Okay well AVG Free failed me and told me a file was safe and... well it wasn't. There were pornographic icons on my desktop and a pop up for a (probably fraudulent) anti-virus, I don't remember the name because I immediately rebooted into safe mode and ran Ad-Aware 2007 (I updated it to the latest definitions) which got rid of said infection. But I just want to make sure because now I'm getting a pop-up that says: http://upload.zantherus.com/files/tnjzc0moj9uxdulju075.png

It seems legitimate but I'm pretty sure I have AVG Free on this computer. The pornographic pop-ups keep appearing on my desktop so there is still an infection.

Here is my HijackThis log:


Thanks for the help.

Don't put the logs in quotes

Before we begin, you should save these instructions in Notepad to your desktop, or print them, for easy reference. Much of our fix will be done in Safe mode, and you will be unable to access this thread at that time. If you have questions at any point, or are unsure of the instructions, feel free to post here and ask for clarification before proceeding.


Please download SmitfraudFix (by S!Ri) to your Desktop.

Next, please reboot your computer in Safe Mode by doing the following :

• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
• Instead of Windows loading as normal, a menu with options should appear;
• Select the first option, to run Windows in Safe Mode, then press "Enter".
• Choose your usual account.

Once in Safe Mode, double-click on SmitfraudFix.exe
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.
A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt

Warning : running option #2 on a non infected computer will remove your Desktop background.

• Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

rapport.txt log:
SmitFraudFix v2.357

Scan done at 10:24:26.84, Fri 10/10/2008
Run from C:\Documents and Settings\Jason and Jeffrey\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\1.ico Deleted
C:\WINDOWS\system32\2.ico Deleted
C:\Program Files\MicroAntivirus\ Deleted
C:\Program Files\PCHealthCenter\ Deleted

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix

AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{D8648216-53EB-4683-8E44-07E0080B8B79}: NameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{F9470EDA-E0D2-441C-B4E0-FE49034B0108}: NameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{F9470EDA-E0D2-441C-B4E0-FE49034B0108}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D8648216-53EB-4683-8E44-07E0080B8B79}: NameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{F9470EDA-E0D2-441C-B4E0-FE49034B0108}: NameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D8648216-53EB-4683-8E44-07E0080B8B79}: NameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{F9470EDA-E0D2-441C-B4E0-FE49034B0108}: NameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End







log.txt:
Logfile of random's system information tool 1.04 (written by random/random)
Run by Jason and Jeffrey at 2008-10-10 10:35:33
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 14 GB (10%) free of 145 GB
Total RAM: 503 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:35:48, on 10/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\WINDOWS\system32\wwSecure.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Jason and Jeffrey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Verizon Wireless\V CAST Music Manager\MEMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jason and Jeffrey\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Jason and Jeffrey.exe

R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvcmx.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - (no file)
O2 - BHO: LPVideoPlugin - {7CD54C46-126B-487F-AB1A-D1C6BD656142} - C:\WINDOWS\system32\LPVideo.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [\YUR2E.exe] C:\Windows\system32\YUR2E.exe
O4 - HKLM\..\Run: [\YUR2F.exe] C:\Windows\system32\YUR2F.exe
O4 - HKLM\..\Run: [\YUR30.exe] C:\Windows\system32\YUR30.exe
O4 - HKLM\..\Run: [\YUR31.exe] C:\Windows\system32\YUR31.exe
O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jason and Jeffrey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [\YUR2E.exe] C:\Windows\system32\YUR2E.exe
O4 - HKCU\..\Run: [\YUR2F.exe] C:\Windows\system32\YUR2F.exe
O4 - HKCU\..\Run: [\YUR30.exe] C:\Windows\system32\YUR30.exe
O4 - HKCU\..\Run: [\YUR31.exe] C:\Windows\system32\YUR31.exe
O4 - HKCU\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKLM\..\Policies\Explorer\Run: [UpdateManager] C:\Program Files\Common Files\Microsoft Shared\TextConv\avupdate.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: MEMonitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music Manager\MEMonitor.exe
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Yahoo! Servicios - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvcmx.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8648216-53EB-4683-8E44-07E0080B8B79}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F9470EDA-E0D2-441C-B4E0-FE49034B0108}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: wbsys.dll C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: VNC Server (winvnc) - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe
O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe

--
End of file - 9532 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUser.job
C:\WINDOWS\tasks\Symantec NetDetect.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvcmx.dll [2006-10-31 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69A87B7D-DE56-4136-9655-716BA50C19C7}]
&Google Web Accelerator Helper - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-03-01 237568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7CD54C46-126B-487F-AB1A-D1C6BD656142}]
LPVideoPlugin - C:\WINDOWS\system32\LPVideo.dll [2008-10-09 151552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
CNavExtBho Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - []
{DE9C389F-3316-41A7-809B-AA305ED9D922}
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]
{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - Google Web Accelerator - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-03-01 237568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2007-04-17 63048]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2005-03-12 180269]
"\YUR2E.exe"=C:\Windows\system32\YUR2E.exe []
"\YUR2F.exe"=C:\Windows\system32\YUR2F.exe []
"\YUR30.exe"=C:\Windows\system32\YUR30.exe []
"\YUR31.exe"=C:\Windows\system32\YUR31.exe []
"\YUR1.exe"=C:\Windows\system32\YUR1.exe []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"UpdateManager"=C:\Program Files\Common Files\Microsoft Shared\TextConv\avupdate.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"=C:\Program Files\PeerGuardian2\pg2.exe [2005-09-18 1421824]
"WhatPulse"=C:\Program Files\WhatPulse\WhatPulse.exe [2006-08-21 665600]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"Steam"=C:\Program Files\Steam\Steam.exe [2008-10-07 1410296]
"Yahoo! Pager"=C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-08-11 21741864]
"Google Update"=C:\Documents and Settings\Jason and Jeffrey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-09 133104]
"\YUR2E.exe"=C:\Windows\system32\YUR2E.exe []
"\YUR2F.exe"=C:\Windows\system32\YUR2F.exe []
"\YUR30.exe"=C:\Windows\system32\YUR30.exe []
"\YUR31.exe"=C:\Windows\system32\YUR31.exe []
"\YUR1.exe"=C:\Windows\system32\YUR1.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
C:\Program Files\AIM\aim.exe [2005-08-05 67160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2007-10-22 579072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet 0.6\BitComet.exe [2005-09-07 2600960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
C:\Program Files\BroadJump\Client Foundation\CFD.exe [2001-12-17 483394]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\Program Files\Common Files\Symantec Shared\ccApp.exe [2004-08-27 58488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Detector]
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeadAIM]
C:\Program Files\AIM\\DeadAIM.ocm []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-10-09 1838592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Jason and Jeffrey\Local Settings\Application Data\Google\Update\1.0.91.0\GoogleUpdate.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz]
c:\Program Files\Norton Internet Security\cfgwiz.exe [2004-08-17 132248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2005-10-18 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2007-04-17 63048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Maxthon Access n Share Update]
C:\Program Files\Maxthon Access\Maxthon Access_updater.exe [2007-03-19 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
C:\Program Files\MySpace\IM\MySpaceIM.exe [2007-01-08 4898816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pidgin]
C:\Program Files\Pidgin\pidgin.exe [2007-05-25 43598]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlaxoUpdate]
C:\Program Files\Plaxo\2.5.6.21\PlaxoHelper.exe -a []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2005-11-19 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
C:\Windows\Creator\Remind_XP.exe [2004-12-13 663552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe [2005-09-19 1687552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe [2005-09-19 163840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAHBundle]
C:\DOCUME~1\JASONA~1\LOCALS~1\Temp\sahagent.exe run []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-11 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
c:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe [2004-08-05 218240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-07-12 132496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2005-03-12 180269]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\URLLSTCK.exe]
c:\Program Files\Norton Internet Security\UrlLstCk.exe [2004-08-30 33936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr]
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2006-03-10 35328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp psc 2000 Series.lnk]
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpobnz08.exe [2002-06-11 323646]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Maxthon Access Connector.lnk]
C:\PROGRA~1\MAXTHO~1\MAXTHO~1.EXE [2007-03-19 901120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^officejet 6100.lnk]
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hposol08.exe [2002-06-11 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Run Google Web Accelerator.lnk]
C:\PROGRA~1\Google\WEBACC~1\GOOGLE~2.EXE [2007-03-01 598016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SpySubtract.lnk]
C:\PROGRA~1\INTERM~1\SPYSUB~1\sslaunch.exe [2005-03-12 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Jason and Jeffrey^Start Menu^Programs^Startup^YouTube Uploader.lnk]
C:\DOCUME~1\JASONA~1\LOCALS~1\APPLIC~1\YouTube\Uploader\YOUTUB~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apache2"=2
"xmlprov"=3
"XAMPP"=2
"vsmon"=3
"Visual Studio Analyzer RPC bridge"=3
"usnsvc"=3
"UPS"=3
"SymWSC"=2
"SPBBCSvc"=3
"SNDSrvc"=3
"SENS"=2
"seclogon"=2
"Schedule"=2
"SCardSvr"=3
"RoxWatch"=2
"RoxUpnpServer"=2
"RoxUPnPRenderer"=3
"RoxMediaDB"=3
"RoxLiveShare"=2
"Pml Driver HPZ12"=3
"PHPGeekUtil"=2
"ose"=3
"O&O Defrag"=2
"NoIPDUCService"=2
"NBService"=3
"navapsvc"=2
"mysql"=2
"MDM"=2
"Macromedia Licensing Service"=3
"LogMeIn"=2
"LMIMaint"=2
"ISSVC"=3
"iPodService"=3
"IDriverT"=3
"GoogleDesktopManager"=3
"FileZilla Server"=3
"Fax"=3
"Avg7UpdSvc"=2
"Avg7Alrt"=2
"AppMgmt"=3
"Apache2.2"=2
"BITS"=3
"aspnet_state"=3

C:\Documents and Settings\Jason and Jeffrey\Start Menu\Programs\Startup
MEMonitor.lnk - C:\Program Files\Verizon Wireless\V CAST Music Manager\MEMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-11-02 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2008-05-28 87352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll [2005-12-06 176128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-03 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{FA010552-4A27-4cb1-A1BB-3E2D697F1639}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"AllowLegacyWebView"=
"AllowUnhashedWebView"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe"="C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe:*:Enabled:BackWeb for Presario"
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\Magic Workstation\MWSPlay.exe"="C:\Program Files\Magic Workstation\MWSPlay.exe:*:Enabled:Magic Workstation Play Module"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Program Files\Apprentice\Appr.exe"="C:\Program Files\Apprentice\Appr.exe:*:Enabled:Appr"
"C:\Program Files\WinMX\WinMX.exe"="C:\Program Files\WinMX\WinMX.exe:*:Enabled:WinMX Application"
"C:\Program Files\Soulseek\slsk.exe"="C:\Program Files\Soulseek\slsk.exe:*:Enabled:SoulSeek"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Yahoo!\Messenger\YPager.exe"="C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Microsoft Visual Studio\COMMON\Tools\VS-Ent98\Vanalyzr\VARPC.EXE"="C:\Program Files\Microsoft Visual Studio\COMMON\Tools\VS-Ent98\Vanalyzr\VARPC.EXE:*:Disabled:Microsoft ® Visual Studio VSA RPC Event Creator"
"C:\Program Files\Microsoft Games\Halo\halo.exe"="C:\Program Files\Microsoft Games\Halo\halo.exe:*:Enabled:Halo"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"C:\Program Files\eXeem\client.dll"="C:\Program Files\eXeem\client.dll:*:Enabled:client"
"C:\Program Files\Common Files\AOL\1125787923\ee\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1125787923\ee\AOLServiceHost.exe:*:Enabled:AOL"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Apache Group\Apache2\bin\Apache.exe"="C:\Program Files\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Java\jre1.5.0_02\bin\javaw.exe"="C:\Program Files\Java\jre1.5.0_02\bin\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary"
"C:\Program Files\Common Files\AOL\1125787923\ee\aim.exe"="C:\Program Files\Common Files\AOL\1125787923\ee\aim.exe:*:Enabled:AOLSoftware"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Common Files\AOL\1125787923\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1125787923\ee\aolsoftware.exe:*:Enabled:AOL Services"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Common Files\AOL\1125787923\ee\aim6.exe"="C:\Program Files\Common Files\AOL\1125787923\ee\aim6.exe:*:Enabled:AOL"
"C:\Program Files\eXeem\eXeem.exe"="C:\Program Files\eXeem\eXeem.exe:*:Enabled:Exeem"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:TrueVector Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Red Chair Software\Notmad Explorer\notmgr.exe"="C:\Program Files\Red Chair Software\Notmad Explorer\notmgr.exe:*:Enabled:Notmad Xtreamer"
"C:\Program Files\SmartFTP\SmartFTP.exe"="C:\Program Files\SmartFTP\SmartFTP.exe:*:Enabled:SmartFTP Client"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\BitComet 0.6\BitComet.exe"="C:\Program Files\BitComet 0.6\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Program Files\Microsoft Games\Halo Trial\halo.exe"="C:\Program Files\Microsoft Games\Halo Trial\halo.exe:*:Enabled:Halo"
"C:\Program Files\Xfire\xfire.exe"="C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe"="C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0"
"C:\Documents and Settings\Jason and Jeffrey\Desktop\again\iAudio\Warcraft III\Warcraft III.exe"="C:\Documents and Settings\Jason and Jeffrey\Desktop\again\iAudio\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Documents and Settings\Jason and Jeffrey\Desktop\again\iAudio\Warcraft III\War3.exe"="C:\Documents and Settings\Jason and Jeffrey\Desktop\again\iAudio\Warcraft III\War3.exe:*:Enabled:Warcraft III"
"C:\Documents and Settings\Jason and Jeffrey\Desktop\Portable CounterStrike 1.6\Portable CounterStrike 1.6\root\hl.exe"="C:\Documents and Settings\Jason and Jeffrey\Desktop\Portable CounterStrike 1.6\Portable CounterStrike 1.6\root\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\Jason and Jeffrey\Desktop\Warcraft III\Warcraft III.exe"="C:\Documents and Settings\Jason and Jeffrey\Desktop\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Documents and Settings\Jason and Jeffrey\Desktop\Warcraft III\War3.exe"="C:\Documents and Settings\Jason and Jeffrey\Desktop\Warcraft III\War3.exe:*:Enabled:Warcraft III"
"K:\STORED FILES\Applications\wosportable\apache2\bin\httpd.exe"="K:\STORED FILES\Applications\wosportable\apache2\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"K:\STORED FILES\Applications\wosportable\mysql\bin\mysqld-nt.exe"="K:\STORED FILES\Applications\wosportable\mysql\bin\mysqld-nt.exe:*:Enabled:mysqld-nt"
"C:\apache\Apache.exe"="C:\apache\Apache.exe:*:Enabled:Apache"
"C:\Program Files\FileZilla\FileZilla.exe"="C:\Program Files\FileZilla\FileZilla.exe:*:Enabled:FileZilla"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Documents and Settings\Jason and Jeffrey\Desktop\utorrent.exe"="C:\Documents and Settings\Jason and Jeffrey\Desktop\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Visual Studio\VB98\VB6.EXE"="C:\Program Files\Microsoft Visual Studio\VB98\VB6.EXE:*:Enabled:Visual Basic"
"C:\Documents and Settings\Jason and Jeffrey\Desktop\enigma-browser.exe"="C:\Documents and Settings\Jason and Jeffrey\Desktop\enigma-browser.exe:*:Enabled:enigma-browser"
"C:\Program Files\Pidgin\pidgin.exe"="C:\Program Files\Pidgin\pidgin.exe:*:Enabled:Pidgin"
"C:\Program Files\BitComet 0.6\Downloads\165 Standalone Programs for Windows XP\ROOT\~\PROGRAMS\P2P Clients\uTorrent\utorrent.exe"="C:\Program Files\BitComet 0.6\Downloads\165 Standalone Programs for Windows XP\ROOT\~\PROGRAMS\P2P Clients\uTorrent\utorrent.exe:*:Enabled:utorrent"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Java\jdk1.6.0_02\jre\bin\java.exe"="C:\Program Files\Java\jdk1.6.0_02\jre\bin\java.exe:*:Enabled:Java™ Platform SE binary"
"C:\Documents and Settings\Jason and Jeffrey\Desktop\openarena-0.7.0\openarena.exe"="C:\Documents and Settings\Jason and Jeffrey\Desktop\openarena-0.7.0\openarena.exe:*:Enabled:openarena"
"C:\Documents and Settings\Jason and Jeffrey\Desktop\New Folder\openarena-0.7.0\openarena.exe"="C:\Documents and Settings\Jason and Jeffrey\Desktop\New Folder\openarena-0.7.0\openarena.exe:*:Enabled:openarena"
"C:\xampp\apache\bin\apache.exe"="C:\xampp\apache\bin\apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Freeciv-2.1.0-gtk2\civserver.exe"="C:\Program Files\Freeciv-2.1.0-gtk2\civserver.exe:*:Enabled:civserver"
"C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe"="C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service"
"C:\Program Files\Steam\SteamApps\zantherus\counter-strike source\hl2.exe"="C:\Program Files\Steam\SteamApps\zantherus\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"L:\Valve\hl.exe"="L:\Valve\hl.exe:*:Enabled:Half-Life Launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%ProgramFiles%\iTunes\iTunes.exe"="%ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{946850c5-1e27-11d9-baf0-806d6172696f}]
shell\AutoRun\command - D:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{967109ff-6cac-11dc-8139-0010b5b795ac}]
shell\AutoRun\command - F:\wd_windows_tools\setup.exe


======List of files/folders created in the last 1 months======

2008-10-10 10:35:33 ----D---- C:\rsit
2008-10-10 10:24:37 ----A---- C:\WINDOWS\system32\tmp.txt
2008-10-10 10:24:26 ----A---- C:\rapport.txt
2008-10-10 01:11:22 ----D---- C:\Program Files\Trend Micro
2008-10-09 22:32:45 ----A---- C:\WINDOWS\ntbtlog.txt
2008-10-09 22:27:26 ----A---- C:\0000005378.exe
2008-10-09 22:17:11 ----D---- C:\Program Files\LPVideoPlugin
2008-10-09 14:00:12 ----A---- C:\WINDOWS\system32\LPVideo.dll

======List of files/folders modified in the last 1 months======

2008-10-10 10:35:43 ----D---- C:\Program Files\PeerGuardian2
2008-10-10 10:35:27 ----D---- C:\Documents and Settings\Jason and Jeffrey\Application Data\Skype
2008-10-10 10:33:59 ----D---- C:\Program Files\Steam
2008-10-10 10:33:58 ----D---- C:\WINDOWS\Temp
2008-10-10 10:29:51 ----D---- C:\WINDOWS\system32
2008-10-10 10:24:38 ----D---- C:\Program Files
2008-10-10 10:15:54 ----SHD---- C:\WINDOWS\Installer
2008-10-10 10:11:45 ----D---- C:\Documents and Settings\Jason and Jeffrey\Application Data\skypePM
2008-10-10 10:10:28 ----D---- C:\Program Files\Mozilla Firefox3
2008-10-10 00:57:34 ----D---- C:\Program Files\LogMeIn
2008-10-09 22:32:45 ----D---- C:\WINDOWS
2008-10-09 22:19:23 ----A---- C:\WINDOWS\system.ini
2008-10-09 22:17:08 ----D---- C:\Documents and Settings\All Users\Application Data\avg7
2008-10-09 16:07:01 ----D---- C:\WINDOWS\system32\NtmsData
2008-10-09 00:19:14 ----D---- C:\Documents and Settings\Jason and Jeffrey\Application Data\.purple
2008-10-06 22:04:05 ----D---- C:\Program Files\MPlayer for Windows
2008-10-06 18:10:46 ----D---- C:\Documents and Settings\Jason and Jeffrey\Application Data\gtk-2.0
2008-09-30 20:12:25 ----A---- C:\WINDOWS\NeroDigital.ini
2008-09-28 23:28:20 ----D---- C:\Program Files\Soulseek
2008-09-24 23:34:29 ----D---- C:\Documents and Settings\Jason and Jeffrey\Application Data\uTorrent
2008-09-24 23:03:38 ----D---- C:\WINDOWS\system32\CatRoot2
2008-09-17 16:13:25 ----HD---- C:\WINDOWS\inf
2008-09-17 16:10:06 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-09-16 17:47:13 ----D---- C:\WINDOWS\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-07 35840]
R1 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys [2007-10-22 821856]
R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys [2007-03-27 4224]
R1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2007-03-20 27776]
R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\System32\Drivers\avgclean.sys [2007-03-27 3968]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2005-09-19 309632]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2005-09-19 119168]
R1 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2005-09-19 50176]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2004-08-27 266464]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2005-04-19 279880]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 SAVRTPEL;SAVRTPEL; \??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS []
R2 vnccom;vnccom; C:\WINDOWS\System32\Drivers\vnccom.SYS [2004-06-26 6016]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-03-04 1066278]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2005-03-07 14408]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-04-26 135168]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-11-02 773565]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2007-04-17 10144]
R3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2005-09-19 27136]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys []
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
R3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 A34mprrvn;A34mprrvn; C:\WINDOWS\system32\drivers\A34mprrvn.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 DCamUSBVeo532;Veo Stingray/Connect Web Camera; C:\WINDOWS\System32\Drivers\ubVeo532.sys [2002-07-01 95232]
S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2005-09-19 27264]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2002-02-15 50960]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2002-03-21 16112]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2002-03-08 22512]
S3 Jukebox3;Jukebox3; C:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2005-05-16 16000]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20041117.006\NAVENG.Sys []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20041117.006\NavEx15.Sys []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2002-07-29 23808]
S3 SAVRT;SAVRT; \??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2004-08-27 25824]
S3 TIEHDUSB;TIEHDUSB; C:\WINDOWS\system32\drivers\tiehdusb.sys [2004-02-04 49536]
S3 usbbus;LGE CDMA Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2007-04-09 12672]
S3 UsbDiag;LGE CDMA USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2007-04-09 21248]
S3 USBModem;LGE CDMA USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2007-04-09 22912]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 XIRLINK;IBM PC Camera; C:\WINDOWS\system32\DRIVERS\C-itnt.sys [2002-03-12 899884]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-03 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-01-04 587096]
R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2004-08-27 197752]
R2 ccProxy;Symantec Network Proxy; c:\Program Files\Common Files\Symantec Shared\ccProxy.exe [2004-08-27 234616]
R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2004-08-27 164984]
R2 Diskeeper;Diskeeper; C:\Program Files\Executive Software\DiskeeperLite\DKService.exe [2002-10-16 176128]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2008-05-28 116032]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2007-04-17 63040]
R2 winvnc;VNC Server; C:\Program Files\UltraVNC\WinVNC.exe [2006-06-18 712704]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
R2 wwSecSvc;Washer AutoComplete; C:\WINDOWS\system32\wwSecure.exe [2005-04-20 487936]
S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2006-09-16 23856]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-09-09 72704]
S3 ccPwdSvc;Symantec Password Validation; c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2004-08-27 78968]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 iPodService;iPodService; C:\Program Files\iPod\bin\iPodService.exe [2005-10-18 323584]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 SAVScan;SAVScan; c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe [2004-07-23 197864]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 Apache2.2;Apache2.2; c:\x [2008-10-06 24064]
S4 Apache2;Apache2; C:\Program Files\Apache Group\Apache2\bin\Apache.exe [2005-04-16 20541]
S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S4 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2007-10-22 418816]
S4 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2007-03-20 49664]
S4 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-03 267776]
S4 FileZilla Server;FileZilla Server FTP server; c:\x [2008-10-06 24064]
S4 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-10-09 1838592]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 ISSVC;IS Service; c:\Program Files\Norton Internet Security\ISSVC.exe [2004-08-30 78992]
S4 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2005-05-29 68096]
S4 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S4 mysql;mysql; C:\x [2008-10-06 24064]
S4 navapsvc;Norton AntiVirus Auto-Protect Service; c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe [2004-08-30 176768]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S4 NoIPDUCService;NoIPDUCService; C:\Program Files\No-IP\DUC20.exe [2006-11-04 1172992]
S4 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2007-01-12 707344]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 PHPGeekUtil;PHPGeekUtil; c:\apache\APACHE.EXE [2002-01-24 20480]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-03-15 81920]
S4 RoxLiveShare;LiveShare P2P Server; C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe [2005-09-19 229376]
S4 RoxMediaDB;RoxMediaDB; C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe [2005-09-19 856064]
S4 RoxUPnPRenderer;RoxUpnpRenderer; C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe [2005-09-19 45056]
S4 RoxUpnpServer;RoxUpnpServer; C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe [2005-09-19 401408]
S4 RoxWatch;Roxio Hard Drive Watcher; C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe [2005-09-19 155648]
S4 SNDSrvc;Symantec Network Drivers Service; c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2004-08-27 206048]
S4 SPBBCSvc;Symantec SPBBCSvc; c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2004-07-21 173160]
S4 SymWSC;SymWMI Service; c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe [2004-08-05 308352]
S4 Visual Studio Analyzer RPC bridge;Visual Studio Analyzer RPC bridge; C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [1998-06-06 34036]
S4 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2005-04-19 1210112]
S4 XAMPP;XAMPP Service; c:\x [2008-10-06 24064]

-----------------EOF-----------------




info.txt:
info.txt logfile of random's system information tool 1.04 2008-10-10 10:35:53

======Uninstall list======

-->MsiExec.exe /I{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
-->"C:\Program Files\BZEdit1.6.5\uninstall.exe"
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM Net Camera\Uninst.isu"
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM PC Camera\Uninst.isu"
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {637099FB-45FD-4BC7-9651-6FB540DBB749}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{26792CA7-D87A-4DBE-896B-C2F66B344511}
-->MsiExec.exe /I{637099FB-45FD-4BC7-9651-6FB540DBB749}
-->MsiExec.exe /I{6D4F02C4-F6AF-4659-A933-7FC06235A8D5}
-->MsiExec.exe /I{7FD9FD10-9F7F-4DDF-B9F0-911209FF0CEA}
-->MsiExec.exe /I{8C60949A-46F9-4DD7-BA9F-78C00D9D4C8D}
-->MsiExec.exe /I{EB748B9B-F872-4E95-98E8-5CA7E5425DAF}
-->MsiExec.exe /I{F0EACC27-A729-406C-9BF6-C8F10CEC36F8}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acoustica Beatcraft-->C:\PROGRA~1\ACOUST~1\UNWISE.EXE C:\PROGRA~1\ACOUST~1\INSTALL.LOG
Acoustica Effects Pack-->C:\PROGRA~1\ACOUST~2\UNWISE.EXE C:\PROGRA~1\ACOUST~2\INSTALL.LOG
Ad-Aware 2007-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Premiere Pro 2.0-->msiexec /I {FA17A726-B229-4116-B793-A2AB1A4EAE2E}
Adobe Reader 6.0.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Agere Systems PCI Soft Modem-->agrsmdel
All-Pro Software Tournament Scheduler Pro Free Trial 5.0-->C:\WINDOWS\UnDeploy.exe "C:\Program Files\All-Pro Software\Tournament Scheduler\Deploy.log"
Anvil Studio-->C:\WINDOWS\ST5UNST.EXE -n "C:\Program Fi