tanders1
2010-07-14, 21:31
I have a Citrix server that SuperAntiSpyWare continually states is infected with Trojan.Smitfraud Variant / IE Anti-Spy-Ware. The other antivirus programs are not finding it. Here is a copy of the HiJackThis log. Can anyone help? Thanks!
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:20:48, on 7/14/2010
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Panda Software\AVNT\PavSrvX86.exe
C:\Program Files (x86)\Panda Software\AVNT\AVENGINE.EXE
C:\Program Files (x86)\Panda Software\Panda Administrator 3\AdminServer\AdminServer.exe
C:\Program Files (x86)\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr32.exe
C:\Program Files (x86)\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr32.exe
C:\Program Files (x86)\Symantec\Backup Exec\NT\dlomaintsvcu.exe
C:\Program Files (x86)\Citrix\System Monitoring\Agent\Core\Firebird\bin\fbserver.exe
C:\Program Files (x86)\Citrix\System32\Citrix\Ima\IMAAdvanceSrv.exe
C:\Program Files (x86)\Java\jre6\bin\jqs.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\Dell\SysMgt\sm\mr2kserv.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL$PADMINISTRATOR\Binn\sqlservr.exe
C:\Program Files (x86)\Dell\SysMgt\oma\bin\dsm_om_shrsvc32.exe
C:\Program Files (x86)\Panda Software\Panda Administrator 3\Distribution Server\PadFSvr.exe
C:\Program Files (x86)\Panda Software\AVNT\PsCtrlS.exe
C:\Program Files (x86)\Panda Software\Panda Administrator 3\Pav_Agent\Pagent.exe
C:\Program Files (x86)\Panda Software\Panda Administrator 3\Pav_Agent\pagentwd.exe
C:\Program Files (x86)\Panda Software\Panda Administrator 3\Scheduler\pavsched.exe
C:\Program Files (x86)\Panda Software\AVNT\PsImSvc.exe
C:\Program Files (x86)\Citrix\System Monitoring\Agent\Core\rscorsvc.exe
C:\Program Files (x86)\Dell\SysMgt\iws\bin\win32\dsm_om_connsvc32.exe
C:\WINDOWS\TIREMOTE\TIRemoteService.exe
C:\WINDOWS\syswow64\snmp.exe
C:\Program Files (x86)\X-Charge\XCSecurityService.exe
C:\Program Files (x86)\Citrix\system32\cdmsvc.exe
C:\Program Files (x86)\Citrix\Server Resource Management\Memory Optimization Management\Program\CtxSFOSvc.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\Citrix\System32\wfshell.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files (x86)\Citrix\system32\icabar.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Panda Software\Panda Administrator 3\Console\PASystemTray.exe
C:\Program Files (x86)\Panda Software\AVNT\PSCtrlC.exe
C:\WINDOWS\Temp\PRScan\PRScan.exe
C:\Program Files (x86)\Panda Software\AVNT\psimreal.exe
C:\Program Files (x86)\Panda Software\AVNT\PSIMMON.exe
C:\Program Files (x86)\Panda Software\Panda Administrator 3\PavReport\PavReport.exe
C:\Documents and Settings\tandersen\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iesetup.dll/softAdmin.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/softAdmin.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Citrix Single Sign-On Browser Helper Object - {C3793308-160C-4b29-B44E-A09EE159DC83} - C:\Program Files (x86)\Citrix\MetaFrame Password Manager\Helper\IE\bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Track-It! Workstation Manager Service Monitor] C:\WINDOWS\TIREMOTE\TIServiceMonitor.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [IcaBar] "C:\Program Files (x86)\Citrix\system32\icabar.exe" /adminonly
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PASystemTray] "C:\Program Files (x86)\Panda Software\Panda Administrator 3\Console\PASystemTray.exe"
O4 - HKLM\..\Run: [Panda Controller Client] "C:\Program Files (x86)\Panda Software\AVNT\PSCtrlC.exe"
O4 - HKLM\..\Run: [PRClean] C:\WINDOWS\Temp\PRScan\PRClean.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3057299724-1252680614-2322330818-1005\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'ctx_cpuuser')
O4 - HKUS\S-1-5-21-3057299724-1252680614-2322330818-1006\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'ctx_cpsvcuser')
O4 - HKUS\S-1-5-21-3057299724-1252680614-2322330818-1007\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Ctx_StreamingSvc')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2159\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SHERRING')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2223\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'JTERESI')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2642\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'lbunce')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2648\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'LMAYO')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2648\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LMAYO')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2656\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'CHILLS1')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2656\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'CHILLS1')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2658\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'PINEACRES1')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2658\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'PINEACRES1')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2659\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'GATEWAY1')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2659\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'GATEWAY1')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-3125\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DCZARNECKI')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-3615\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DROBERTSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-3615\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'DROBERTSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4138\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SKRAJESKI')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4160\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'GHAVEN2')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4160\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'GHAVEN2')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4230\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Kzlotek')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4230\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Kzlotek')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4268\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DFELTES')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4373\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'MMCDERMOTT')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4461\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'smcquown')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4461\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'smcquown')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4465\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DHOLIDAY')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4471\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'CGONDOLI')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6107\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'MTOMASINO')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6140\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'BCREBS')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6140\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'BCREBS')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6190\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'dlsommerman')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6220\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'JSANDERS')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6254\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'CMONTARO')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6260\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'esoltau')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6637\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'GSCHILLING')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6637\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'GSCHILLING')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7120\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'HDAVIS')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7130\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'KOLSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7164\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'BRMILLER')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7167\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'JOCONNOR')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7167\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'JOCONNOR')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7253\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'TLAFORCE')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7253\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'TLAFORCE')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7258\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'BNOWAK')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7291\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DSMITH')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7291\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'DSMITH')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7303\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'MDOUGHERTY')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7303\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'MDOUGHERTY')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7313\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'LMELVILLE')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7313\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LMELVILLE')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7371\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'JRUSSELL')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7371\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'JRUSSELL')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7381\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SJOHNSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7381\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SJOHNSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7425\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'CVANVLIET')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7425\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'CVANVLIET')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7450\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'ARUTH')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7450\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'ARUTH')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7466\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'JGONZALEZ')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7531\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'TPASSARO')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7543\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DNICOLINI')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7566\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SMORA')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7566\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SMORA')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7687\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'LDUPLECHIN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7687\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LDUPLECHIN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7706\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'KFAVAZZA')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7706\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'KFAVAZZA')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7709\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'igomez')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7709\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'igomez')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7874\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'JBAKER')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7874\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'JBAKER')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7893\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DSAWYER')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7893\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'DSAWYER')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8116\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'PGOODWIN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8116\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'PGOODWIN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8159\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'yjackson')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8159\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'yjackson')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8174\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'BANDERSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8174\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'BANDERSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8207\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'ATOLLKUEHN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8207\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'ATOLLKUEHN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8257\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'new')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8257\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'new')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8301\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'CCOLLINS')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8301\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'CCOLLINS')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8318\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'AKAUFMANN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8318\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'AKAUFMANN')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - S-1-5-21-823518204-1390067357-1801674531-7543 Startup: SmartCapture.lnk = C:\WINDOWS\Seiko\slpcap.exe (User 'DNICOLINI')
O4 - S-1-5-21-823518204-1390067357-1801674531-7543 User Startup: SmartCapture.lnk = C:\WINDOWS\Seiko\slpcap.exe (User 'DNICOLINI')
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'j:\windows\system32\mswsock.dll' missing
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1196968226265
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1259590119309
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = MORGAN.morgan-llc.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{367E9EE9-FB3A-4F05-9463-02BCBC796420}: NameServer = 10.211.4.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4BEB345-38A0-4FBC-8C27-B3138F6F1CCB}: NameServer = 10.211.4.10
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = MORGAN.morgan-llc.com
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - J:\WINDOWS\SysWOW64\browseui.dll (file missing)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - J:\WINDOWS\SysWOW64\browseui.dll (file missing)
O23 - Service: Panda AdminSecure Administration Server (AdminServer) - Panda Security S.L. - C:\Program Files (x86)\Panda Software\Panda Administrator 3\AdminServer\AdminServer.exe
O23 - Service: Backup Exec Remote Agent for Windows Servers (BackupExecAgentAccelerator) - Symantec Corporation - C:\Program Files\Symantec\Backup Exec\RAWS\beremote.exe
O23 - Service: Citrix Diagnostic Facility COM Server (CdfSvc) - Citrix Systems, Inc. - C:\Program Files (x86)\Common Files\Citrix\System32\CdfSvc.exe
O23 - Service: Citrix Client Network (CdmService) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\system32\cdmsvc.exe
O23 - Service: Citrix 64-bit Virtual Memory Optimization - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Server Resource Management\Memory Optimization Management\Program\ctxsfosvc64.exe
O23 - Service: Citrix Encryption Service - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\system32\encsvc.exe
O23 - Service: Citrix End User Experiencing Monitoring (Citrix EUEM) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Euem\Service\SemsService.exe
O23 - Service: Citrix SMA Service - Citrix Systems Inc. - C:\Program Files (x86)\Citrix\Sma\SmaService.exe
O23 - Service: Citrix User Profile Manager - Citrix Systems, Inc. - C:\Program Files\Citrix\User Profile Manager\UserProfileManager.exe
O23 - Service: Citrix Virtual Memory Optimization - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Server Resource Management\Memory Optimization Management\Program\CtxSFOSvc.exe
O23 - Service: Citrix Health Monitoring and Recovery (CitrixHealthMon) - Citrix Systems, Inc - C:\Program Files (x86)\Citrix\HealthMon\HCAService.exe
O23 - Service: Citrix Licensing (CitrixLicensing) - Acresso Software Inc. - C:\Program Files (x86)\Citrix\Licensing\LS\lmgrd.exe
O23 - Service: Citrix WMI Service (CitrixWMIService) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\system32\citrix\WMI\ctxwmisvc.exe
O23 - Service: Citrix XTE Server (CitrixXTEServer) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\XTE\bin\XTE.exe
O23 - Service: Citrix Licensing WMI (Citrix_GTLicensingProv) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Licensing\LicWMI\Citrix_GTLicensingProv.exe
O23 - Service: Citrix Single Sign-On Sagent (Citrix_Password_Manager_Sagent) - Citrix Systems, Inc. - C:\Program Files\Citrix\MetaFrame Password Manager\Sagent.exe
O23 - Service: Citrix Print Manager Service (cpsvc) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\system32\CpSvc.exe
O23 - Service: Citrix ActiveSync Service (CtxActiveSync) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\System32\CtxActiveSync.exe
O23 - Service: Citrix CPU Utilization Mgmt/CPU Rebalancer (CTXCPUBal) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Server Resource Management\CPU Utilization Management\bin\ctxcpubal.exe
O23 - Service: Citrix CPU Utilization Mgmt/Resource Mgmt (ctxcpuSched) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Server Resource Management\CPU Utilization Management\bin\ctxcpusched.exe
O23 - Service: Citrix XML Service (CtxHttp) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\System32\ctxxmlss.exe
O23 - Service: Citrix License Management Console (CTXLMC) - Apache Software Foundation - C:\Program Files (x86)\Citrix\Licensing\LMC\Tomcat\bin\tomcat6.exe
O23 - Service: Citrix LS Port Updater Service (CtxLSPortSvc) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Licensing\LS\CtxLSPortSvc.exe
O23 - Service: DSM SA Event Manager (dcevt32) - Dell Inc. - C:\Program Files (x86)\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr32.exe
O23 - Service: DSM SA Data Manager (dcstor32) - Dell Inc. - C:\Program Files (x86)\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr32.exe
O23 - Service: Backup Exec DLO Maintenance Service (DLOMaintenanceSvc) - Symantec Corporation - C:\Program Files (x86)\Symantec\Backup Exec\NT\dlomaintsvcu.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: Firebird Server - CSMInstance (FirebirdServerCSMInstance) - FirebirdSQL Project - C:\Program Files (x86)\Citrix\System Monitoring\Agent\Core\Firebird\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: IIS Admin Service (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: Citrix Services Manager (IMAAdvanceSrv) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\System32\Citrix\Ima\IMAAdvanceSrv.exe
O23 - Service: Citrix Independent Management Architecture (IMAService) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\System32\Citrix\Ima\ImaSrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files (x86)\Java\jre6\bin\jqs.exe
O23 - Service: Citrix MFCOM Service (MFCom) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\System32\mfcom.exe
O23 - Service: mr2kserv - LSI Logic Corporation - C:\Program Files (x86)\Dell\SysMgt\sm\mr2kserv.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: DSM SA Shared Services (omsad) - Dell Inc. - C:\Program Files (x86)\Dell\SysMgt\oma\bin\dsm_om_shrsvc32.exe
O23 - Service: Panda AdminSecure Distribution Server (PadFSvr) - Panda Security S.L. - C:\Program Files (x86)\Panda Software\Panda Administrator 3\Distribution Server\PadFSvr.exe
O23 - Service: Panda Software Controller - Panda Security - C:\Program Files (x86)\Panda Software\AVNT\PsCtrlS.exe
O23 - Service: Panda AdminSecure Communications Agent (PAVAGENTE) - Panda Security, S.L. - C:\Program Files (x86)\Panda Software\Panda Administrator 3\Pav_Agent\Pagent.exe
O23 - Service: Panda AdminSecure Scheduler (PavAtScheduler) - Panda Software - C:\Program Files (x86)\Panda Software\Panda Administrator 3\Scheduler\pavsched.exe
O23 - Service: Panda Antivirus Report Service (PavReport) - Panda Security, S.L. - C:\Program Files (x86)\Panda Software\Panda Administrator 3\PavReport\PavReport.exe
O23 - Service: Panda Antivirus Service (PavSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Software\AVNT\PavSrvX86.exe
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Panda IManager Service (PsImSvc) - Panda Security - C:\Program Files (x86)\Panda Software\AVNT\PsImSvc.exe
O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\PSSDNSVC.EXE
O23 - Service: Citrix Streaming Service (RadeSvc) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Streaming Client\RadeSvc.exe
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Citrix Resource Manager Mail (ResourceManagerMail) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\System32\Citrix\IMA\MailService.exe
O23 - Service: Citrix System Monitoring Agent (RSCorSvc) - Citrix Systems, Inc - C:\Program Files (x86)\Citrix\System Monitoring\Agent\Core\rscorsvc.exe
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: DSM SA Connection Service (Server Administrator) - Unknown owner - C:\Program Files (x86)\Dell\SysMgt\iws\bin\win32\dsm_om_connsvc32.exe
O23 - Service: SNMP Trap Service (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Track-It! Workstation Manager (TIRmtSvc) - Numara Software, Inc. - C:\WINDOWS\TIREMOTE\TIRemoteService.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
O23 - Service: X-Charge Security (XCSecurity) - Unknown owner - C:\Program Files (x86)\X-Charge\XCSecurityService.exe
O23 - Service: X-Charge Server (XCService) - Unknown owner - C:\Program Files (x86)\X-Charge\XCService.exe
--
End of file - 28608 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:20:48, on 7/14/2010
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Panda Software\AVNT\PavSrvX86.exe
C:\Program Files (x86)\Panda Software\AVNT\AVENGINE.EXE
C:\Program Files (x86)\Panda Software\Panda Administrator 3\AdminServer\AdminServer.exe
C:\Program Files (x86)\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr32.exe
C:\Program Files (x86)\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr32.exe
C:\Program Files (x86)\Symantec\Backup Exec\NT\dlomaintsvcu.exe
C:\Program Files (x86)\Citrix\System Monitoring\Agent\Core\Firebird\bin\fbserver.exe
C:\Program Files (x86)\Citrix\System32\Citrix\Ima\IMAAdvanceSrv.exe
C:\Program Files (x86)\Java\jre6\bin\jqs.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\Dell\SysMgt\sm\mr2kserv.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL$PADMINISTRATOR\Binn\sqlservr.exe
C:\Program Files (x86)\Dell\SysMgt\oma\bin\dsm_om_shrsvc32.exe
C:\Program Files (x86)\Panda Software\Panda Administrator 3\Distribution Server\PadFSvr.exe
C:\Program Files (x86)\Panda Software\AVNT\PsCtrlS.exe
C:\Program Files (x86)\Panda Software\Panda Administrator 3\Pav_Agent\Pagent.exe
C:\Program Files (x86)\Panda Software\Panda Administrator 3\Pav_Agent\pagentwd.exe
C:\Program Files (x86)\Panda Software\Panda Administrator 3\Scheduler\pavsched.exe
C:\Program Files (x86)\Panda Software\AVNT\PsImSvc.exe
C:\Program Files (x86)\Citrix\System Monitoring\Agent\Core\rscorsvc.exe
C:\Program Files (x86)\Dell\SysMgt\iws\bin\win32\dsm_om_connsvc32.exe
C:\WINDOWS\TIREMOTE\TIRemoteService.exe
C:\WINDOWS\syswow64\snmp.exe
C:\Program Files (x86)\X-Charge\XCSecurityService.exe
C:\Program Files (x86)\Citrix\system32\cdmsvc.exe
C:\Program Files (x86)\Citrix\Server Resource Management\Memory Optimization Management\Program\CtxSFOSvc.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\Citrix\System32\wfshell.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files (x86)\Citrix\system32\icabar.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Panda Software\Panda Administrator 3\Console\PASystemTray.exe
C:\Program Files (x86)\Panda Software\AVNT\PSCtrlC.exe
C:\WINDOWS\Temp\PRScan\PRScan.exe
C:\Program Files (x86)\Panda Software\AVNT\psimreal.exe
C:\Program Files (x86)\Panda Software\AVNT\PSIMMON.exe
C:\Program Files (x86)\Panda Software\Panda Administrator 3\PavReport\PavReport.exe
C:\Documents and Settings\tandersen\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iesetup.dll/softAdmin.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/softAdmin.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Citrix Single Sign-On Browser Helper Object - {C3793308-160C-4b29-B44E-A09EE159DC83} - C:\Program Files (x86)\Citrix\MetaFrame Password Manager\Helper\IE\bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Track-It! Workstation Manager Service Monitor] C:\WINDOWS\TIREMOTE\TIServiceMonitor.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [IcaBar] "C:\Program Files (x86)\Citrix\system32\icabar.exe" /adminonly
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PASystemTray] "C:\Program Files (x86)\Panda Software\Panda Administrator 3\Console\PASystemTray.exe"
O4 - HKLM\..\Run: [Panda Controller Client] "C:\Program Files (x86)\Panda Software\AVNT\PSCtrlC.exe"
O4 - HKLM\..\Run: [PRClean] C:\WINDOWS\Temp\PRScan\PRClean.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3057299724-1252680614-2322330818-1005\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'ctx_cpuuser')
O4 - HKUS\S-1-5-21-3057299724-1252680614-2322330818-1006\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'ctx_cpsvcuser')
O4 - HKUS\S-1-5-21-3057299724-1252680614-2322330818-1007\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Ctx_StreamingSvc')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2159\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SHERRING')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2223\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'JTERESI')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2642\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'lbunce')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2648\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'LMAYO')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2648\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LMAYO')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2656\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'CHILLS1')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2656\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'CHILLS1')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2658\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'PINEACRES1')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2658\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'PINEACRES1')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2659\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'GATEWAY1')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-2659\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'GATEWAY1')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-3125\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DCZARNECKI')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-3615\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DROBERTSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-3615\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'DROBERTSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4138\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SKRAJESKI')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4160\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'GHAVEN2')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4160\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'GHAVEN2')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4230\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Kzlotek')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4230\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Kzlotek')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4268\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DFELTES')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4373\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'MMCDERMOTT')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4461\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'smcquown')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4461\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'smcquown')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4465\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DHOLIDAY')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-4471\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'CGONDOLI')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6107\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'MTOMASINO')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6140\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'BCREBS')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6140\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'BCREBS')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6190\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'dlsommerman')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6220\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'JSANDERS')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6254\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'CMONTARO')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6260\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'esoltau')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6637\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'GSCHILLING')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-6637\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'GSCHILLING')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7120\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'HDAVIS')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7130\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'KOLSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7164\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'BRMILLER')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7167\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'JOCONNOR')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7167\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'JOCONNOR')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7253\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'TLAFORCE')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7253\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'TLAFORCE')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7258\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'BNOWAK')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7291\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DSMITH')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7291\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'DSMITH')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7303\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'MDOUGHERTY')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7303\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'MDOUGHERTY')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7313\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'LMELVILLE')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7313\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LMELVILLE')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7371\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'JRUSSELL')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7371\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'JRUSSELL')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7381\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SJOHNSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7381\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SJOHNSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7425\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'CVANVLIET')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7425\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'CVANVLIET')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7450\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'ARUTH')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7450\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'ARUTH')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7466\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'JGONZALEZ')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7531\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'TPASSARO')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7543\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DNICOLINI')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7566\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SMORA')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7566\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SMORA')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7687\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'LDUPLECHIN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7687\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LDUPLECHIN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7706\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'KFAVAZZA')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7706\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'KFAVAZZA')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7709\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'igomez')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7709\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'igomez')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7874\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'JBAKER')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7874\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'JBAKER')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7893\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DSAWYER')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-7893\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'DSAWYER')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8116\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'PGOODWIN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8116\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'PGOODWIN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8159\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'yjackson')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8159\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'yjackson')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8174\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'BANDERSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8174\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'BANDERSON')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8207\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'ATOLLKUEHN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8207\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'ATOLLKUEHN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8257\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'new')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8257\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'new')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8301\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'CCOLLINS')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8301\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'CCOLLINS')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8318\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'AKAUFMANN')
O4 - HKUS\S-1-5-21-823518204-1390067357-1801674531-8318\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'AKAUFMANN')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - S-1-5-21-823518204-1390067357-1801674531-7543 Startup: SmartCapture.lnk = C:\WINDOWS\Seiko\slpcap.exe (User 'DNICOLINI')
O4 - S-1-5-21-823518204-1390067357-1801674531-7543 User Startup: SmartCapture.lnk = C:\WINDOWS\Seiko\slpcap.exe (User 'DNICOLINI')
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'j:\windows\system32\mswsock.dll' missing
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1196968226265
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1259590119309
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = MORGAN.morgan-llc.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{367E9EE9-FB3A-4F05-9463-02BCBC796420}: NameServer = 10.211.4.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4BEB345-38A0-4FBC-8C27-B3138F6F1CCB}: NameServer = 10.211.4.10
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = MORGAN.morgan-llc.com
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - J:\WINDOWS\SysWOW64\browseui.dll (file missing)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - J:\WINDOWS\SysWOW64\browseui.dll (file missing)
O23 - Service: Panda AdminSecure Administration Server (AdminServer) - Panda Security S.L. - C:\Program Files (x86)\Panda Software\Panda Administrator 3\AdminServer\AdminServer.exe
O23 - Service: Backup Exec Remote Agent for Windows Servers (BackupExecAgentAccelerator) - Symantec Corporation - C:\Program Files\Symantec\Backup Exec\RAWS\beremote.exe
O23 - Service: Citrix Diagnostic Facility COM Server (CdfSvc) - Citrix Systems, Inc. - C:\Program Files (x86)\Common Files\Citrix\System32\CdfSvc.exe
O23 - Service: Citrix Client Network (CdmService) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\system32\cdmsvc.exe
O23 - Service: Citrix 64-bit Virtual Memory Optimization - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Server Resource Management\Memory Optimization Management\Program\ctxsfosvc64.exe
O23 - Service: Citrix Encryption Service - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\system32\encsvc.exe
O23 - Service: Citrix End User Experiencing Monitoring (Citrix EUEM) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Euem\Service\SemsService.exe
O23 - Service: Citrix SMA Service - Citrix Systems Inc. - C:\Program Files (x86)\Citrix\Sma\SmaService.exe
O23 - Service: Citrix User Profile Manager - Citrix Systems, Inc. - C:\Program Files\Citrix\User Profile Manager\UserProfileManager.exe
O23 - Service: Citrix Virtual Memory Optimization - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Server Resource Management\Memory Optimization Management\Program\CtxSFOSvc.exe
O23 - Service: Citrix Health Monitoring and Recovery (CitrixHealthMon) - Citrix Systems, Inc - C:\Program Files (x86)\Citrix\HealthMon\HCAService.exe
O23 - Service: Citrix Licensing (CitrixLicensing) - Acresso Software Inc. - C:\Program Files (x86)\Citrix\Licensing\LS\lmgrd.exe
O23 - Service: Citrix WMI Service (CitrixWMIService) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\system32\citrix\WMI\ctxwmisvc.exe
O23 - Service: Citrix XTE Server (CitrixXTEServer) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\XTE\bin\XTE.exe
O23 - Service: Citrix Licensing WMI (Citrix_GTLicensingProv) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Licensing\LicWMI\Citrix_GTLicensingProv.exe
O23 - Service: Citrix Single Sign-On Sagent (Citrix_Password_Manager_Sagent) - Citrix Systems, Inc. - C:\Program Files\Citrix\MetaFrame Password Manager\Sagent.exe
O23 - Service: Citrix Print Manager Service (cpsvc) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\system32\CpSvc.exe
O23 - Service: Citrix ActiveSync Service (CtxActiveSync) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\System32\CtxActiveSync.exe
O23 - Service: Citrix CPU Utilization Mgmt/CPU Rebalancer (CTXCPUBal) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Server Resource Management\CPU Utilization Management\bin\ctxcpubal.exe
O23 - Service: Citrix CPU Utilization Mgmt/Resource Mgmt (ctxcpuSched) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Server Resource Management\CPU Utilization Management\bin\ctxcpusched.exe
O23 - Service: Citrix XML Service (CtxHttp) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\System32\ctxxmlss.exe
O23 - Service: Citrix License Management Console (CTXLMC) - Apache Software Foundation - C:\Program Files (x86)\Citrix\Licensing\LMC\Tomcat\bin\tomcat6.exe
O23 - Service: Citrix LS Port Updater Service (CtxLSPortSvc) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Licensing\LS\CtxLSPortSvc.exe
O23 - Service: DSM SA Event Manager (dcevt32) - Dell Inc. - C:\Program Files (x86)\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr32.exe
O23 - Service: DSM SA Data Manager (dcstor32) - Dell Inc. - C:\Program Files (x86)\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr32.exe
O23 - Service: Backup Exec DLO Maintenance Service (DLOMaintenanceSvc) - Symantec Corporation - C:\Program Files (x86)\Symantec\Backup Exec\NT\dlomaintsvcu.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: Firebird Server - CSMInstance (FirebirdServerCSMInstance) - FirebirdSQL Project - C:\Program Files (x86)\Citrix\System Monitoring\Agent\Core\Firebird\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: IIS Admin Service (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: Citrix Services Manager (IMAAdvanceSrv) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\System32\Citrix\Ima\IMAAdvanceSrv.exe
O23 - Service: Citrix Independent Management Architecture (IMAService) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\System32\Citrix\Ima\ImaSrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files (x86)\Java\jre6\bin\jqs.exe
O23 - Service: Citrix MFCOM Service (MFCom) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\System32\mfcom.exe
O23 - Service: mr2kserv - LSI Logic Corporation - C:\Program Files (x86)\Dell\SysMgt\sm\mr2kserv.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: DSM SA Shared Services (omsad) - Dell Inc. - C:\Program Files (x86)\Dell\SysMgt\oma\bin\dsm_om_shrsvc32.exe
O23 - Service: Panda AdminSecure Distribution Server (PadFSvr) - Panda Security S.L. - C:\Program Files (x86)\Panda Software\Panda Administrator 3\Distribution Server\PadFSvr.exe
O23 - Service: Panda Software Controller - Panda Security - C:\Program Files (x86)\Panda Software\AVNT\PsCtrlS.exe
O23 - Service: Panda AdminSecure Communications Agent (PAVAGENTE) - Panda Security, S.L. - C:\Program Files (x86)\Panda Software\Panda Administrator 3\Pav_Agent\Pagent.exe
O23 - Service: Panda AdminSecure Scheduler (PavAtScheduler) - Panda Software - C:\Program Files (x86)\Panda Software\Panda Administrator 3\Scheduler\pavsched.exe
O23 - Service: Panda Antivirus Report Service (PavReport) - Panda Security, S.L. - C:\Program Files (x86)\Panda Software\Panda Administrator 3\PavReport\PavReport.exe
O23 - Service: Panda Antivirus Service (PavSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Software\AVNT\PavSrvX86.exe
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Panda IManager Service (PsImSvc) - Panda Security - C:\Program Files (x86)\Panda Software\AVNT\PsImSvc.exe
O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\PSSDNSVC.EXE
O23 - Service: Citrix Streaming Service (RadeSvc) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\Streaming Client\RadeSvc.exe
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Citrix Resource Manager Mail (ResourceManagerMail) - Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\System32\Citrix\IMA\MailService.exe
O23 - Service: Citrix System Monitoring Agent (RSCorSvc) - Citrix Systems, Inc - C:\Program Files (x86)\Citrix\System Monitoring\Agent\Core\rscorsvc.exe
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: DSM SA Connection Service (Server Administrator) - Unknown owner - C:\Program Files (x86)\Dell\SysMgt\iws\bin\win32\dsm_om_connsvc32.exe
O23 - Service: SNMP Trap Service (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Track-It! Workstation Manager (TIRmtSvc) - Numara Software, Inc. - C:\WINDOWS\TIREMOTE\TIRemoteService.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
O23 - Service: X-Charge Security (XCSecurity) - Unknown owner - C:\Program Files (x86)\X-Charge\XCSecurityService.exe
O23 - Service: X-Charge Server (XCService) - Unknown owner - C:\Program Files (x86)\X-Charge\XCService.exe
--
End of file - 28608 bytes