Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Red circle with white x causing pop-ups


  • Please log in to reply
12 replies to this topic

#1 tut2734

tut2734

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 27 March 2009 - 04:11 PM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:11:30 PM, on 3/27/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\digtizer.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\o2flash.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\Program Files\Softex\OmniPass\scureapp.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe
C:\Program Files\Fujitsu\Utils\FjDspMon.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Fujitsu\Utils\fjevents.exe
C:\Program Files\Fujitsu\Utils\FjMenu.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\FrostWire\FrostWire.exe
C:\WINDOWS\system32\8Lx8nFs8.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\mse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
O4 - HKLM\..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
O4 - HKLM\..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
O4 - HKLM\..\Run: [SSUtility] C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [FjStrtAp] C:\Program Files\Fujitsu\Utils\FjStrtAp.exe
O4 - HKLM\..\Run: [Snippet] "C:\Program Files\Microsoft Experience Pack\Snipping Tool\SnippingTool.exe" /i
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Add to EverNote - res://C:\Program Files\EverNote\EverNote\enbar.dll/2000
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:\Program Files\EverNote\EverNote\enbar.dll
O9 - Extra 'Tools' menuitem: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:\Program Files\EverNote\EverNote\enbar.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://us.fujitsu.com/computers
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/ru...cat-no-eula.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {809A6301-7B40-4436-A02C-87B8D3D7D9E3} (ZPA_DMNO Object) - http://zone.msn.com/bingame/zpagames/zpa_dmno.cab55579.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {C228AEDD-FC47-11D3-AF87-D128A9381404} (LSICapture Control) - http://www.link-systems.com/~sdk/SDK/paste/lsiw2k.cab
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - http://zone.msn.com/bingame/zpagames/zpa_pool.cab56649.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://198.82.159.136/activex/AMC.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Boss
O17 - HKLM\Software\..\Telephony: DomainName = Boss
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Boss
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Boss
O18 - Protocol: bw+0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: offline-8876480 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Digitizer Service (Digitizer) - WACOM - C:\WINDOWS\System32\digtizer.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: o2flash - O2Micro International - C:\WINDOWS\system32\o2flash.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 26438 bytes

BC AdBot (Login to Remove)

 


#2 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:02:52 AM

Posted 27 March 2009 - 06:46 PM

Hello! :thumbup2:
My name is Sam and I will be helping you.

In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.


We need to create an OTListIt2 Report
  • Please download OTListIt2 from here
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the "Run Scan" button.
  • The scan should take just a few minutes.
  • Copy the log that opens up and paste it back here in your next reply.



=============


The next log will show us any hidden files that are present.

Download GMER from here:
  • Unzip it to the desktop.
  • Open the program and click on the Rootkit tab.
  • Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
  • Click on Scan.
  • When the scan has run click Copy and paste the results (if any) into this thread.

Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#3 tut2734

tut2734
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 27 March 2009 - 08:22 PM

OTListIT Log:

OTListIt logfile created on: 3/27/2009 9:20:40 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.7.2 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Tablet PC Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.18 Gb Available Physical Memory | 59.28% Memory free
3.84 Gb Paging File | 3.19 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 110.78 Gb Total Space | 70.75 Gb Free Space | 63.86% Space Free | Partition Type: NTFS
Drive D: | 1.01 Gb Total Space | 1.00 Gb Free Space | 99.04% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SETHTATUTTLE
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2007/03/06 19:43:52 | 00,983,040 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2008/04/13 20:12:23 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
PRC - [2006/12/22 12:33:10 | 00,109,344 | ---- | M] (Logitech Inc.) -- c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
PRC - [2008/10/01 14:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2006/05/25 12:19:50 | 00,061,440 | ---- | M] (WACOM) -- C:\WINDOWS\System32\digtizer.exe
PRC - [2007/03/06 19:55:42 | 00,643,072 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2007/02/26 14:33:56 | 00,159,744 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2007/02/26 14:33:46 | 00,245,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2008/11/10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2005/09/13 18:30:14 | 00,057,344 | ---- | M] (O2Micro International) -- C:\WINDOWS\system32\o2flash.exe
PRC - [2006/06/10 20:19:46 | 00,032,768 | ---- | M] (Softex Inc.) -- C:\Program Files\Softex\OmniPass\Omniserv.exe
PRC - [2009/01/28 16:44:49 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2007/03/06 19:37:04 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2007/02/02 17:56:52 | 00,118,784 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2006/06/10 19:56:52 | 00,015,360 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
PRC - [2008/04/13 20:12:40 | 00,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\WISPTIS.EXE
PRC - [2002/08/29 06:41:28 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tabbtnu.exe
PRC - [2009/03/25 22:36:46 | 00,061,952 | ---- | M] () -- C:\WINDOWS\system32\userinit.exe
PRC - [2009/03/25 22:38:07 | 00,092,164 | ---- | M] () -- C:\WINDOWS\mse.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008/04/13 20:12:37 | 00,043,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
PRC - [2008/11/18 21:01:53 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/03/25 22:37:08 | 00,071,168 | ---- | M] () -- C:\WINDOWS\system32\8Lx8nFs8.exe
PRC - [2007/02/26 14:34:28 | 00,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2007/02/26 14:33:56 | 00,131,072 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2008/04/13 20:12:37 | 00,271,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
PRC - [2007/02/26 14:33:46 | 00,245,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2007/03/12 04:05:44 | 16,125,440 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2006/06/29 16:32:14 | 00,089,541 | ---- | M] (Agere Systems) -- C:\WINDOWS\AGRSMMSG.exe
PRC - [2006/06/09 01:26:16 | 00,794,713 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/07/12 20:43:28 | 00,090,112 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
PRC - [2006/11/17 18:38:40 | 00,080,688 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
PRC - [2003/08/20 21:24:08 | 00,061,440 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
PRC - [2006/07/22 13:10:08 | 00,233,472 | R--- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
PRC - [2006/11/14 01:33:54 | 00,052,832 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2005/11/04 05:35:18 | 01,052,672 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
PRC - [2006/06/10 20:24:06 | 01,966,080 | ---- | M] () -- C:\Program Files\Softex\OmniPass\scureapp.exe
PRC - [2006/08/25 20:58:16 | 00,020,480 | R--- | M] (Fujitsu Computer Systems Corporation) -- C:\Program Files\Fujitsu\Utils\FjDspMon.exe
PRC - [2006/05/05 03:59:02 | 00,020,480 | R--- | M] (Fujitsu Computer Systems Corporation) -- C:\Program Files\Fujitsu\Utils\fjevents.exe
PRC - [2007/04/29 19:31:50 | 00,647,168 | ---- | M] (Fujitsu Computer Systems) -- C:\Program Files\Fujitsu\Utils\FjMenu.exe
PRC - [2007/02/26 14:33:56 | 00,159,744 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2007/03/06 19:47:02 | 00,819,200 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
PRC - [2007/03/06 19:44:48 | 00,970,752 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
PRC - [2006/07/21 23:12:28 | 00,303,104 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe
PRC - [2006/12/22 12:27:28 | 00,497,176 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2004/12/14 12:07:44 | 00,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
PRC - [2007/08/22 18:38:17 | 00,036,864 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2007/03/06 19:40:30 | 00,487,424 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2008/10/31 15:22:38 | 00,050,480 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aim6.exe
PRC - [2007/02/03 00:38:14 | 02,756,608 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2006/12/22 12:31:28 | 00,244,512 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
PRC - [2004/11/04 19:28:24 | 00,258,048 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2004/11/04 19:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
PRC - [2007/01/13 01:41:40 | 00,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2006/01/24 02:14:10 | 00,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2006/10/27 23:13:48 | 00,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
PRC - [2007/10/08 17:50:56 | 00,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aolsoftware.exe
PRC - [2008/12/19 01:25:25 | 00,634,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
PRC - [2008/12/19 01:25:25 | 00,634,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\internet explorer\iexplore.exe
PRC - [2009/03/27 21:20:24 | 00,498,688 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/10/01 14:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006/05/25 12:19:50 | 00,061,440 | ---- | M] (WACOM) -- C:\WINDOWS\System32\digtizer.exe -- (Digitizer [Auto | Running])
SRV - [2007/03/06 19:55:42 | 00,643,072 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
SRV - [2008/11/09 02:36:23 | 00,137,200 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/10/01 19:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2008/04/13 20:11:55 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll -- (Irmon [Auto | Running])
SRV - [2008/11/10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2006/12/22 12:33:10 | 00,109,344 | ---- | M] (Logitech Inc.) -- c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe -- (LVPrcSrv [Auto | Running])
SRV - [2006/12/22 12:34:52 | 00,105,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher [Auto | Stopped])
SRV - [2007/08/24 06:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2005/09/13 18:30:14 | 00,057,344 | ---- | M] (O2Micro International) -- C:\WINDOWS\system32\o2flash.exe -- (o2flash [Auto | Running])
SRV - [2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/06/10 20:19:46 | 00,032,768 | ---- | M] (Softex Inc.) -- C:\Program Files\Softex\OmniPass\Omniserv.exe -- (omniserv [Auto | Running])
SRV - [2006/10/26 17:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/03/03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Stopped])
SRV - [2009/01/28 16:44:49 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2007/03/06 19:37:04 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
SRV - [2007/03/06 19:43:52 | 00,983,040 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])
SRV - [2007/02/02 17:56:52 | 00,118,784 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service [Auto | Running])
SRV - [2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Disabled | Stopped])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [1999/11/18 20:20:00 | 00,003,872 | ---- | M] (FUJITSU LIMITED.) -- C:\WINDOWS\System32\drivers\ADVNTDRV.SYS -- (ADVNTDRV [On_Demand | Stopped])
DRV - [2007/08/22 14:11:13 | 00,021,425 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])
DRV - [2006/06/29 16:13:08 | 01,160,320 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2006/03/23 03:27:00 | 00,488,992 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\DRIVERS\ar5211.sys -- (AR5211 [On_Demand | Stopped])
DRV - [2006/03/30 18:39:48 | 00,130,432 | ---- | M] (AuthenTec, Inc.) -- C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys -- (ATSWPDRV [On_Demand | Running])
DRV - [2003/08/20 21:24:08 | 00,019,712 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\BtnHnd\BtnHnd.sys -- (BtnHnd [Auto | Running])
DRV - [2004/03/08 12:55:50 | 00,013,567 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv [System | Running])
DRV - [2006/08/28 20:56:42 | 00,008,960 | ---- | M] (FUJITSU LIMITED) -- C:\WINDOWS\system32\drivers\FBIOSDRV.SYS -- (FBIOSDRV [Boot | Running])
DRV - [2006/03/30 00:43:18 | 00,017,920 | R--- | M] (Fujitsu Computer Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\FjBtnDrv.sys -- (Fjbtndrv [On_Demand | Running])
DRV - [2006/01/11 21:21:54 | 00,010,496 | ---- | M] (FUJITSU LIMITED) -- C:\WINDOWS\system32\drivers\FJGPNV.SYS -- (FJGPNV [Boot | Running])
DRV - [2007/04/19 03:05:51 | 00,007,168 | ---- | M] (FUJITSU LIMITED) -- C:\WINDOWS\system32\DRIVERS\FJGSDisk.sys -- (FJGSDisk [Boot | Running])
DRV - [2001/08/01 08:00:22 | 00,005,248 | ---- | M] (FUJITSU LIMITED) -- C:\WINDOWS\system32\DRIVERS\FUJ02B1.sys -- (FUJ02B1 [On_Demand | Running])
DRV - [2004/01/17 23:15:20 | 00,004,864 | ---- | M] (FUJITSU LIMITED) -- C:\WINDOWS\system32\DRIVERS\FUJ02E3.sys -- (FUJ02E3 [On_Demand | Running])
DRV - [2008/04/17 14:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/04/13 12:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2006/05/10 01:32:24 | 00,030,976 | ---- | M] (Wacom Co., Ltd) -- C:\WINDOWS\system32\DRIVERS\hidpen.sys -- (hidpen [On_Demand | Running])
DRV - [2004/12/14 12:07:44 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2004/12/14 12:07:44 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2006/04/12 21:04:39 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2007/02/26 15:59:10 | 05,700,096 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys -- (ialm [On_Demand | Running])
DRV - [2007/02/12 16:36:54 | 00,277,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2006/09/19 18:58:58 | 00,036,608 | ---- | M] (Infineon Technologies AG) -- C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS -- (IFXTPM [On_Demand | Running])
DRV - [2007/03/12 06:32:40 | 04,486,144 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2003/11/08 18:24:17 | 00,012,953 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\itchfltr.sys -- (itchfltr [On_Demand | Running])
DRV - [2003/11/07 05:50:00 | 00,014,092 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\Drivers\LCcFltr.Sys -- (LCcfltr [On_Demand | Running])
DRV - [2003/11/07 05:50:00 | 00,025,502 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys -- (LHidFlt2 [On_Demand | Running])
DRV - [2003/11/07 05:50:00 | 00,037,884 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\Drivers\LHidUsb.Sys -- (LHidUsb [On_Demand | Running])
DRV - [2003/11/07 05:50:00 | 00,070,798 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys -- (LMouFlt2 [On_Demand | Running])
DRV - [2006/12/22 12:30:42 | 01,683,232 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\LVcKap.sys -- (LVcKap [On_Demand | Stopped])
DRV - [2006/12/22 12:32:24 | 01,963,680 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys -- (LVMVDrv [On_Demand | Stopped])
DRV - [2006/12/22 12:32:48 | 00,025,632 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys -- (LVPr2Mon [On_Demand | Running])
DRV - [2006/12/15 01:41:55 | 00,041,248 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\lvusbsta.sys -- (LVUSBSta [On_Demand | Stopped])
DRV - [2007/04/02 05:30:28 | 02,204,672 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\NETw4x32.sys -- (NETw4x32 [On_Demand | Running])
DRV - [2006/10/03 16:23:50 | 00,036,640 | ---- | M] (O2Micro ) -- C:\WINDOWS\system32\DRIVERS\o2media.sys -- (O2MDRDR [Boot | Running])
DRV - [2006/10/12 14:47:16 | 00,033,152 | ---- | M] (O2Micro ) -- C:\WINDOWS\system32\DRIVERS\o2sd.sys -- (O2SDRDR [Boot | Running])
DRV - [2006/03/08 01:44:00 | 00,092,550 | ---- | M] (O2Micro) -- C:\WINDOWS\system32\DRIVERS\ozscr.sys -- (OZSCR [On_Demand | Running])
DRV - [2006/12/15 01:36:25 | 00,014,240 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\DRIVERS\lv302af.sys -- (pepifilter [On_Demand | Stopped])
DRV - [2006/12/15 01:36:36 | 00,936,864 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\DRIVERS\LV302V32.SYS -- (PID_PEPI [On_Demand | Stopped])
DRV - [2004/08/04 08:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/07/31 18:17:04 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2007/02/21 15:16:12 | 00,012,416 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys -- (s24trans [Auto | Running])
DRV - [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2001/08/17 08:10:28 | 00,035,913 | ---- | M] (SMC) -- C:\WINDOWS\system32\DRIVERS\smcirda.sys -- (SMCIRDA [On_Demand | Running])
DRV - [2006/06/09 01:05:14 | 00,193,120 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2006/10/10 22:33:00 | 00,041,600 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\DRIVERS\tosporte.sys -- (tosporte [On_Demand | Running])
DRV - [2007/01/13 00:41:32 | 00,113,792 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\system32\DRIVERS\tosrfbd.sys -- (tosrfbd [On_Demand | Stopped])
DRV - [2006/11/20 20:55:16 | 00,036,480 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\Drivers\tosrfbnp.sys -- (tosrfbnp [On_Demand | Stopped])
DRV - [2005/08/01 19:45:00 | 00,064,896 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\Drivers\tosrfcom.sys -- (Tosrfcom [System | Running])
DRV - [2007/01/24 17:57:38 | 00,073,728 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys -- (Tosrfhid [On_Demand | Stopped])
DRV - [2005/01/06 16:42:00 | 00,018,612 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\DRIVERS\tosrfnds.sys -- (tosrfnds [On_Demand | Stopped])
DRV - [2007/01/13 00:16:54 | 00,040,576 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\system32\DRIVERS\tosrfusb.sys -- (tosrfusb [On_Demand | Stopped])
DRV - [2008/04/13 14:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2006/11/02 11:01:00 | 00,250,496 | ---- | M] (Marvell) -- C:\WINDOWS\system32\DRIVERS\yk51x86.sys -- (yukonwxp [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.fujitsu.com/computers

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.fujitsu.com/computers

IE - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\S-1-5-21-3548012073-2917716560-2688870898-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\S-1-5-21-3548012073-2917716560-2688870898-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run (AuthenTec, Inc.)
O4 - HKLM..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP File not found
O4 - HKLM..\Run: [FjStrtAp] C:\Program Files\Fujitsu\Utils\FjStrtAp.exe (Fujitsu Computer Systems)
O4 - HKLM..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" (Intel Corporation)
O4 - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide ()
O4 - HKLM..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe ()
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" (Cyberlink Corp.)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Snippet] "C:\Program Files\Microsoft Experience Pack\Snipping Tool\SnippingTool.exe" /i (Microsoft Corporation)
O4 - HKLM..\Run: [SSUtility] C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" File not found
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume (Microsoft Corporation)
O4 - HKLM..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe File not found
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp (AOL LLC)
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h File not found
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - Reg Error: Value error.
O8 - Extra context menu item: Add to EverNote - res://C:\Program Files\EverNote\EverNote\enbar.dll/2000
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:\Program Files\EverNote\EverNote\enbar.dll (EverNote Corporation)
O9 - Extra 'Tools' menuitem : Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:\Program Files\EverNote\EverNote\enbar.dll (EverNote Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab (StagingUI Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/Facebo...toUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} http://a516.g.akamai.net/f/516/25175/7d/ru...cat-no-eula.cab (Citrix ICA Client)
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab (MSN Games – Buddy Invite)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab (ZonePAChat Object)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/Facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} http://launch.gamespyarcade.com/software/launch/alaunch.cab (GSDACtl Class)
O16 - DPF: {809A6301-7B40-4436-A02C-87B8D3D7D9E3} http://zone.msn.com/bingame/zpagames/zpa_dmno.cab55579.cab (ZPA_DMNO Object)
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C228AEDD-FC47-11D3-AF87-D128A9381404} http://www.link-systems.com/~sdk/SDK/paste/lsiw2k.cab (LSICapture Control)
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} http://zone.msn.com/bingame/zpagames/zpa_pool.cab56649.cab (CBankshotZoneCtrl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} http://www.miniclip.com/igloader/igloader.CAB (igLoader Content on Demand)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/binframework/v10/StProxy.cab55579.cab (MSN Games – Game Communicator)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://198.82.159.136/activex/AMC.cab (AxisMediaControlEmb Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Boss
O18 - Protocol\Handler\bw+0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw+0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\offline-8876480 {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\loginkey: DllName - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll (Microsoft Corporation)
O20 - Winlogon\Notify\OPXPGina: DllName - C:\Program Files\Softex\OmniPass\opxpgina.dll - C:\Program Files\Softex\OmniPass\opxpgina.dll ()
O20 - Winlogon\Notify\TabBtnWL: DllName - TabBtnWL.dll - C:\WINDOWS\system32\TabBtnWL.dll (Microsoft Corporation)
O20 - Winlogon\Notify\tpgwlnotify: DllName - tpgwlnot.dll - C:\WINDOWS\system32\tpgwlnot.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/15 15:34:16 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[1 C:\Documents and Settings\Administrator\My Documents\*.tmp files]
[2009/03/27 21:20:02 | 00,498,688 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe
[2009/03/27 17:11:17 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
[2009/03/25 23:30:00 | 00,092,164 | ---- | C] () -- C:\WINDOWS\mse.exe
[2009/03/25 23:25:12 | 00,092,164 | ---- | C] () -- C:\WINDOWS\msd.exe
[2009/03/25 22:59:40 | 00,092,164 | ---- | C] () -- C:\WINDOWS\msc.exe
[2009/03/25 22:44:13 | 00,092,164 | ---- | C] () -- C:\WINDOWS\msb.exe
[2009/03/25 22:38:10 | 00,092,164 | ---- | C] () -- C:\WINDOWS\msa.exe
[2009/03/25 22:38:08 | 00,000,256 | -H-- | C] () -- C:\WINDOWS\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At48.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At47.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At46.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At45.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At44.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At43.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At42.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At41.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At40.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At39.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At38.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At37.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At36.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At35.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At34.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At33.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At32.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At31.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At30.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At29.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At28.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At27.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At26.job
[2009/03/25 22:37:08 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At25.job
[2009/03/25 22:36:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd
[2009/03/25 22:36:48 | 00,071,168 | ---- | C] () -- C:\WINDOWS\System32\8Lx8nFs8.exe
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2009/03/25 22:36:48 | 00,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2009/03/25 22:36:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\8Lx8nFs8.exe.a_a
[2009/03/24 21:56:24 | 01,388,704 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\scan.jpg
[2009/03/24 21:51:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My Albums
[2009/03/23 09:29:12 | 00,011,803 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\ashleyworks.docx
[2009/03/23 09:12:54 | 00,010,324 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Citations.docx
[2009/03/22 21:22:38 | 00,014,848 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\ashleys paper.docx
[2009/03/22 18:26:00 | 00,001,783 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Fighter Ace II.lnk
[2009/03/22 13:37:21 | 00,000,872 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\FrostWire 4.17.2.lnk
[2009/03/22 13:33:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Downloads
[2009/03/22 13:32:35 | 00,125,629 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\TaylorLittle_com_Complete_Pic_Vid_Collection_-MC-.3315181.TPB.torrent
[2009/03/22 13:28:56 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\µTorrent.lnk
[2009/03/22 13:28:56 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2009/03/22 13:28:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2009/03/20 22:30:14 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009/03/17 21:53:30 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/03/16 21:24:38 | 00,001,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Flight Simulator 2002.lnk
[2009/03/15 15:34:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Picture Package
[2009/03/15 15:33:35 | 00,000,000 | ---D | C] -- C:\Program Files\PIXELA
[2009/03/15 15:31:48 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2009/03/15 15:31:47 | 00,000,000 | ---D | C] -- C:\Drivers
[2009/03/15 15:31:13 | 00,089,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5DB.DLL
[2009/03/15 15:31:04 | 00,013,567 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS
[2009/03/15 15:31:04 | 00,000,000 | ---D | C] -- C:\Program Files\Sony Corporation
[2009/03/15 15:24:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\WinZip
[2009/03/15 15:24:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/03/15 00:48:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\FrostWire
[2009/03/15 00:48:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\FrostWire
[2009/03/15 00:48:26 | 00,000,000 | ---D | C] -- C:\Program Files\FrostWire
[2009/03/11 00:36:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\vida

========== Files - Modified Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[1 C:\Documents and Settings\Administrator\My Documents\*.tmp files]
[2009/03/27 21:20:24 | 00,498,688 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe
[2009/03/27 21:18:56 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/03/27 21:18:56 | 00,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/03/27 21:18:26 | 00,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/03/27 21:18:26 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/03/27 21:00:07 | 00,000,256 | -H-- | M] () -- C:\WINDOWS\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2009/03/27 21:00:00 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2009/03/27 21:00:00 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2009/03/27 20:46:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/03/27 20:20:40 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/27 20:20:38 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2009/03/27 20:20:38 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2009/03/27 20:18:45 | 00,003,654 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\FjMenu1.XML
[2009/03/27 17:28:55 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/03/27 17:28:55 | 00,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/03/27 17:28:10 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/03/27 17:28:10 | 00,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/03/27 17:26:15 | 00,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2009/03/27 17:26:14 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2009/03/27 17:11:21 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
[2009/03/27 09:06:24 | 00,098,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/27 08:00:00 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2009/03/27 08:00:00 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2009/03/27 07:00:00 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2009/03/27 07:00:00 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2009/03/27 06:00:00 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2009/03/27 06:00:00 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2009/03/27 05:00:00 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2009/03/27 05:00:00 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2009/03/27 04:00:20 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2009/03/27 04:00:20 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2009/03/27 00:26:20 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2009/03/27 00:15:20 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2009/03/26 23:00:20 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2009/03/26 23:00:20 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2009/03/26 16:48:28 | 00,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2009/03/26 16:48:27 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/03/26 14:34:49 | 00,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2009/03/26 14:34:48 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009/03/26 08:39:28 | 00,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2009/03/26 08:39:28 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009/03/25 23:38:06 | 00,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/03/25 23:38:05 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/03/25 23:32:08 | 02,644,948 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2009/03/25 22:38:07 | 00,092,164 | ---- | M] () -- C:\WINDOWS\mse.exe
[2009/03/25 22:38:07 | 00,092,164 | ---- | M] () -- C:\WINDOWS\msd.exe
[2009/03/25 22:38:07 | 00,092,164 | ---- | M] () -- C:\WINDOWS\msc.exe
[2009/03/25 22:38:07 | 00,092,164 | ---- | M] () -- C:\WINDOWS\msb.exe
[2009/03/25 22:38:07 | 00,092,164 | ---- | M] () -- C:\WINDOWS\msa.exe
[2009/03/25 22:37:08 | 00,071,168 | ---- | M] () -- C:\WINDOWS\System32\8Lx8nFs8.exe
[2009/03/25 22:36:48 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\8Lx8nFs8.exe.a_a
[2009/03/25 22:36:46 | 00,061,952 | ---- | M] () -- C:\WINDOWS\System32\userinit.exe
[2009/03/25 19:57:14 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009/03/25 19:57:14 | 00,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/03/25 19:55:51 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/03/25 19:55:51 | 00,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/03/24 23:16:37 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/03/24 23:16:37 | 00,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/03/24 22:00:22 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/03/24 22:00:22 | 00,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/03/24 21:58:07 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/03/24 21:58:07 | 00,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/03/24 21:56:24 | 01,388,704 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\scan.jpg
[2009/03/23 09:29:34 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/03/23 09:29:34 | 00,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/03/23 09:29:16 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/03/23 09:29:16 | 00,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/03/23 09:29:12 | 00,011,803 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\ashleyworks.docx
[2009/03/23 09:25:00 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/03/23 09:25:00 | 00,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/03/23 09:21:30 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/03/23 09:21:30 | 00,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/03/23 09:20:57 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/03/23 09:20:57 | 00,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/03/23 09:15:23 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/03/23 09:15:23 | 00,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/03/23 09:12:54 | 00,010,324 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Citations.docx
[2009/03/22 23:41:51 | 00,014,848 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\ashleys paper.docx
[2009/03/22 18:26:00 | 00,001,783 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Fighter Ace II.lnk
[2009/03/22 13:37:21 | 00,000,872 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\FrostWire 4.17.2.lnk
[2009/03/22 13:32:37 | 00,125,629 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\TaylorLittle_com_Complete_Pic_Vid_Collection_-MC-.3315181.TPB.torrent
[2009/03/22 13:28:56 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\µTorrent.lnk
[2009/03/21 16:27:01 | 00,001,095 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/17 21:53:30 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/03/16 21:24:38 | 00,001,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Flight Simulator 2002.lnk
[2009/03/15 15:34:16 | 00,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/03/15 00:21:23 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/11 21:48:55 | 01,584,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 17:06:27 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/08 18:01:56 | 00,483,924 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/08 18:01:56 | 00,411,142 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/08 18:01:56 | 00,065,446 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
< End of report >

#4 tut2734

tut2734
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 27 March 2009 - 08:50 PM

GMER log:
GMER 1.0.15.14966 - http://www.gmer.net
Rootkit scan 2009-03-27 21:49:33
Windows 5.1.2600 Service Pack 3


---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[620] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 42F0F341 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[620] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 430A187F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[620] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 430A1800 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[620] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 430A1844 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[620] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 430A178C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[620] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 430A17C6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[620] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 430A18BA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[620] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 42F316F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[2916] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 42F0F341 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[2916] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 430A187F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[2916] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 430A1800 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[2916] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 430A1844 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[2916] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 430A178C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[2916] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 430A17C6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[2916] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 430A18BA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[2916] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 42F316F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\hkcmd.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A12EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\hkcmd.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A12C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\hkcmd.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A12C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\hkcmd.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A12C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Administrator\Desktop\yqohwft0.exe[676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00802EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Administrator\Desktop\yqohwft0.exe[676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00802C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Administrator\Desktop\yqohwft0.exe[676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00802C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Administrator\Desktop\yqohwft0.exe[676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00802C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\igfxsrvc.exe[688] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [012A2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\igfxsrvc.exe[688] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [012A2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\igfxsrvc.exe[688] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [012A2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\igfxsrvc.exe[688] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [012A2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe[724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00BC2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe[724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00BC2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe[724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00BC2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe[724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00BC2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[1124] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DB2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[1124] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DB2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[1124] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00DB2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[1124] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DB2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1248] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00E92EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1248] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00E92C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1248] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00E92C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1248] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00E92C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [008C2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [008C2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [008C2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [008C2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Messenger\msmsgs.exe[1664] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B12EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Messenger\msmsgs.exe[1664] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B12C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Messenger\msmsgs.exe[1664] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B12C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Messenger\msmsgs.exe[1664] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B12C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1816] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A72EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1816] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A72C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1816] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A72C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1816] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A72C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\8Lx8nFs8.exe[1968] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [008A2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\8Lx8nFs8.exe[1968] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [008A2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\8Lx8nFs8.exe[1968] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [008A2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\8Lx8nFs8.exe[1968] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [008A2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\AGRSMMSG.exe[2156] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003D2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\AGRSMMSG.exe[2156] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003D2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\AGRSMMSG.exe[2156] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003D2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\AGRSMMSG.exe[2156] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003D2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[2188] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A32EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[2188] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A32C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[2188] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A32C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[2188] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A32C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2228] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003A2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2228] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003A2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2228] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003A2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2228] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003A2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Softex\OmniPass\scureapp.exe[2320] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00FC2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Softex\OmniPass\scureapp.exe[2320] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00FC2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Softex\OmniPass\scureapp.exe[2320] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00FC2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Softex\OmniPass\scureapp.exe[2320] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00FC2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fingerprint Sensor\ATSwpNav.exe[2352] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B82EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fingerprint Sensor\ATSwpNav.exe[2352] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B82C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fingerprint Sensor\ATSwpNav.exe[2352] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B82C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fingerprint Sensor\ATSwpNav.exe[2352] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B82C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Utils\FjMenu.exe[2372] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtCreateFile] [00DE2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Utils\FjMenu.exe[2372] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDeviceIoControlFile] [00DE2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Utils\FjMenu.exe[2372] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtClose] [00DE2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Utils\FjMenu.exe[2372] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDuplicateObject] [00DE2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00362EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00362C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00362C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00362C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[2596] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00992EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[2596] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00992C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[2596] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00992C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[2596] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00992C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe[2740] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003C2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe[2740] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003C2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe[2740] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003C2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe[2740] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003C2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[2772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B72EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[2772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B72C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[2772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B72C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[2772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B72C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\igfxext.exe[2788] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [011B2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\igfxext.exe[2788] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [011B2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\igfxext.exe[2788] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [011B2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\igfxext.exe[2788] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [011B2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Utils\FjDspMon.exe[2876] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00FF2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Utils\FjDspMon.exe[2876] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00FF2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Utils\FjDspMon.exe[2876] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00FF2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Utils\FjDspMon.exe[2876] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00FF2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\internet explorer\iexplore.exe[2916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00932EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\internet explorer\iexplore.exe[2916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00932C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\internet explorer\iexplore.exe[2916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00932C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\internet explorer\iexplore.exe[2916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00932C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SYSTEM32\WISPTIS.EXE[2996] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [008F2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SYSTEM32\WISPTIS.EXE[2996] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [008F2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SYSTEM32\WISPTIS.EXE[2996] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [008F2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SYSTEM32\WISPTIS.EXE[2996] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [008F2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\tabbtnu.exe[3124] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [008C2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\tabbtnu.exe[3124] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [008C2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\tabbtnu.exe[3124] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [008C2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\tabbtnu.exe[3124] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [008C2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\userinit.exe[3140] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00882EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\userinit.exe[3140] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00882C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\userinit.exe[3140] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00882C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\userinit.exe[3140] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00882C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [005A2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [005A2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [005A2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [005A2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CreateWindowExA] [004106D0] C:\WINDOWS\mse.exe
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CreateWindowExW] [00410760] C:\WINDOWS\mse.exe
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!ShowWindow] [004107F0] C:\WINDOWS\mse.exe
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\wininet.dll [USER32.dll!CreateWindowExW] [00410760] C:\WINDOWS\mse.exe
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\wininet.dll [USER32.dll!SetWindowPos] [004108B0] C:\WINDOWS\mse.exe
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [004106D0] C:\WINDOWS\mse.exe
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [00410760] C:\WINDOWS\mse.exe
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [004108B0] C:\WINDOWS\mse.exe
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!ShowWindow] [004107F0] C:\WINDOWS\mse.exe
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!CreateWindowExW] [00410760] C:\WINDOWS\mse.exe
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!ShowWindow] [004107F0] C:\WINDOWS\mse.exe
IAT C:\WINDOWS\mse.exe[3176] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!SetWindowPos] [004108B0] C:\WINDOWS\mse.exe
IAT C:\WINDOWS\system32\ctfmon.exe[3292] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009E2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[3292] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009E2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[3292] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009E2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[3292] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009E2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3372] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D42EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3372] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D42C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3372] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D42C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3372] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D42C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C42EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C42C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C42C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C42C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe[3544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00CA2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe[3544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00CA2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe[3544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00CA2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe[3544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00CA2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\igfxpers.exe[3564] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00F32EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\igfxpers.exe[3564] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00F32C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\igfxpers.exe[3564] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00F32C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\igfxpers.exe[3564] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00F32C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003C2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003C2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003C2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003C2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\MSVCRT.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\MSVCRT.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] [0139E070] c:\program files\aim6\services\imApp\ver6_8_15_1\imAppService.dll (imAppService EE Application Service/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\Iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\Iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aim6.exe[3608] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe[3728] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003E2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe[3728] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003E2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe[3728] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003E2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe[3728] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003E2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Utils\fjevents.exe[3772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009F2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Utils\fjevents.exe[3772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009F2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Utils\fjevents.exe[3772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009F2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Fujitsu\Utils\fjevents.exe[3772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009F2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[4056] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DD2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[4056] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DD2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[4056] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00DD2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[4056] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DD2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\RTHDCPL.EXE[4060] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01A62EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\RTHDCPL.EXE[4060] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01A62C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\RTHDCPL.EXE[4060] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01A62C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\RTHDCPL.EXE[4060] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01A62C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[4068] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DE2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[4068] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DE2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[4068] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00DE2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[4068] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DE2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01282EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01282C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01282C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01282C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe[4472] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00962EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe[4472] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00962C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe[4472] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00962C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe[4472] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00962C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A62EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A62C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A62C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A62C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe[4792] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtCreateFile] [00802EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe[4792] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDeviceIoControlFile] [00802C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe[4792] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtClose] [00802C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe[4792] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDuplicateObject] [00802C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[4820] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00E42EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[4820] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00E42C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[4820] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00E42C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[4820] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00E42C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4892] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00BB2EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4892] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00BB2C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4892] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00BB2C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4892] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00BB2C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[4952] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00E52EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[4952] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00E52C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[4952] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00E52C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[4952] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00E52C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00392EC0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00392C30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00392C90] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00392C60] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\MSVCRT.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\MSVCRT.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\AIM6\aolsoftware.exe[5328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----

#5 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:02:52 AM

Posted 28 March 2009 - 10:52 AM

Run OTListIt2.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTLI
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    
    :Files
    C:\WINDOWS\mse.exe
    C:\WINDOWS\msd.exe
    C:\WINDOWS\msc.exe
    C:\WINDOWS\msb.exe
    C:\WINDOWS\msa.exe
    C:\WINDOWS\tasks\At??.job
    C:\WINDOWS\System32\8Lx8nFs8.exe
    C:\WINDOWS\System32\8Lx8nFs8.exe.a_a
    
    :Commands
    [purity]
    [emptytemp]
    [start explorer]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post a new OTL2 log

===================


Please do an online scan with Kaspersky WebScanner.
  • Please visit the Kaspersky Online Scanner website.
  • Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#6 tut2734

tut2734
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 28 March 2009 - 12:04 PM

========== OTLISTIT ==========
Process explorer.exe killed successfully!
========== FILES ==========
C:\WINDOWS\mse.exe moved successfully.
C:\WINDOWS\msd.exe moved successfully.
C:\WINDOWS\msc.exe moved successfully.
C:\WINDOWS\msb.exe moved successfully.
C:\WINDOWS\msa.exe moved successfully.
C:\WINDOWS\tasks\At1.job moved successfully.
C:\WINDOWS\tasks\At10.job moved successfully.
C:\WINDOWS\tasks\At11.job moved successfully.
C:\WINDOWS\tasks\At12.job moved successfully.
C:\WINDOWS\tasks\At13.job moved successfully.
C:\WINDOWS\tasks\At14.job moved successfully.
C:\WINDOWS\tasks\At15.job moved successfully.
C:\WINDOWS\tasks\At16.job moved successfully.
C:\WINDOWS\tasks\At17.job moved successfully.
C:\WINDOWS\tasks\At18.job moved successfully.
C:\WINDOWS\tasks\At19.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At20.job moved successfully.
C:\WINDOWS\tasks\At21.job moved successfully.
C:\WINDOWS\tasks\At22.job moved successfully.
C:\WINDOWS\tasks\At23.job moved successfully.
C:\WINDOWS\tasks\At24.job moved successfully.
C:\WINDOWS\tasks\At25.job moved successfully.
C:\WINDOWS\tasks\At26.job moved successfully.
C:\WINDOWS\tasks\At27.job moved successfully.
C:\WINDOWS\tasks\At28.job moved successfully.
C:\WINDOWS\tasks\At29.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At30.job moved successfully.
C:\WINDOWS\tasks\At31.job moved successfully.
C:\WINDOWS\tasks\At32.job moved successfully.
C:\WINDOWS\tasks\At33.job moved successfully.
C:\WINDOWS\tasks\At34.job moved successfully.
C:\WINDOWS\tasks\At35.job moved successfully.
C:\WINDOWS\tasks\At36.job moved successfully.
C:\WINDOWS\tasks\At37.job moved successfully.
C:\WINDOWS\tasks\At38.job moved successfully.
C:\WINDOWS\tasks\At39.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
C:\WINDOWS\tasks\At40.job moved successfully.
C:\WINDOWS\tasks\At41.job moved successfully.
C:\WINDOWS\tasks\At42.job moved successfully.
C:\WINDOWS\tasks\At43.job moved successfully.
C:\WINDOWS\tasks\At44.job moved successfully.
C:\WINDOWS\tasks\At45.job moved successfully.
C:\WINDOWS\tasks\At46.job moved successfully.
C:\WINDOWS\tasks\At47.job moved successfully.
C:\WINDOWS\tasks\At48.job moved successfully.
C:\WINDOWS\tasks\At5.job moved successfully.
C:\WINDOWS\tasks\At6.job moved successfully.
C:\WINDOWS\tasks\At7.job moved successfully.
C:\WINDOWS\tasks\At8.job moved successfully.
C:\WINDOWS\tasks\At9.job moved successfully.
C:\WINDOWS\System32\8Lx8nFs8.exe moved successfully.
C:\WINDOWS\System32\8Lx8nFs8.exe.a_a moved successfully.
========== COMMANDS ==========
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Temp\hsperfdata_Administrator\6084 scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Temp\hpodvd09.log scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Temp\IadHide5.dll scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Temp\~DF69C3.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5b0.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully

OTListIt2 by OldTimer - Version 2.0.7.2 log created on 03282009_125417

Files moved on Reboot...
File C:\Documents and Settings\Administrator\Local Settings\Temp\hsperfdata_Administrator\6084 not found!
C:\Documents and Settings\Administrator\Local Settings\Temp\hpodvd09.log moved successfully.
DllUnregisterServer procedure not found in C:\Documents and Settings\Administrator\Local Settings\Temp\IadHide5.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\IadHide5.dll NOT unregistered.
C:\Documents and Settings\Administrator\Local Settings\Temp\IadHide5.dll moved successfully.
File C:\Documents and Settings\Administrator\Local Settings\Temp\~DF69C3.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_5b0.dat not found!

Registry entries deleted on Reboot...

#7 tut2734

tut2734
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 28 March 2009 - 04:13 PM

Kaspersky Scan:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Saturday, March 28, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Saturday, March 28, 2009 17:59:24
Records in database: 1981585
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Files scanned: 117789
Threat name: 2
Infected objects: 19
Suspicious objects: 0
Duration of the scan: 01:34:15


File name / Threat name / Threats count
C:\WINDOWS\system32\userinit.exe/C:\WINDOWS\system32\userinit.exe Infected: Packed.Win32.Katusha.b 1
C:\Program Files\Softex\OmniPass\SCUREDLL.dll/C:\Program Files\Softex\OmniPass\SCUREDLL.dll Infected: Trojan.Win32.Agent2.gny 15
C:\Program Files\Softex\OmniPass\scuredll.dll Infected: Trojan.Win32.Agent2.gny 1
C:\WINDOWS\system32\userinit.exe Infected: Packed.Win32.Katusha.b 1
C:\_OTListIt\MovedFiles\03282009_125417\WINDOWS\System32\8Lx8nFs8.exe Infected: Packed.Win32.Katusha.b 1

The selected area was scanned.


Just to keep you updated on the computer; there are still pop-ups and no improvement as of yet.

#8 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:02:52 AM

Posted 28 March 2009 - 06:16 PM

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, in the menu, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
Please post the contents of the log from DrWeb in your next reply.
Also post a new log from OTListIt2.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#9 tut2734

tut2734
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 29 March 2009 - 12:08 AM

userinit.exe;c:\windows\system32;Trojan.Fakealert.4130;Deleted.;
SDFix.exe\SDFix\apps\Process.exe;C:\Documents and Settings\Administrator\My Documents\SDFix.exe;Tool.Prockill;;
SDFix.exe;C:\Documents and Settings\Administrator\My Documents;Archive contains infected objects;Moved.;
GoogleToolbarManager_11CB06797F2F038A.exe;C:\Program Files\Google\Google Toolbar\Component;Probably DLOADER.Trojan;;
hpqwrg.exe;C:\Program Files\HP\Digital Imaging\bin;Trojan.Fakealert.4131;Deleted.;
A0014614.exe;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP103;Tool.Prockill;;
A0014616.exe;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP103;Tool.ShutDown.14;;
A0014639.exe;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP103;Tool.Prockill;;
A0014641.exe;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP103;Tool.ShutDown.14;;
A0014657.exe/data002\32788R22FWJFW\psexec.cfexe;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP103\A0014657.exe/data002;Program.PsExec.171;;
data002;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP103;Archive contains infected objects;;
A0014657.exe;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP103;Container contains infected objects;Moved.;
A0016274.bat;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP120;Probably BATCH.Virus;;
A0016297.exe;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP121;Tool.Prockill;;
A0016307.bat;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP121;Probably BATCH.Virus;;
A0016367.bat;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP122;Probably BATCH.Virus;;
A0016380.EXE;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP122;Program.PsExec.170;;
A0016684.exe/data002\32788R22FWJFW\C.bat;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP123\A0016684.exe/data002;Probably BATCH.Virus;;
A0016684.exe/data002\32788R22FWJFW\psexec.cfexe;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP123\A0016684.exe/data002;Program.PsExec.171;;
data002;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP123;Archive contains infected objects;;
A0016684.exe;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP123;Container contains infected objects;Moved.;
A0016697.dll;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP123;Adware.Vapsup.63;;
A0016698.dll;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP123;Adware.Vapsup.63;;
A0016700.dll;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP123;Trojan.BhoBot.70;Deleted.;
A0016701.dll;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP123;Adware.Vapsup.63;;
A0016702.dll;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP123;Adware.Vapsup.63;;
A0018062.exe;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP132;Adware.TryMedia;;
A0018099.bat;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP132;Probably BATCH.Virus;;
A0019588.exe;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP187;Trojan.Fakealert.4130;Deleted.;
A0019591.exe;C:\System Volume Information\_restore{996E336A-58F5-476F-9F9E-844E1723D7CB}\RP187;Trojan.Fakealert.4131;Deleted.;

#10 tut2734

tut2734
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 29 March 2009 - 12:10 AM

OTListIt logfile created on: 3/29/2009 1:09:36 AM - Run 2
OTListIt2 by OldTimer - Version 2.0.7.2 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Tablet PC Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 69.92% Memory free
3.84 Gb Paging File | 3.29 Gb Available in Paging File | 85.68% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 110.78 Gb Total Space | 68.99 Gb Free Space | 62.28% Space Free | Partition Type: NTFS
Drive D: | 1.01 Gb Total Space | 1.00 Gb Free Space | 99.04% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SETHTATUTTLE
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2007/03/06 19:43:52 | 00,983,040 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2008/04/13 20:12:23 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
PRC - [2006/12/22 12:33:10 | 00,109,344 | ---- | M] (Logitech Inc.) -- c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
PRC - [2008/10/01 14:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2006/05/25 12:19:50 | 00,061,440 | ---- | M] (WACOM) -- C:\WINDOWS\System32\digtizer.exe
PRC - [2007/03/06 19:55:42 | 00,643,072 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2007/02/26 14:33:56 | 00,159,744 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2007/02/26 14:33:46 | 00,245,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2008/11/10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2005/09/13 18:30:14 | 00,057,344 | ---- | M] (O2Micro International) -- C:\WINDOWS\system32\o2flash.exe
PRC - [2006/06/10 20:19:46 | 00,032,768 | ---- | M] (Softex Inc.) -- C:\Program Files\Softex\OmniPass\Omniserv.exe
PRC - [2009/01/28 16:44:49 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2007/03/06 19:37:04 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2007/02/02 17:56:52 | 00,118,784 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2006/06/10 19:56:52 | 00,015,360 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
PRC - [2008/04/13 20:12:40 | 00,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\WISPTIS.EXE
PRC - [2002/08/29 06:41:28 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tabbtnu.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008/04/13 20:12:37 | 00,043,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
PRC - [2008/04/13 20:12:37 | 00,271,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
PRC - [2007/02/26 14:34:28 | 00,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2007/02/26 14:33:56 | 00,131,072 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2007/03/12 04:05:44 | 16,125,440 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2006/06/29 16:32:14 | 00,089,541 | ---- | M] (Agere Systems) -- C:\WINDOWS\AGRSMMSG.exe
PRC - [2006/06/09 01:26:16 | 00,794,713 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007/02/26 14:33:46 | 00,245,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2006/07/12 20:43:28 | 00,090,112 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
PRC - [2006/11/17 18:38:40 | 00,080,688 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
PRC - [2003/08/20 21:24:08 | 00,061,440 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
PRC - [2006/07/22 13:10:08 | 00,233,472 | R--- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
PRC - [2006/11/14 01:33:54 | 00,052,832 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2005/11/04 05:35:18 | 01,052,672 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
PRC - [2006/06/10 20:24:06 | 01,966,080 | ---- | M] () -- C:\Program Files\Softex\OmniPass\scureapp.exe
PRC - [2007/03/06 19:47:02 | 00,819,200 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
PRC - [2007/03/06 19:44:48 | 00,970,752 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
PRC - [2006/07/21 23:12:28 | 00,303,104 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe
PRC - [2006/12/22 12:27:28 | 00,497,176 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2006/08/25 20:58:16 | 00,020,480 | R--- | M] (Fujitsu Computer Systems Corporation) -- C:\Program Files\Fujitsu\Utils\FjDspMon.exe
PRC - [2006/05/05 03:59:02 | 00,020,480 | R--- | M] (Fujitsu Computer Systems Corporation) -- C:\Program Files\Fujitsu\Utils\fjevents.exe
PRC - [2007/04/29 19:31:50 | 00,647,168 | ---- | M] (Fujitsu Computer Systems) -- C:\Program Files\Fujitsu\Utils\FjMenu.exe
PRC - [2007/02/26 14:33:56 | 00,159,744 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2004/12/14 12:07:44 | 00,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
PRC - [2009/02/27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
PRC - [2007/08/22 18:38:17 | 00,036,864 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2008/11/18 21:01:53 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/03/06 19:40:30 | 00,487,424 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/12/22 12:31:28 | 00,244,512 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
PRC - [2007/02/03 00:38:14 | 02,756,608 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2004/11/04 19:28:24 | 00,258,048 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2007/01/13 01:41:40 | 00,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2006/01/24 02:14:10 | 00,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2006/10/27 23:13:48 | 00,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
PRC - [2004/11/04 19:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
PRC - [2008/12/19 01:25:25 | 00,634,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\internet explorer\iexplore.exe
PRC - [2009/03/27 21:20:24 | 00,498,688 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/10/01 14:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006/05/25 12:19:50 | 00,061,440 | ---- | M] (WACOM) -- C:\WINDOWS\System32\digtizer.exe -- (Digitizer [Auto | Running])
SRV - [2007/03/06 19:55:42 | 00,643,072 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
SRV - [2008/11/09 02:36:23 | 00,137,200 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/10/01 19:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2008/04/13 20:11:55 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll -- (Irmon [Auto | Running])
SRV - [2008/11/10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2006/12/22 12:33:10 | 00,109,344 | ---- | M] (Logitech Inc.) -- c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe -- (LVPrcSrv [Auto | Running])
SRV - [2006/12/22 12:34:52 | 00,105,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher [Auto | Stopped])
SRV - [2007/08/24 06:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2005/09/13 18:30:14 | 00,057,344 | ---- | M] (O2Micro International) -- C:\WINDOWS\system32\o2flash.exe -- (o2flash [Auto | Running])
SRV - [2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/06/10 20:19:46 | 00,032,768 | ---- | M] (Softex Inc.) -- C:\Program Files\Softex\OmniPass\Omniserv.exe -- (omniserv [Auto | Running])
SRV - [2006/10/26 17:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/03/03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Stopped])
SRV - [2009/01/28 16:44:49 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2007/03/06 19:37:04 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
SRV - [2007/03/06 19:43:52 | 00,983,040 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])
SRV - [2007/02/02 17:56:52 | 00,118,784 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service [Auto | Running])
SRV - [2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Disabled | Stopped])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [1999/11/18 20:20:00 | 00,003,872 | ---- | M] (FUJITSU LIMITED.) -- C:\WINDOWS\System32\drivers\ADVNTDRV.SYS -- (ADVNTDRV [On_Demand | Stopped])
DRV - [2007/08/22 14:11:13 | 00,021,425 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])
DRV - [2006/06/29 16:13:08 | 01,160,320 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2006/03/23 03:27:00 | 00,488,992 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\DRIVERS\ar5211.sys -- (AR5211 [On_Demand | Stopped])
DRV - [2006/03/30 18:39:48 | 00,130,432 | ---- | M] (AuthenTec, Inc.) -- C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys -- (ATSWPDRV [On_Demand | Running])
DRV - [2003/08/20 21:24:08 | 00,019,712 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\BtnHnd\BtnHnd.sys -- (BtnHnd [Auto | Running])
DRV - [2004/03/08 12:55:50 | 00,013,567 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv [System | Running])
DRV - [2006/08/28 20:56:42 | 00,008,960 | ---- | M] (FUJITSU LIMITED) -- C:\WINDOWS\system32\drivers\FBIOSDRV.SYS -- (FBIOSDRV [Boot | Running])
DRV - [2006/03/30 00:43:18 | 00,017,920 | R--- | M] (Fujitsu Computer Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\FjBtnDrv.sys -- (Fjbtndrv [On_Demand | Running])
DRV - [2006/01/11 21:21:54 | 00,010,496 | ---- | M] (FUJITSU LIMITED) -- C:\WINDOWS\system32\drivers\FJGPNV.SYS -- (FJGPNV [Boot | Running])
DRV - [2007/04/19 03:05:51 | 00,007,168 | ---- | M] (FUJITSU LIMITED) -- C:\WINDOWS\system32\DRIVERS\FJGSDisk.sys -- (FJGSDisk [Boot | Running])
DRV - [2001/08/01 08:00:22 | 00,005,248 | ---- | M] (FUJITSU LIMITED) -- C:\WINDOWS\system32\DRIVERS\FUJ02B1.sys -- (FUJ02B1 [On_Demand | Running])
DRV - [2004/01/17 23:15:20 | 00,004,864 | ---- | M] (FUJITSU LIMITED) -- C:\WINDOWS\system32\DRIVERS\FUJ02E3.sys -- (FUJ02E3 [On_Demand | Running])
DRV - [2008/04/17 14:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/04/13 12:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2006/05/10 01:32:24 | 00,030,976 | ---- | M] (Wacom Co., Ltd) -- C:\WINDOWS\system32\DRIVERS\hidpen.sys -- (hidpen [On_Demand | Running])
DRV - [2004/12/14 12:07:44 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2004/12/14 12:07:44 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2006/04/12 21:04:39 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2007/02/26 15:59:10 | 05,700,096 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys -- (ialm [On_Demand | Running])
DRV - [2007/02/12 16:36:54 | 00,277,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2006/09/19 18:58:58 | 00,036,608 | ---- | M] (Infineon Technologies AG) -- C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS -- (IFXTPM [On_Demand | Running])
DRV - [2007/03/12 06:32:40 | 04,486,144 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2003/11/08 18:24:17 | 00,012,953 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\itchfltr.sys -- (itchfltr [On_Demand | Running])
DRV - [2003/11/07 05:50:00 | 00,014,092 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\Drivers\LCcFltr.Sys -- (LCcfltr [On_Demand | Running])
DRV - [2003/11/07 05:50:00 | 00,025,502 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys -- (LHidFlt2 [On_Demand | Running])
DRV - [2003/11/07 05:50:00 | 00,037,884 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\Drivers\LHidUsb.Sys -- (LHidUsb [On_Demand | Running])
DRV - [2003/11/07 05:50:00 | 00,070,798 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys -- (LMouFlt2 [On_Demand | Running])
DRV - [2006/12/22 12:30:42 | 01,683,232 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\LVcKap.sys -- (LVcKap [On_Demand | Stopped])
DRV - [2006/12/22 12:32:24 | 01,963,680 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys -- (LVMVDrv [On_Demand | Stopped])
DRV - [2006/12/22 12:32:48 | 00,025,632 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys -- (LVPr2Mon [On_Demand | Running])
DRV - [2006/12/15 01:41:55 | 00,041,248 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\lvusbsta.sys -- (LVUSBSta [On_Demand | Stopped])
DRV - [2007/04/02 05:30:28 | 02,204,672 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\NETw4x32.sys -- (NETw4x32 [On_Demand | Running])
DRV - [2006/10/03 16:23:50 | 00,036,640 | ---- | M] (O2Micro ) -- C:\WINDOWS\system32\DRIVERS\o2media.sys -- (O2MDRDR [Boot | Running])
DRV - [2006/10/12 14:47:16 | 00,033,152 | ---- | M] (O2Micro ) -- C:\WINDOWS\system32\DRIVERS\o2sd.sys -- (O2SDRDR [Boot | Running])
DRV - [2006/03/08 01:44:00 | 00,092,550 | ---- | M] (O2Micro) -- C:\WINDOWS\system32\DRIVERS\ozscr.sys -- (OZSCR [On_Demand | Running])
DRV - [2006/12/15 01:36:25 | 00,014,240 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\DRIVERS\lv302af.sys -- (pepifilter [On_Demand | Stopped])
DRV - [2006/12/15 01:36:36 | 00,936,864 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\DRIVERS\LV302V32.SYS -- (PID_PEPI [On_Demand | Stopped])
DRV - [2004/08/04 08:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/07/31 18:17:04 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2007/02/21 15:16:12 | 00,012,416 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys -- (s24trans [Auto | Running])
DRV - [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2001/08/17 08:10:28 | 00,035,913 | ---- | M] (SMC) -- C:\WINDOWS\system32\DRIVERS\smcirda.sys -- (SMCIRDA [On_Demand | Running])
DRV - [2006/06/09 01:05:14 | 00,193,120 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2006/10/10 22:33:00 | 00,041,600 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\DRIVERS\tosporte.sys -- (tosporte [On_Demand | Running])
DRV - [2007/01/13 00:41:32 | 00,113,792 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\system32\DRIVERS\tosrfbd.sys -- (tosrfbd [On_Demand | Stopped])
DRV - [2006/11/20 20:55:16 | 00,036,480 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\Drivers\tosrfbnp.sys -- (tosrfbnp [On_Demand | Stopped])
DRV - [2005/08/01 19:45:00 | 00,064,896 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\Drivers\tosrfcom.sys -- (Tosrfcom [System | Running])
DRV - [2007/01/24 17:57:38 | 00,073,728 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys -- (Tosrfhid [On_Demand | Stopped])
DRV - [2005/01/06 16:42:00 | 00,018,612 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\DRIVERS\tosrfnds.sys -- (tosrfnds [On_Demand | Stopped])
DRV - [2007/01/13 00:16:54 | 00,040,576 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\system32\DRIVERS\tosrfusb.sys -- (tosrfusb [On_Demand | Stopped])
DRV - [2008/04/13 14:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2006/11/02 11:01:00 | 00,250,496 | ---- | M] (Marvell) -- C:\WINDOWS\system32\DRIVERS\yk51x86.sys -- (yukonwxp [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.fujitsu.com/computers

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.fujitsu.com/computers

IE - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\S-1-5-21-3548012073-2917716560-2688870898-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\S-1-5-21-3548012073-2917716560-2688870898-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run (AuthenTec, Inc.)
O4 - HKLM..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP File not found
O4 - HKLM..\Run: [FjStrtAp] C:\Program Files\Fujitsu\Utils\FjStrtAp.exe (Fujitsu Computer Systems)
O4 - HKLM..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" (Intel Corporation)
O4 - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide ()
O4 - HKLM..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe ()
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" (Cyberlink Corp.)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Snippet] "C:\Program Files\Microsoft Experience Pack\Snipping Tool\SnippingTool.exe" /i (Microsoft Corporation)
O4 - HKLM..\Run: [SSUtility] C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" File not found
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume (Microsoft Corporation)
O4 - HKLM..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe File not found
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp (AOL LLC)
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h File not found
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3548012073-2917716560-2688870898-500_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - Reg Error: Value error.
O8 - Extra context menu item: Add to EverNote - res://C:\Program Files\EverNote\EverNote\enbar.dll/2000
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:\Program Files\EverNote\EverNote\enbar.dll (EverNote Corporation)
O9 - Extra 'Tools' menuitem : Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:\Program Files\EverNote\EverNote\enbar.dll (EverNote Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab (StagingUI Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/Facebo...toUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} http://a516.g.akamai.net/f/516/25175/7d/ru...cat-no-eula.cab (Citrix ICA Client)
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab (MSN Games – Buddy Invite)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab (ZonePAChat Object)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/Facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} http://launch.gamespyarcade.com/software/launch/alaunch.cab (GSDACtl Class)
O16 - DPF: {809A6301-7B40-4436-A02C-87B8D3D7D9E3} http://zone.msn.com/bingame/zpagames/zpa_dmno.cab55579.cab (ZPA_DMNO Object)
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C228AEDD-FC47-11D3-AF87-D128A9381404} http://www.link-systems.com/~sdk/SDK/paste/lsiw2k.cab (LSICapture Control)
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} http://zone.msn.com/bingame/zpagames/zpa_pool.cab56649.cab (CBankshotZoneCtrl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} http://www.miniclip.com/igloader/igloader.CAB (igLoader Content on Demand)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/binframework/v10/StProxy.cab55579.cab (MSN Games – Game Communicator)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://198.82.159.136/activex/AMC.cab (AxisMediaControlEmb Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Boss
O18 - Protocol\Handler\bw+0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw+0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0 {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0s {5c8b151e-247e-4e60-b92a-acc2135da51b} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\offline-8876480 {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\loginkey: DllName - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll (Microsoft Corporation)
O20 - Winlogon\Notify\OPXPGina: DllName - C:\Program Files\Softex\OmniPass\opxpgina.dll - C:\Program Files\Softex\OmniPass\opxpgina.dll ()
O20 - Winlogon\Notify\TabBtnWL: DllName - TabBtnWL.dll - C:\WINDOWS\system32\TabBtnWL.dll (Microsoft Corporation)
O20 - Winlogon\Notify\tpgwlnotify: DllName - tpgwlnot.dll - C:\WINDOWS\system32\tpgwlnot.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/15 15:34:16 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[1 C:\Documents and Settings\Administrator\My Documents\*.tmp files]
[2009/03/29 01:01:40 | 00,003,647 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\DrWeb.csv
[2009/03/28 23:16:50 | 13,386,584 | ---- | C] (Doctor Web, Ltd.) -- C:\Documents and Settings\Administrator\Desktop\drweb-cureit.exe
[2009/03/28 12:54:17 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/03/27 21:22:59 | 00,286,208 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\yqohwft0.exe
[2009/03/27 21:20:02 | 00,498,688 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe
[2009/03/27 17:11:17 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
[2009/03/25 22:38:08 | 00,000,256 | -H-- | C] () -- C:\WINDOWS\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2009/03/25 22:36:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd
[2009/03/24 21:56:24 | 01,388,704 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\scan.jpg
[2009/03/24 21:51:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My Albums
[2009/03/23 09:29:12 | 00,011,803 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\ashleyworks.docx
[2009/03/23 09:12:54 | 00,010,324 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Citations.docx
[2009/03/22 21:22:38 | 00,014,848 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\ashleys paper.docx
[2009/03/22 18:26:00 | 00,001,783 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Fighter Ace II.lnk
[2009/03/22 13:37:21 | 00,000,872 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\FrostWire 4.17.2.lnk
[2009/03/22 13:33:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Downloads
[2009/03/22 13:32:35 | 00,125,629 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\TaylorLittle_com_Complete_Pic_Vid_Collection_-MC-.3315181.TPB.torrent
[2009/03/22 13:28:56 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\µTorrent.lnk
[2009/03/22 13:28:56 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2009/03/22 13:28:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2009/03/20 22:30:14 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009/03/17 21:53:30 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/03/16 21:24:38 | 00,001,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Flight Simulator 2002.lnk
[2009/03/15 15:34:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Picture Package
[2009/03/15 15:33:35 | 00,000,000 | ---D | C] -- C:\Program Files\PIXELA
[2009/03/15 15:31:48 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2009/03/15 15:31:47 | 00,000,000 | ---D | C] -- C:\Drivers
[2009/03/15 15:31:13 | 00,089,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5DB.DLL
[2009/03/15 15:31:04 | 00,013,567 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS
[2009/03/15 15:31:04 | 00,000,000 | ---D | C] -- C:\Program Files\Sony Corporation
[2009/03/15 15:24:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\WinZip
[2009/03/15 15:24:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/03/15 00:48:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\FrostWire
[2009/03/15 00:48:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\FrostWire
[2009/03/15 00:48:26 | 00,000,000 | ---D | C] -- C:\Program Files\FrostWire
[2009/03/11 00:36:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\vida

========== Files - Modified Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[1 C:\Documents and Settings\Administrator\My Documents\*.tmp files]
[2009/03/29 01:05:23 | 00,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/03/29 01:05:22 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/03/29 01:04:23 | 00,000,256 | -H-- | M] () -- C:\WINDOWS\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2009/03/29 01:03:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/29 01:03:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/29 01:02:23 | 00,003,654 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\FjMenu1.XML
[2009/03/29 01:01:40 | 00,003,647 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\DrWeb.csv
[2009/03/28 23:37:45 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/03/28 23:37:45 | 00,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/03/28 23:16:54 | 13,386,584 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\Administrator\Desktop\drweb-cureit.exe
[2009/03/28 17:13:52 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/03/28 17:13:52 | 00,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/03/28 12:59:29 | 00,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/03/28 12:59:29 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/03/27 21:23:04 | 00,286,208 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\yqohwft0.exe
[2009/03/27 21:20:24 | 00,498,688 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe
[2009/03/27 21:18:56 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/03/27 21:18:56 | 00,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/03/27 21:18:26 | 00,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/03/27 21:18:26 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/03/27 20:46:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/03/27 17:28:55 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/03/27 17:28:55 | 00,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/03/27 17:28:10 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/03/27 17:28:10 | 00,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/03/27 17:26:15 | 00,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2009/03/27 17:26:14 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2009/03/27 17:11:21 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
[2009/03/27 09:06:24 | 00,098,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/26 16:48:28 | 00,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2009/03/26 16:48:27 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/03/26 14:34:49 | 00,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2009/03/26 14:34:48 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009/03/26 08:39:28 | 00,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2009/03/26 08:39:28 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009/03/25 23:38:06 | 00,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/03/25 23:38:05 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/03/25 23:32:08 | 02,644,948 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2009/03/25 19:57:14 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009/03/25 19:57:14 | 00,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/03/25 19:55:51 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/03/25 19:55:51 | 00,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/03/24 23:16:37 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/03/24 23:16:37 | 00,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/03/24 22:00:22 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/03/24 22:00:22 | 00,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/03/24 21:58:07 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/03/24 21:58:07 | 00,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/03/24 21:56:24 | 01,388,704 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\scan.jpg
[2009/03/23 09:29:34 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/03/23 09:29:34 | 00,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/03/23 09:29:16 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/03/23 09:29:16 | 00,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/03/23 09:29:12 | 00,011,803 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\ashleyworks.docx
[2009/03/23 09:12:54 | 00,010,324 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Citations.docx
[2009/03/22 23:41:51 | 00,014,848 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\ashleys paper.docx
[2009/03/22 18:26:00 | 00,001,783 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Fighter Ace II.lnk
[2009/03/22 13:37:21 | 00,000,872 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\FrostWire 4.17.2.lnk
[2009/03/22 13:32:37 | 00,125,629 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\TaylorLittle_com_Complete_Pic_Vid_Collection_-MC-.3315181.TPB.torrent
[2009/03/22 13:28:56 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\µTorrent.lnk
[2009/03/21 16:27:01 | 00,001,095 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/17 21:53:30 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/03/16 21:24:38 | 00,001,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Flight Simulator 2002.lnk
[2009/03/15 15:34:16 | 00,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/03/15 00:21:23 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/11 21:48:55 | 01,584,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 17:06:27 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/08 18:01:56 | 00,483,924 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/08 18:01:56 | 00,411,142 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/08 18:01:56 | 00,065,446 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
< End of report >

#11 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:02:52 AM

Posted 29 March 2009 - 09:05 AM

How is your computer behaving now? Any better?
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#12 tut2734

tut2734
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 29 March 2009 - 10:12 AM

Yes, it seems to be all gone as far as the pop-ups and running fine. Thank you for your help and time it is greatly appreciated. Have a great day.

#13 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:02:52 AM

Posted 29 March 2009 - 01:27 PM

Excellent! :)
Let's just clean up a bit.

Run OTListIt2 and click the CleanUp button.
Reboot when it asks you to.



Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
  • Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and reenable system restore to make sure there are no infected files found in a restore point left over from what we have just cleaned.

    You can find instructions on how to enable and reenable system restore here:

    Windows XP System Restore Guide

    Renable system restore with instructions from tutorial above

  • Make your Internet Explorer more secure - This can be done by following these simple instructions:
    • From within Internet Explorer click on the Tools menu and then click on Options.
    • Click once on the Security tab
    • Click once on the Internet icon so it becomes highlighted.
    • Click once on the Custom Level button.
      • Change the Download signed ActiveX controls to Prompt
      • Change the Download unsigned ActiveX controls to Disable
      • Change the Initialize and script ActiveX controls not marked as safe to Disable
      • Change the Installation of desktop items to Prompt
      • Change the Launching programs and files in an IFRAME to Prompt
      • Change the Navigate sub-frames across different domains to Prompt
      • When all these settings have been made, click on the OK button.
      • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    • Next press the Apply button and then the OK to exit the Internet Properties page.
  • Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

    See this link for a listing of some online & their stand-alone antivirus programs:

    Virus, Spyware, and Malware Protection and Removal Resources

  • Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

  • Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

    For a tutorial on Firewalls and a listing of some available ones see the link below:

    Understanding and Using Firewalls

  • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

  • Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software.

    A tutorial on installing & using this product can be found here:

    Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers

  • Install Ad-Aware - Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.

    A tutorial on installing & using this product can be found here:

    Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer

  • Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

    A tutorial on installing & using this product can be found here:

    Using SpywareBlaster to protect your computer from Spyware and Malware

  • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.

:thumbup2: :step4:
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users