C:\WINDOWS\system32\lnkstub.exe
2008-12-16 12:49:37 ----A---- C:\WINDOWS\system32\lights.exe
2008-12-16 12:49:36 ----A---- C:\WINDOWS\system32\label.exe
2008-12-16 12:49:35 ----A---- C:\WINDOWS\system32\keystone.exe
2008-12-16 12:49:31 ----A---- C:\WINDOWS\system32\ipxroute.exe
2008-12-16 12:49:30 ----A---- C:\WINDOWS\system32\ipv6.exe
2008-12-16 12:49:30 ----A---- C:\WINDOWS\system32\ipsec6.exe
2008-12-16 12:49:29 ----A---- C:\WINDOWS\system32\ipconfig.exe
2008-12-16 12:49:28 ----A---- C:\WINDOWS\system32\imapi.exe
2008-12-16 12:49:27 ----A---- C:\WINDOWS\system32\iexpress.exe
2008-12-16 12:49:26 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-12-16 12:49:26 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-12-16 12:49:24 ----A---- C:\WINDOWS\system32\hostname.exe
2008-12-16 12:49:24 ----A---- C:\WINDOWS\system32\help.exe
2008-12-16 12:49:23 ----A---- C:\WINDOWS\system32\HdAShCut.exe
2008-12-16 12:49:22 ----A---- C:\WINDOWS\system32\grpconv.exe
2008-12-16 12:49:22 ----A---- C:\WINDOWS\system32\gpupdate.exe
2008-12-16 12:49:21 ----A---- C:\WINDOWS\system32\gpresult.exe
2008-12-16 12:49:21 ----A---- C:\WINDOWS\system32\getmac.exe
2008-12-16 12:49:20 ----A---- C:\WINDOWS\system32\GetHostIP.exe
2008-12-16 12:49:19 ----A---- C:\WINDOWS\system32\ftp.exe
2008-12-16 12:49:19 ----A---- C:\WINDOWS\system32\fsutil.exe
2008-12-16 12:49:18 ----A---- C:\WINDOWS\system32\fsquirt.exe
2008-12-16 12:49:18 ----A---- C:\WINDOWS\system32\freecell.exe
2008-12-16 12:49:17 ----A---- C:\WINDOWS\system32\forcedos.exe
2008-12-16 12:49:17 ----A---- C:\WINDOWS\system32\fontview.exe
2008-12-16 12:49:16 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-12-16 12:49:16 ----A---- C:\WINDOWS\system32\fixmapi.exe
2008-12-16 12:49:15 ----A---- C:\WINDOWS\system32\finger.exe
2008-12-16 12:49:15 ----A---- C:\WINDOWS\system32\findstr.exe
2008-12-16 12:49:14 ----A---- C:\WINDOWS\system32\find.exe
2008-12-16 12:49:14 ----A---- C:\WINDOWS\system32\fc.exe
2008-12-16 12:49:13 ----A---- C:\WINDOWS\system32\extrac32.exe
2008-12-16 12:49:13 ----A---- C:\WINDOWS\system32\expand.exe
2008-12-16 12:49:12 ----A---- C:\WINDOWS\system32\eventvwr.exe
2008-12-16 12:49:12 ----A---- C:\WINDOWS\system32\eventtriggers.exe
2008-12-16 12:49:11 ----A---- C:\WINDOWS\system32\eventcreate.exe
2008-12-16 12:49:11 ----A---- C:\WINDOWS\system32\eudcedit.exe
2008-12-16 12:49:10 ----A---- C:\WINDOWS\system32\esentutl.exe
2008-12-16 12:49:09 ----A---- C:\WINDOWS\system32\dxdiag.exe
2008-12-16 12:49:08 ----A---- C:\WINDOWS\system32\dwwin.exe
2008-12-16 12:49:07 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2008-12-16 12:49:07 ----A---- C:\WINDOWS\system32\dvdplay.exe
2008-12-16 12:49:06 ----A---- C:\WINDOWS\system32\dumprep.exe
2008-12-16 12:49:06 ----A---- C:\WINDOWS\system32\drwtsn32.exe
2008-12-16 12:49:05 ----A---- C:\WINDOWS\system32\drmupgds.exe
2008-12-16 12:48:59 ----A---- C:\WINDOWS\system32\driverquery.exe
2008-12-16 12:48:59 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2008-12-16 12:48:58 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2008-12-16 12:48:58 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2008-12-16 12:48:57 ----A---- C:\WINDOWS\system32\doskey.exe
2008-12-16 12:48:57 ----A---- C:\WINDOWS\system32\dns-sd.exe
2008-12-16 12:48:56 ----A---- C:\WINDOWS\system32\dmremote.exe
2008-12-16 12:48:56 ----A---- C:\WINDOWS\system32\dmadmin.exe
2008-12-16 12:48:55 ----A---- C:\WINDOWS\system32\dllhst3g.exe
2008-12-16 12:48:55 ----A---- C:\WINDOWS\system32\dllhost.exe
2008-12-16 12:48:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-16 12:44:15 ----A---- C:\WINDOWS\system32\diskperf.exe
2008-12-16 12:44:15 ----A---- C:\WINDOWS\system32\diskpart.exe
2008-12-16 12:44:14 ----A---- C:\WINDOWS\system32\diantz.exe
2008-12-16 12:44:13 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2008-12-16 12:44:13 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2008-12-16 12:44:12 ----A---- C:\WINDOWS\system32\defrag.exe
2008-12-16 12:44:12 ----A---- C:\WINDOWS\system32\ddeshare.exe
2008-12-16 12:44:11 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-16 12:44:09 ----A---- C:\WINDOWS\system32\ctfmon.exe
2008-12-16 12:44:08 ----A---- C:\WINDOWS\system32\cscript.exe
2008-12-16 12:44:07 ----A---- C:\WINDOWS\system32\convert.exe
2008-12-16 12:44:07 ----A---- C:\WINDOWS\system32\control.exe
2008-12-16 12:44:06 ----A---- C:\WINDOWS\system32\conime.exe
2008-12-16 12:44:04 ----A---- C:\WINDOWS\system32\compact.exe
2008-12-16 12:44:03 ----D---- C:\WINDOWS\system32\Com
2008-12-16 12:44:03 ----A---- C:\WINDOWS\system32\comp.exe
2008-12-16 12:44:02 ----A---- C:\WINDOWS\system32\cmstp.exe
2008-12-16 12:44:01 ----A---- C:\WINDOWS\system32\cmmon32.exe
2008-12-16 12:44:01 ----A---- C:\WINDOWS\system32\cmdl32.exe
2008-12-16 12:44:00 ----A---- C:\WINDOWS\system32\cmd.exe
2008-12-16 12:44:00 ----A---- C:\WINDOWS\system32\clipsrv.exe
2008-12-16 12:43:59 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-12-16 12:43:59 ----A---- C:\WINDOWS\system32\cliconfg.exe
2008-12-16 12:43:58 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2008-12-16 12:43:58 ----A---- C:\WINDOWS\system32\ckcnv.exe
2008-12-16 12:43:57 ----A---- C:\WINDOWS\system32\cisvc.exe
2008-12-16 12:43:57 ----A---- C:\WINDOWS\system32\cipher.exe
2008-12-16 12:43:56 ----A---- C:\WINDOWS\system32\cidaemon.exe
2008-12-16 12:43:56 ----A---- C:\WINDOWS\system32\chkntfs.exe
2008-12-16 12:43:55 ----A---- C:\WINDOWS\system32\chkdsk.exe
2008-12-16 12:43:55 ----A---- C:\WINDOWS\system32\ChCfg.exe
2008-12-16 12:43:54 ----A---- C:\WINDOWS\system32\charmap.exe
2008-12-16 12:43:51 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2008-12-16 12:43:51 ----A---- C:\WINDOWS\system32\calc.exe
2008-12-16 12:43:50 ----A---- C:\WINDOWS\system32\cacls.exe
2008-12-16 12:43:50 ----A---- C:\WINDOWS\system32\bootvrfy.exe
2008-12-16 12:43:49 ----A---- C:\WINDOWS\system32\bootok.exe
2008-12-16 12:43:49 ----A---- C:\WINDOWS\system32\bootcfg.exe
2008-12-16 12:43:48 ----A---- C:\WINDOWS\system32\blastcln.exe
2008-12-16 12:43:47 ----A---- C:\WINDOWS\system32\autolfn.exe
2008-12-16 12:43:47 ----A---- C:\WINDOWS\system32\autofmt.exe
2008-12-16 12:43:46 ----A---- C:\WINDOWS\system32\autoconv.exe
2008-12-16 12:43:46 ----A---- C:\WINDOWS\system32\autochk.exe
2008-12-16 12:43:45 ----A---- C:\WINDOWS\system32\auditusr.exe
2008-12-16 12:43:45 ----A---- C:\WINDOWS\system32\attrib.exe
2008-12-16 12:43:44 ----A---- C:\WINDOWS\system32\atmadm.exe
2008-12-16 12:43:44 ----A---- C:\WINDOWS\system32\at.exe
2008-12-16 12:43:43 ----A---- C:\WINDOWS\system32\asr_pfu.exe
2008-12-16 12:43:43 ----A---- C:\WINDOWS\system32\asr_ldm.exe
2008-12-16 12:43:42 ----A---- C:\WINDOWS\system32\asr_fmt.exe
2008-12-16 12:43:42 ----A---- C:\WINDOWS\system32\arp.exe
2008-12-16 12:43:41 ----A---- C:\WINDOWS\system32\alg.exe
2008-12-16 12:43:41 ----A---- C:\WINDOWS\system32\ahui.exe
2008-12-16 12:43:40 ----A---- C:\WINDOWS\system32\actmovie.exe
2008-12-16 12:43:40 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-12-16 12:43:38 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2008-12-16 12:38:31 ----A---- C:\WINDOWS\SkyTel.exe
2008-12-16 12:38:30 ----A---- C:\WINDOWS\RtlUpd.exe
2008-12-16 12:38:28 ----A---- C:\WINDOWS\RTLCPL.EXE
2008-12-16 12:38:28 ----A---- C:\WINDOWS\RTHDCPL.EXE
2008-12-16 12:38:26 ----A---- C:\WINDOWS\regedit.exe
2008-12-16 12:38:07 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-12-16 12:38:06 ----D---- C:\WINDOWS\network diagnostic
2008-12-16 12:38:05 ----D---- C:\WINDOWS\mui
2008-12-16 12:38:04 ----D---- C:\WINDOWS\msagent
2008-12-16 12:37:12 ----A---- C:\WINDOWS\MicCal.exe
2008-12-16 12:37:06 ----A---- C:\WINDOWS\IsUninst.exe
2008-12-16 12:36:41 ----HD---- C:\WINDOWS\inf
2008-12-16 12:35:54 ----HDC---- C:\WINDOWS\ie7
2008-12-16 12:35:51 ----A---- C:\WINDOWS\HideWin.exe
2008-12-16 12:35:51 ----A---- C:\WINDOWS\hh.exe
2008-12-16 12:35:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-16 12:34:43 ----A---- C:\WINDOWS\ALCWZRD.EXE
2008-12-16 12:34:41 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-12-16 12:34:36 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-12-16 12:34:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-12-16 12:33:58 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-12-16 12:33:55 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2008-12-16 12:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB931784$
2008-12-16 12:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB925876$
2008-12-16 12:33:20 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2008-12-16 12:33:15 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2008-12-16 12:32:57 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2008-12-16 12:32:50 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2008-12-16 12:32:48 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2008-12-16 12:32:46 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2008-12-16 12:32:42 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2008-12-16 12:32:38 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2008-12-16 12:32:31 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-12-16 12:28:26 ----D---- C:\WDM_R181
2008-12-16 12:28:21 ----D---- C:\UPS DRIVERS
2008-12-16 12:22:09 ----D---- C:\Program Files\WinSCP
2008-12-16 12:22:02 ----D---- C:\Program Files\Windows NT
2008-12-16 12:22:00 ----D---- C:\Program Files\Windows Media Player
2008-12-16 12:21:51 ----D---- C:\Program Files\Windows Media Connect 2
2008-12-16 12:21:50 ----D---- C:\Program Files\SystemRequirementsLab
2008-12-16 12:20:56 ----D---- C:\Program Files\QuickTime
2008-12-16 12:20:33 ----D---- C:\Program Files\Outlook Express
2008-12-16 12:20:29 ----D---- C:\Program Files\NetMeeting
2008-12-16 12:20:00 ----D---- C:\Program Files\Movie Maker
2008-12-16 12:19:59 ----D---- C:\Program Files\MiniRingtone
2008-12-16 12:18:18 ----D---- C:\Program Files\Messenger
2008-12-16 12:16:26 ----D---- C:\Program Files\Internet Explorer
2008-12-16 12:13:28 ----D---- C:\Program Files\Free PDF to Word Doc Converter
2008-12-16 12:11:54 ----D---- C:\Program Files\Bonjour
2008-12-16 12:09:56 ----D---- C:\monitor
2008-12-15 17:25:15 ----D---- C:\Documents and Settings
2008-12-15 17:21:39 ----A---- C:\WINDOWS\system32\userinit.exe
2008-12-15 17:21:39 ----A---- C:\WINDOWS\system32\logonui.exe
2008-12-15 17:21:38 ----A---- C:\WINDOWS\ALCMTR.EXE
2008-12-15 17:21:37 ----A---- C:\WINDOWS\system32\nwiz.exe
2008-12-15 17:21:30 ----A---- C:\WINDOWS\system32\verclsid.exe
2008-12-15 17:21:29 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-12-15 09:41:28 ----A---- C:\WINDOWS\wstdUPSWSHIP.INI
2008-12-12 14:21:54 ----D---- C:\temp
2008-12-12 12:37:13 ----SD---- C:\Documents and Settings\Tigerdistrict3\Application Data\Microsoft
2008-12-10 10:19:25 ----SD---- C:\WINDOWS\Tasks
2008-11-24 09:42:48 ----D---- C:\WINDOWS\Help
2008-11-12 17:03:59 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-12 17:03:57 ----A---- C:\WINDOWS\imsins.BAK
2008-11-12 17:03:45 ----D---- C:\WINDOWS\WinSxS
2008-11-03 09:55:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-27 12:25:55 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-27 12:22:01 ----D---- C:\Program Files\Common Files\InstallShield
2008-10-20 09:09:21 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-15 10:57:55 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-07 15:19:50 ----D---- C:\UPS
2008-10-03 11:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-09-30 09:48:08 ----D---- C:\Documents and Settings\Tigerdistrict3\Application Data\Apple Computer
2008-09-26 09:45:30 ----RSD---- C:\WINDOWS\assembly
2008-09-26 09:45:08 ----D---- C:\WINDOWS\system32\DirectX
2008-09-24 09:01:08 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-24 08:52:43 ----D---- C:\WINDOWS\Debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 33800]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-12-17 21419]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-10-25 4623872]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-07-11 20480]
R3 RT73;USB Wireless 802.11 b/g Adaptor Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2007-10-01 451968]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 dxgthkk;dxgthkk; C:\WINDOWS\System32\drivers\dxgthkk.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-16 147456]
R2 MSSQL$UPSWSDBSERVER;MSSQL$UPSWSDBSERVER; C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe [2008-12-16 9150464]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-16 155648]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-16 233472]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-12-16 24576]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-12-16 60928]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2007-12-21 19200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-12-16 58880]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2008-12-16 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-12-16 434176]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-12-16 138240]
S3 SQLAgent$UPSWSDBSERVER;SQLAgent$UPSWSDBSERVER; C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlagent.EXE [2008-12-16 323584]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2008-12-16 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]

-----------------EOF-----------------