Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Suspected Malware - slow responses

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

OTS

Unread postby normnina » August 27th, 2009, 2:55 am

Code: Select all
OTS logfile created on: 8/26/2009 11:06:36 PM - Run 1
OTS by OldTimer - Version 3.0.10.3     Folder = C:\Documents and Settings\Nina\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
254.00 Mb Total Physical Memory | 45.95 Mb Available Physical Memory | 18.09% Memory free
621.92 Mb Paging File | 243.13 Mb Available in Paging File | 39.09% Paging File free
Paging file location(s): C:\pagefile.sys 1152 1152 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.47 Gb Total Space | 60.06 Gb Free Space | 80.65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: D19WTD41
Current User Name: Nina
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
 
[Processes - Safe List]
applemobiledeviceservice.exe -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/07/09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.)
bcmsmmsg.exe -> C:\WINDOWS\BCMSMMSG.exe -> [2003/08/29 05:59:24 | 00,122,880 | ---- | M] (Broadcom Corporation)
capfasem.exe -> C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe -> [2009/02/01 13:18:23 | 00,173,296 | ---- | M] (CA, Inc.)
capfsem.exe -> C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe -> [2009/02/01 13:18:23 | 00,181,488 | ---- | M] (CA, Inc.)
cappactiveprotection.exe -> C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe -> [2007/08/16 22:10:14 | 00,218,376 | ---- | M] (CA, Inc.)
cavrid.exe -> C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe -> [2009/07/31 04:14:41 | 00,230,664 | ---- | M] (CA, Inc.)
ccprovsp.exe -> C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -> [2009/07/31 04:14:42 | 00,214,256 | ---- | M] (CA, Inc.)
cctray.exe -> C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe -> [2009/07/31 04:14:42 | 00,177,392 | ---- | M] (CA, Inc.)
elkctrl.exe -> C:\WINDOWS\System32\ElkCtrl.exe -> [2004/11/01 18:22:22 | 00,262,144 | ---- | M] (Logitech Inc.)
explorer.exe -> C:\WINDOWS\Explorer.EXE -> [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation)
iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation)
iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation)
ipodservice.exe -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.)
isafe.exe -> C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe -> [2007/08/20 14:27:26 | 00,144,960 | ---- | M] (Computer Associates International, Inc.)
itmrtsvc.exe -> C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe -> [2007/01/04 13:10:22 | 00,280,080 | ---- | M] (CA, Inc.)
ituneshelper.exe -> C:\Program Files\iTunes\iTunesHelper.exe -> [2009/07/13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.)
jqs.exe -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/08/25 14:58:08 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.)
jusched.exe -> C:\Program Files\Java\jre6\bin\jusched.exe -> [2009/08/25 14:58:08 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)
lvcomsx.exe -> C:\WINDOWS\System32\LVCOMSX.EXE -> [2005/12/09 16:32:18 | 00,225,280 | ---- | M] (Logitech Inc.)
mdnsresponder.exe -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.)
ots.exe -> C:\Documents and Settings\Nina\Desktop\OTS.exe -> [2009/08/26 23:06:22 | 00,514,048 | ---- | M] (OldTimer Tools)
ppctlpriv.exe -> C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe -> [2007/08/16 22:10:16 | 00,189,704 | ---- | M] (CA, Inc.)
qoeloader.exe -> C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe -> [2009/02/01 13:15:26 | 00,014,088 | ---- | M] (CA)
skype.exe -> C:\Program Files\Skype\Phone\Skype.exe -> [2009/03/27 09:55:06 | 24,103,720 | R--- | M] (Skype Technologies S.A.)
sprtsvc.exe -> C:\Program Files\twc\medicsp2\bin\sprtsvc.exe -> [2007/03/07 12:54:06 | 00,202,280 | ---- | M] (SupportSoft, Inc.)
tfswctrl.exe -> C:\WINDOWS\System32\dla\tfswctrl.exe -> [2003/08/06 00:04:00 | 00,114,741 | ---- | M] (Sonic Solutions)
umxagent.exe -> C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe -> [2007/10/18 11:24:46 | 01,010,192 | ---- | M] (CA)
umxcfg.exe -> C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe -> [2007/10/18 11:24:46 | 00,801,296 | ---- | M] (CA)
umxfwhlp.exe -> C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe -> [2007/10/18 11:24:44 | 00,145,936 | ---- | M] (CA)
umxpol.exe -> C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe -> [2008/06/24 20:10:30 | 00,281,104 | ---- | M] (CA)
vetmsg.exe -> C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe -> [2009/07/31 04:14:41 | 00,242,952 | ---- | M] (CA, Inc.)
yahooauservice.exe -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 13:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.)
 
[Win32 Services - Safe List]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/07/09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.)
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation)
(Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.)
(CaCCProvSP) CaCCProvSP [Win32_Own | On_Demand | Running] -> C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -> [2009/07/31 04:14:42 | 00,214,256 | ---- | M] (CA, Inc.)
(CAISafe) CAISafe [Win32_Own | Auto | Running] -> C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe -> [2007/08/20 14:27:26 | 00,144,960 | ---- | M] (Computer Associates International, Inc.)
(CCALib8) Canon Camera Access Library 8 [Win32_Own | Disabled | Stopped] -> C:\Program Files\Canon\CAL\CALMAIN.exe -> [2007/01/31 15:55:42 | 00,096,370 | ---- | M] (Canon Inc.)
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation)
(DSBrokerService) DSBrokerService [Win32_Own | Disabled | Stopped] -> C:\Program Files\DellSupport\brkrsvc.exe -> [2007/03/07 15:47:46 | 00,076,848 | ---- | M] ()
(FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation)
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008/04/07 16:16:26 | 00,136,120 | ---- | M] (Google)
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation)
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation)
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.)
(ITMRTSVC) CA Pest Patrol Realtime Protection Service [Win32_Own | Auto | Running] -> C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe -> [2007/01/04 13:10:22 | 00,280,080 | ---- | M] (CA, Inc.)
(JavaQuickStarterService) Java Quick Starter [Win32_Own | Auto | Running] -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/08/25 14:58:08 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.)
(LVPrcSrv) Logitech Process Monitor [Win32_Own | Disabled | Stopped] -> c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe -> [2005/12/09 16:37:42 | 00,081,920 | ---- | M] (Logitech Inc.)
(NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | Disabled | Stopped] -> c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation)
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Disabled | Stopped] -> C:\WINDOWS\System32\HPZipm12.exe -> [2007/08/09 00:27:52 | 00,073,728 | ---- | M] (HP)
(PPCtlPriv) PPCtlPriv [Win32_Own | On_Demand | Running] -> C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe -> [2007/08/16 22:10:16 | 00,189,704 | ---- | M] (CA, Inc.)
(sprtsvc_medicsp2) SupportSoft Sprocket Service (medicsp2) [Win32_Own | Auto | Running] -> C:\Program Files\twc\medicsp2\bin\sprtsvc.exe -> [2007/03/07 12:54:06 | 00,202,280 | ---- | M] (SupportSoft, Inc.)
(SupportSoft RemoteAssist) SupportSoft RemoteAssist [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -> [2008/07/15 17:38:32 | 00,394,608 | ---- | M] (SupportSoft, Inc.)
(UmxAgent) HIPS Event Manager [Win32_Own | Auto | Running] -> C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe -> [2007/10/18 11:24:46 | 01,010,192 | ---- | M] (CA)
(UmxCfg) HIPS Configuration Interpreter [Win32_Own | Auto | Running] -> C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe -> [2007/10/18 11:24:46 | 00,801,296 | ---- | M] (CA)
(UmxFwHlp) HIPS Firewall Helper [Win32_Own | Auto | Running] -> C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe -> [2007/10/18 11:24:44 | 00,145,936 | ---- | M] (CA)
(UmxPol) HIPS Policy Manager [Win32_Own | Auto | Running] -> C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe -> [2008/06/24 20:10:30 | 00,281,104 | ---- | M] (CA)
(VETMSGNT) VET Message Service [Win32_Own | Auto | Running] -> C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe -> [2009/07/31 04:14:41 | 00,242,952 | ---- | M] (CA, Inc.)
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | Disabled | Stopped] -> C:\Program Files\Windows Media Player\WMPNetwk.exe -> [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
(YahooAUService) Yahoo! Updater [Win32_Own | Auto | Running] -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 13:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.)
 
[Driver Services - Safe List]
(aeaudio) aeaudio [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\aeaudio.sys -> [2002/04/01 12:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation)
(AliIde) AliIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\aliide.sys -> [2001/08/17 12:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.)
(amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\amdagp.sys -> [2008/04/13 11:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(asc) asc [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\asc.sys -> [2001/08/17 12:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\asc3550.sys -> [2001/08/17 12:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.)
(bcm4sbxp) Broadcom 440x 10/100 Integrated Controller XP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys -> [2003/05/23 11:58:30 | 00,043,136 | ---- | M] (Broadcom Corporation)
(BCMModem) BCM V.92 56K Modem [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\BCMSM.sys -> [2003/08/29 05:59:24 | 01,101,696 | ---- | M] (Broadcom Corporation)
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\cmdide.sys -> [2001/08/17 12:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.)
(dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -> [2001/08/17 12:52:16 | 00,179,584 | ---- | M] (Mylex Corporation)
(drvmcdb) drvmcdb [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\drvmcdb.sys -> [2003/07/31 02:21:00 | 00,084,576 | ---- | M] (Sonic Solutions)
(drvnddm) drvnddm [File_System | Auto | Running] -> C:\WINDOWS\System32\drivers\drvnddm.sys -> [2003/06/20 01:56:00 | 00,040,448 | ---- | M] (Sonic Solutions)
(DSproct) DSproct [Kernel | On_Demand | Stopped] -> C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -> [2006/10/05 16:07:28 | 00,004,736 | ---- | M] (Gteko Ltd.)
(dsunidrv) DellSupport UniDriver [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\dsunidrv.sys -> [2007/02/25 12:10:48 | 00,005,376 | --S- | M] (Gteko Ltd.)
(EL90XBC) 3Com EtherLink XL 90XB/C Adapter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\el90xbc5.sys -> [2001/08/17 11:11:06 | 00,066,591 | ---- | M] (3Com Corporation)
(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -> [2009/03/19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.)
(HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\HPZid412.sys -> [2005/03/07 21:43:25 | 00,051,120 | R--- | M] (HP)
(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -> [2005/03/07 21:43:26 | 00,016,496 | R--- | M] (HP)
(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\HPZius12.sys -> [2005/03/07 21:43:27 | 00,021,744 | R--- | M] (HP)
(i81x) i81x [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\i81xnt5.sys -> [2004/08/03 22:29:36 | 00,161,020 | ---- | M] (Intel(R) Corporation)
(iAimFP0) iAimFP0 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\wADV01nt.sys -> [2004/08/03 22:29:37 | 00,012,415 | ---- | M] (Intel(R) Corporation)
(iAimFP1) iAimFP1 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\wADV02NT.sys -> [2004/08/03 22:29:37 | 00,012,127 | ---- | M] (Intel(R) Corporation)
(iAimFP2) iAimFP2 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\wADV05NT.sys -> [2004/08/03 22:29:37 | 00,011,775 | ---- | M] (Intel(R) Corporation)
(iAimFP3) iAimFP3 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys -> [2004/08/03 22:29:47 | 00,012,063 | ---- | M] (Intel(R) Corporation)
(iAimFP4) iAimFP4 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys -> [2004/08/03 22:29:49 | 00,019,455 | ---- | M] (Intel(R) Corporation)
(iAimTV0) iAimTV0 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\wATV01nt.sys -> [2004/08/03 22:29:41 | 00,029,311 | ---- | M] (Intel(R) Corporation)
(iAimTV1) iAimTV1 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\wATV02NT.sys -> [2004/08/03 22:29:42 | 00,019,551 | ---- | M] (Intel(R) Corporation)
(iAimTV3) iAimTV3 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\wATV04nt.sys -> [2004/08/03 22:29:43 | 00,033,599 | ---- | M] (Intel(R) Corporation)
(iAimTV4) iAimTV4 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys -> [2004/08/03 22:29:45 | 00,023,615 | ---- | M] (Intel(R) Corporation)
(ialm) ialm [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\ialmnt5.sys -> [2005/06/22 01:12:34 | 00,807,998 | ---- | M] (Intel Corporation)
(ICAM3NT5) Intel USB Video Camera III [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\Drivers\Icam3.sys -> [2001/08/17 14:05:44 | 00,141,056 | ---- | M] (Microsoft Corporation)
(KmxAgent) KmxAgent [Kernel | System | Running] -> C:\WINDOWS\System32\DRIVERS\kmxagent.sys -> [2008/06/24 20:08:36 | 00,063,504 | ---- | M] (CA)
(KmxCF) KmxCF [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\KmxCF.sys -> [2008/06/24 20:08:42 | 00,134,648 | ---- | M] (CA)
(KmxCfg) KmxCfg [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\kmxcfg.sys -> [2008/06/24 20:08:42 | 00,088,816 | ---- | M] (CA)
(KmxFile) KmxFile [Kernel | System | Running] -> C:\WINDOWS\System32\DRIVERS\KmxFile.sys -> [2008/06/24 20:08:46 | 00,045,584 | ---- | M] (CA)
(KmxFw) KmxFw [Kernel | System | Running] -> C:\WINDOWS\System32\DRIVERS\kmxfw.sys -> [2008/06/24 20:08:52 | 00,115,216 | ---- | M] (CA)
(KmxSbx) KmxSbx [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\KmxSbx.sys -> [2008/06/24 20:08:56 | 00,066,576 | ---- | M] (CA)
(KmxStart) KmxStart [Kernel | Boot | Running] -> C:\WINDOWS\System32\DRIVERS\kmxstart.sys -> [2008/06/24 20:08:58 | 00,093,712 | ---- | M] (CA)
(Lvckap) Logitech Kernel Audio Processing Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\Lvckap.sys -> [2005/12/09 16:35:54 | 02,174,464 | ---- | M] ()
(lvmvdrv) Logitech Machine Vision Engine Loader [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\lvmvdrv.sys -> [2005/12/09 16:37:42 | 02,400,256 | ---- | M] ()
(LVPrcMon) Logitech LVPrcMon Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\LVPrcMon.sys -> [2005/12/09 16:37:42 | 00,016,768 | ---- | M] ()
(LVUSBSta) Logitech USB Monitor Filter [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\lvusbsta.sys -> [2005/12/05 20:26:16 | 00,039,424 | R--- | M] (Logitech Inc.)
(MDC8021X) AEGIS Protocol (IEEE 802.1x) v2.3.1.9 [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\mdc8021x.sys -> [2004/04/13 19:20:08 | 00,015,781 | R--- | M] (Meetinghouse Data Communications)
(MODEMCSA) Unimodem Streaming Filter Device [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\MODEMCSA.sys -> [2001/08/17 12:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation)
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\mraid35x.sys -> [2001/08/17 12:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.)
(MxlW2k) MxlW2k [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\MxlW2k.sys -> [2007/05/19 19:08:57 | 00,028,256 | ---- | M] (MusicMatch, Inc.)
(nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -> [2004/08/03 22:29:54 | 01,897,408 | ---- | M] (NVIDIA Corporation)
(omci) OMCI WDM Device Driver [Kernel | System | Running] -> C:\WINDOWS\System32\DRIVERS\omci.sys -> [2002/11/08 12:45:06 | 00,017,217 | ---- | M] (Dell Computer Corporation)
(PID_0928) Logitech QuickCam Express(PID_0928) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\LV561AV.SYS -> [2005/12/05 20:27:29 | 00,287,360 | R--- | M] (Logitech Inc.)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\ptilink.sys -> [2002/08/29 04:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\System32\DRIVERS\PxHelp20.sys -> [2008/11/20 12:19:06 | 00,043,872 | ---- | M] (Sonic Solutions)
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\ql1080.sys -> [2001/08/17 12:52:20 | 00,040,320 | ---- | M] (QLogic Corporation)
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\ql12160.sys -> [2001/08/17 12:52:20 | 00,045,312 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\ql1280.sys -> [2001/08/17 12:52:18 | 00,049,024 | ---- | M] (QLogic Corporation)
(ROOTMODEM) Microsoft Legacy Modem Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\Drivers\RootMdm.sys -> [2002/08/29 04:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation)
(rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -> [2004/08/03 22:31:32 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation)
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\secdrv.sys -> [2007/11/13 03:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\sisagp.sys -> [2008/04/13 11:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation)
(smwdm) smwdm [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\smwdm.sys -> [2003/02/28 08:17:18 | 00,545,024 | ---- | M] (Analog Devices, Inc.)
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\sparrow.sys -> [2001/08/17 13:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.)
(sscdbhk5) sscdbhk5 [File_System | System | Running] -> C:\WINDOWS\System32\drivers\sscdbhk5.sys -> [2003/07/14 10:28:40 | 00,005,621 | ---- | M] (Sonic Solutions)
(ssrtln) ssrtln [File_System | System | Running] -> C:\WINDOWS\System32\drivers\ssrtln.sys -> [2003/07/14 10:28:22 | 00,023,219 | ---- | M] (Sonic Solutions)
(symc810) symc810 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\symc810.sys -> [2001/08/17 13:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.)
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\symc8xx.sys -> [2001/08/17 13:07:36 | 00,032,640 | ---- | M] (LSI Logic)
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\sym_hi.sys -> [2001/08/17 13:07:40 | 00,028,384 | ---- | M] (LSI Logic)
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\sym_u3.sys -> [2001/08/17 13:07:42 | 00,030,688 | ---- | M] (LSI Logic)
(tfsnboio) tfsnboio [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsnboio.sys -> [2003/08/06 00:04:00 | 00,025,685 | ---- | M] (Sonic Solutions)
(tfsncofs) tfsncofs [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsncofs.sys -> [2003/08/06 00:04:00 | 00,034,837 | ---- | M] (Sonic Solutions)
(tfsndrct) tfsndrct [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsndrct.sys -> [2003/08/06 00:04:00 | 00,004,117 | ---- | M] (Sonic Solutions)
(tfsndres) tfsndres [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsndres.sys -> [2003/08/06 00:04:00 | 00,002,233 | ---- | M] (Sonic Solutions)
(tfsnifs) tfsnifs [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsnifs.sys -> [2003/08/06 00:04:00 | 00,083,284 | ---- | M] (Sonic Solutions)
(tfsnopio) tfsnopio [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsnopio.sys -> [2003/08/06 00:04:00 | 00,014,229 | ---- | M] (Sonic Solutions)
(tfsnpool) tfsnpool [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsnpool.sys -> [2003/08/06 00:04:00 | 00,006,357 | ---- | M] (Sonic Solutions)
(tfsnudf) tfsnudf [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsnudf.sys -> [2003/08/06 00:04:00 | 00,098,068 | ---- | M] (Sonic Solutions)
(tfsnudfa) tfsnudfa [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsnudfa.sys -> [2003/08/06 00:04:00 | 00,100,373 | ---- | M] (Sonic Solutions)
(ultra) ultra [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\ultra.sys -> [2001/08/17 12:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.)
(VET-FILT) VET File System Filter [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\vet-filt.sys -> [2007/08/20 14:38:16 | 00,026,376 | ---- | M] (Computer Associates International, Inc.)
(VET-REC) VET File System Recognizer [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\vet-rec.sys -> [2007/08/20 14:38:16 | 00,021,128 | ---- | M] (Computer Associates International, Inc.)
(VETEBOOT) VET Boot Scan Engine [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\veteboot.sys -> [2009/02/01 13:18:19 | 00,108,368 | ---- | M] (Computer Associates International, Inc.)
(VETEFILE) VET File Scan Engine [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\vetefile.sys -> [2009/02/01 13:18:19 | 00,880,560 | ---- | M] (Computer Associates International, Inc.)
(VETFDDNT) VET Floppy Boot Sector Monitor [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\vetfddnt.sys -> [2007/08/20 14:38:20 | 00,021,512 | ---- | M] (Computer Associates International, Inc.)
(VETMONNT) VET File Monitor [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\vetmonnt.sys -> [2007/08/20 14:38:22 | 00,032,264 | ---- | M] (Computer Associates International, Inc.)
(WlanUIG) 2Wire 802.11g USB Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\WlanUIG.sys -> [2004/05/16 17:46:15 | 00,347,648 | R--- | M] ( )
({6080A529-897E-4629-A488-ABA0C29B635E}) Intel(R) Graphics Platform (SoftBIOS) Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\ialmsbw.sys -> [2003/10/08 11:12:24 | 00,120,830 | ---- | M] (Intel Corporation)
({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) Intel(R) Graphics Chipset (KCH) Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\ialmkchw.sys -> [2003/10/08 11:12:16 | 00,098,842 | ---- | M] (Intel Corporation)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" ->  [binary data] -> 
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> 
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\"Page_Transitions" -> 1 -> 
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> 
HKEY_CURRENT_USER\: Main\\"Page_Transitions" -> 1 -> 
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_CURRENT_USER\: Main\\"SearchDefaultBranded" -> 1 -> 
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Yahoo! Search -> 
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 -> 
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.yahoo.com/ -> 
HKEY_CURRENT_USER\: SearchURL\\"" -> http://us.rd.yahoo.com/customize/ie/defaults/su/ymj/*http://www.yahoo.com -> 
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> 
HKEY_CURRENT_USER\: "ProxyOverride" -> 127.0.0.1;<local>;*.local -> 
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\extensions ->  -> 
HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/04/24 17:26:48 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com -> C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF] -> [2009/08/25 14:58:10 | 00,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
 -> C:\Documents and Settings\Nina\Application Data\mozilla\Firefox\Profiles\opmqne76.default\extensions -> [2008/11/08 18:00:56 | 00,000,000 | ---D | M]
 -> C:\Documents and Settings\Nina\Application Data\mozilla\Firefox\Profiles\opmqne76.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374} -> [2008/11/08 18:00:56 | 00,000,000 | ---D | M]
 -> C:\Documents and Settings\Nina\Application Data\mozilla\Firefox\Profiles\opmqne76.default\extensions\{6aec4bf7-c16a-4e5c-a65a-114a57157969} -> [2008/11/08 18:00:56 | 00,000,000 | ---D | M]
 -> C:\Documents and Settings\Nina\Application Data\mozilla\Firefox\Profiles\opmqne76.default\extensions\{dd30bf68-268a-4815-ad48-8740b774c764} -> [2008/11/08 18:00:56 | 00,000,000 | ---D | M]
< FireFox SearchPlugins [User Folders] > -> 
< HOSTS File > (2 bytes and 1 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
Reset Hosts
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 12:07:26 | 00,075,128 | ---- | M] (Adobe Systems Incorporated)
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2009/03/27 09:55:12 | 01,088,296 | ---- | M] (Skype Technologies S.A.)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\System32\dla\tfswshx.dll [DriveLetterAccess] -> [2003/08/06 00:04:00 | 00,106,548 | ---- | M] (Sonic Solutions)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/08/25 14:58:07 | 00,041,760 | ---- | M] (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2009/08/25 14:58:10 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"" ->  [] -> File not found
"Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/02/27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated)
"BCMSMMSG" -> C:\WINDOWS\BCMSMMSG.exe [BCMSMMSG.exe] -> [2003/08/29 05:59:24 | 00,122,880 | ---- | M] (Broadcom Corporation)
"cafwc" -> C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe [C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl] -> [2009/02/01 13:18:23 | 01,193,200 | ---- | M] (CA, Inc.)
"capfasem" -> C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe [C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe] -> [2009/02/01 13:18:23 | 00,173,296 | ---- | M] (CA, Inc.)
"capfupgrade" -> C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe [C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe] -> [2009/02/01 13:18:23 | 00,259,312 | ---- | M] (CA, Inc.)
"CAVRID" -> C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe ["C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"] -> [2009/07/31 04:14:41 | 00,230,664 | ---- | M] (CA, Inc.)
"cctray" -> C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe ["C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"] -> [2009/07/31 04:14:42 | 00,177,392 | ---- | M] (CA, Inc.)
"dla" -> C:\WINDOWS\System32\dla\tfswctrl.exe [C:\WINDOWS\system32\dla\tfswctrl.exe] -> [2003/08/06 00:04:00 | 00,114,741 | ---- | M] (Sonic Solutions)
"iTunesHelper" -> C:\Program Files\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2009/07/13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.)
"LogitechCameraService(E)" -> C:\WINDOWS\System32\ElkCtrl.exe [C:\WINDOWS\system32\ElkCtrl.exe /automation] -> [2004/11/01 18:22:22 | 00,262,144 | ---- | M] (Logitech Inc.)
"LVCOMSX" -> C:\WINDOWS\System32\LVCOMSX.EXE [C:\WINDOWS\system32\LVCOMSX.EXE] -> [2005/12/09 16:32:18 | 00,225,280 | ---- | M] (Logitech Inc.)
"QOELOADER" -> C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe ["C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe"] -> [2009/02/01 13:15:26 | 00,014,088 | ---- | M] (CA)
"QuickTime Task" -> C:\Program Files\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2009/05/26 17:18:30 | 00,413,696 | ---- | M] (Apple Inc.)
"SunJavaUpdateSched" -> C:\Program Files\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2009/08/25 14:58:08 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Skype" -> C:\Program Files\Skype\Phone\Skype.exe ["C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized] -> [2009/03/27 09:55:06 | 24,103,720 | R--- | M] (Skype Technologies S.A.)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
< Nina Startup Folder > -> C:\Documents and Settings\Nina\Start Menu\Programs\Startup -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" ->  [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" ->  [0] -> File not found
\\"legalnoticecaption" ->  [] -> File not found
\\"legalnoticetext" ->  [] -> File not found
\\"shutdownwithoutlogon" ->  [1] -> File not found
\\"undockwithoutlogon" ->  [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Add to Google Photos Screensa&ver -> C:\WINDOWS\System32\GPhotos.scr [res://C:\WINDOWS\system32\GPhotos.scr/200] -> [2009/05/01 11:30:36 | 03,366,912 | ---- | M] (Google Inc.)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Button: Skype] -> [2009/03/27 09:55:12 | 01,088,296 | ---- | M] (Skype Technologies S.A.)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\WINDOWS\System32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{01113300-3E00-11D2-8470-0060089874ED} [HKLM] -> http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab [Support.com Configuration Class] -> 
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab [QuickTime Object] -> 
{0CCA191D-13A6-4E29-B746-314DEE697D83} [HKLM] -> http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab [Facebook Photo Uploader 5 Control] -> 
{11260943-421B-11D0-8EAC-0000C07D88CF} [HKLM] -> http://www.ipix.com/download/ipixx.cab [iPIX ActiveX Control] -> 
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Reg Error: Key error.] -> 
{17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab [Windows Genuine Advantage Validation Tool] -> 
{19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} [HKLM] -> http://download.microsoft.com/download/0/5/c/05c905f4-dd30-427d-a3de-373c3e5552fc/msSecAdv.cab?1083471839937 [MSSecurityAdvisor Class] -> 
{1F2F4C9E-6F09-47BC-970D-3C54734667FE} [HKLM] -> https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab [Reg Error: Key error.] -> 
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] -> 
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} [HKLM] -> http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab [Symantec AntiVirus scanner] -> 
{4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} [HKLM] -> http://www.napster.com/client/setup.exe [InstallShield Setup Player 2K2] -> 
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} [HKLM] -> http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab [MSN Photo Upload Tool] -> 
{5AE58FCF-6F6A-49B2-B064-02492C66E3F4} [HKLM] -> http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1226371183062 [MUCatalogWebControl Class] -> 
{5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} [HKLM] -> http://www.webshots.com/samplers/WSDownloader.ocx [WSDownloader Control] -> 
{5ED80217-570B-4DA9-BF44-BE107C0EC166} [HKLM] -> http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab [Windows Live Safety Center Base Module] -> 
{6414512B-B978-451D-A0D8-FCFDF33E833C} [HKLM] -> http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232561623984 [WUWebControl Class] -> 
{644E432F-49D3-41A1-8DD5-E099162EEEC5} [HKLM] -> http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab [Symantec RuFSI Utility Class] -> 
{6A344D34-5231-452A-8A57-D064AC9B7862} [HKLM] -> https://webdl.symantec.com/activex/symdlmgr.cab [Symantec Download Manager] -> 
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232561594484 [MUWebControl Class] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab [Java Plug-in 1.6.0_16] -> 
{8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} [HKLM] -> http://zone.msn.com/bingame/zpagames/zpa_wof.cab55579.cab [ZPA_WheelOfFortune Object] -> 
{B49C4597-8721-4789-9250-315DFBD9F525} [HKLM] -> http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab [IWinAmpActiveX Class] -> 
{B8BE5E93-A60C-4D26-A2DC-220313175592} [HKLM] -> http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab [MSN Games - Installer] -> 
{BCBC9371-595D-11D4-A96D-00105A1CEF6C} [HKLM] -> http://hgtv1.view22.com/view22/app/view22rte.cab [View22RTE Class] -> 
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab [Java Plug-in 1.6.0_16] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab [Java Plug-in 1.6.0_16] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> 
{DD3641E5-A9CF-11D1-9AA1-444553540000} [HKLM] -> http://www.sunterra.com/downloads/svh/svideo3.cab [Surround Video V3.0 Control Object] -> 
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> 
{E856B973-45FD-4559-8F82-EAB539144667} [HKLM] -> http://pccheckup.dellfix.com/rel/41/install/gtdownde.cab [Dell PC Checkup Installer Control] -> 
Microsoft XML Parser for Java [HKLM] -> file://C:\WINDOWS\Java\classes\xmldso.cab [Reg Error: Key error.] -> 
PackageCab [HKLM] -> http://ak.imgag.com/imgag/cp/install/AxCtp2.cab [Reg Error: Key error.] -> 
ppctlcab [HKLM] -> http://www.pestscan.com/scanner/ppctlcab.cab [Reg Error: Key error.] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 209.18.47.61 209.18.47.62 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{5516AB57-14E4-4C9E-9435-08A3C2677C51}\\DhcpNameServer -> 209.18.47.61 209.18.47.62   (Realtek RTL8139 Family PCI Fast Ethernet NIC) -> 
IE Styles -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
igfxcui -> C:\WINDOWS\System32\igfxsrvc.dll -> [2005/06/22 00:44:12 | 00,348,160 | ---- | M] (Intel Corporation)
PFW -> C:\WINDOWS\System32\UmxWNP.dll -> [2007/05/18 14:30:00 | 00,079,368 | ---- | M] (CA)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\System32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 17:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger] -> [2006/12/08 11:52:42 | 00,036,864 | ---- | M] (Logitech)
"C:\Program Files\MSN Messenger\msncall.exe" -> C:\Program Files\MSN Messenger\msncall.exe [C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)] -> File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0] -> File not found
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\System32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 17:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.)
"C:\Program Files\Google\Google Talk\googletalk.exe" -> C:\Program Files\Google\Google Talk\googletalk.exe [C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe [C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe] -> [2005/05/12 09:34:58 | 00,151,635 | ---- | M] (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe [C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe] -> [2005/05/24 03:34:36 | 00,057,344 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe [C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe] -> [2005/05/24 03:17:46 | 00,225,280 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" -> C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe [C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe] -> [2005/05/24 03:18:00 | 00,040,960 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" -> C:\Program Files\HP\Digital Imaging\bin\hposid01.exe [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe] -> [2005/05/24 03:13:32 | 00,081,920 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe [C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe] -> [2005/05/24 03:42:00 | 00,172,032 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe] -> [2005/05/12 08:28:02 | 01,081,344 | ---- | M] (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe [C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe] -> [2005/05/12 11:06:08 | 00,200,704 | ---- | M] ()
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe] -> [2005/05/12 01:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe] -> [2005/05/12 00:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe [C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe] -> [2005/05/24 03:18:52 | 00,458,752 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" -> C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe [C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe] -> [2005/03/15 16:17:50 | 00,704,512 | ---- | M] ( )
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" -> C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe [C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe] -> [2005/03/15 16:12:10 | 00,417,792 | ---- | M] ()
"C:\Program Files\Internet Explorer\iexplore.exe" -> C:\Program Files\Internet Explorer\iexplore.exe [C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer] -> [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2009/07/13 14:02:56 | 14,074,656 | ---- | M] (Apple Inc.)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger] -> [2006/12/08 11:52:42 | 00,036,864 | ---- | M] (Logitech)
"C:\Program Files\Messenger\msmsgs.exe" -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msncall.exe" -> C:\Program Files\MSN Messenger\msncall.exe [C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)] -> File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0] -> File not found
"C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe" -> C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe [C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe:*:Disabled:TODO: <File description>] -> [2003/10/06 09:05:42 | 00,081,920 | ---- | M] (TODO: <Company name>)
"C:\Program Files\Skype\Phone\Skype.exe" -> C:\Program Files\Skype\Phone\Skype.exe [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> [2009/03/27 09:55:06 | 24,103,720 | R--- | M] (Skype Technologies S.A.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" -> C:\Program Files\Yahoo!\Messenger\YServer.exe [C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server] -> File not found
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
"AlternateShell" -> cmd.exe -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" ->  [System32\DRIVERS\cdrom.sys] -> File not found
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
\E
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell
\E\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun
\E\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun\command
\E\Shell\AutoRun\command\\"" -> E:\LaunchU3.exe [E:\LaunchU3.exe -a] -> File not found
 
 
[Files/Folders - Created Within 30 Days]
4 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> 
OTS.exe -> C:\Documents and Settings\Nina\Desktop\OTS.exe -> [2009/08/26 23:06:18 | 00,514,048 | ---- | C] (OldTimer Tools)
Malwarebytes -> C:\Documents and Settings\Nina\Application Data\Malwarebytes -> [2009/08/25 15:53:03 | 00,000,000 | ---D | C]
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/08/25 15:52:50 | 00,000,696 | ---- | C] ()
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2009/08/25 15:52:46 | 00,038,160 | ---- | C] (Malwarebytes Corporation)
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2009/08/25 15:52:43 | 00,019,096 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2009/08/25 15:52:43 | 00,000,000 | ---D | C]
Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2009/08/25 15:52:43 | 00,000,000 | ---D | C]
mbam-setup.1.2D0D17.exe -> C:\Documents and Settings\Nina\Desktop\mbam-setup.1.2D0D17.exe -> [2009/08/25 15:50:49 | 03,942,048 | ---- | C] (Malwarebytes Corporation                                    )
Acrobat.com.lnk -> C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk -> [2009/08/25 14:35:58 | 00,000,734 | ---- | C] ()
Adobe Reader 9.lnk -> C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk -> [2009/08/25 14:34:03 | 00,001,729 | ---- | C] ()
Adobe Reader 9 Installer -> C:\Documents and Settings\All Users\Desktop\Adobe Reader 9 Installer -> [2009/08/25 14:31:13 | 00,000,000 | ---D | C]
Adobe AIR -> C:\Program Files\Common Files\Adobe AIR -> [2009/08/25 14:30:58 | 00,000,000 | ---D | C]
gmer.zip -> C:\Documents and Settings\Nina\Desktop\gmer.zip -> [2009/08/22 12:35:08 | 00,280,282 | ---- | C] ()
rsit -> C:\rsit -> [2009/08/19 20:28:39 | 00,000,000 | ---D | C]
NortonInstaller -> C:\Documents and Settings\All Users\Application Data\NortonInstaller -> [2009/08/19 19:08:05 | 00,000,000 | ---D | C]
HijackThis.lnk -> C:\Documents and Settings\Nina\Desktop\HijackThis.lnk -> [2009/08/13 18:03:37 | 00,001,734 | ---- | C] ()
Trend Micro -> C:\Program Files\Trend Micro -> [2009/08/13 18:03:36 | 00,000,000 | ---D | C]
Prescription number (Rx#).wpd -> C:\Documents and Settings\Nina\My Documents\Prescription number (Rx#).wpd -> [2009/08/13 17:26:15 | 00,015,462 | ---- | C] ()
dhtmled.ocx -> C:\WINDOWS\System32\dllcache\dhtmled.ocx -> [2009/08/11 23:43:59 | 00,128,512 | ---- | C] (Microsoft Corporation)
msoe.dll -> C:\WINDOWS\System32\dllcache\msoe.dll -> [2009/08/11 23:43:39 | 01,315,328 | ---- | C] (Microsoft Corporation)
NOS -> C:\Documents and Settings\All Users\Application Data\NOS -> [2009/08/10 16:13:08 | 00,000,000 | ---D | C]
mswebdvd.dll -> C:\WINDOWS\System32\dllcache\mswebdvd.dll -> [2009/08/05 02:01:48 | 00,204,800 | ---- | C] (Microsoft Corporation)
WlanUIG.sys -> C:\WINDOWS\System32\drivers\WlanUIG.sys -> [2007/06/02 12:51:25 | 00,347,648 | R--- | C] ( )
wkiwjnsh.ini -> C:\WINDOWS\System32\wkiwjnsh.ini -> [2007/04/26 19:05:53 | 00,000,463 | -HS- | C] ()
mlnmp.ini2 -> C:\WINDOWS\System32\mlnmp.ini2 -> [2007/04/25 22:37:07 | 01,375,741 | -HS- | C] ()
mlnmp.ini -> C:\WINDOWS\System32\mlnmp.ini -> [2007/04/24 08:37:08 | 01,356,390 | -HS- | C] ()
bccdd.ini -> C:\WINDOWS\System32\bccdd.ini -> [2007/04/23 21:48:24 | 00,000,377 | -HS- | C] ()
stutv.ini -> C:\WINDOWS\System32\stutv.ini -> [2007/04/23 21:48:24 | 00,000,353 | -HS- | C] ()
lvcoinst.ini -> C:\WINDOWS\System32\lvcoinst.ini -> [2006/11/21 16:03:58 | 00,013,126 | R--- | C] ()
InstExec.ini -> C:\WINDOWS\System32\InstExec.ini -> [2006/11/21 15:53:54 | 00,000,719 | R--- | C] ()
HP_CounterReport_Update_HPSU.ini -> C:\WINDOWS\HP_CounterReport_Update_HPSU.ini -> [2006/05/18 11:23:35 | 00,000,227 | ---- | C] ()
HPGdiPlus.ini -> C:\WINDOWS\HPGdiPlus.ini -> [2006/05/18 11:22:22 | 00,000,206 | ---- | C] ()
HP_RedboxHprblog_HPSU.ini -> C:\WINDOWS\HP_RedboxHprblog_HPSU.ini -> [2006/05/18 11:21:20 | 00,000,221 | ---- | C] ()
HP_48BitScanUpdatePatch.ini -> C:\WINDOWS\HP_48BitScanUpdatePatch.ini -> [2006/03/19 11:14:48 | 00,000,214 | ---- | C] ()
hpqEmlSz.INI -> C:\WINDOWS\hpqEmlSz.INI -> [2006/01/15 15:57:51 | 00,000,000 | ---- | C] ()
DXFLib.dll -> C:\WINDOWS\System32\DXFLib.dll -> [2006/01/12 18:09:14 | 00,090,112 | ---- | C] ()
opcode.dll -> C:\WINDOWS\System32\opcode.dll -> [2006/01/12 18:08:06 | 00,143,360 | ---- | C] ()
LVMVdrv.sys -> C:\WINDOWS\System32\drivers\LVMVdrv.sys -> [2005/12/09 16:37:42 | 02,400,256 | ---- | C] ()
LVPrcMon.sys -> C:\WINDOWS\System32\drivers\LVPrcMon.sys -> [2005/12/09 16:37:42 | 00,016,768 | ---- | C] ()
Lvckap.sys -> C:\WINDOWS\System32\drivers\Lvckap.sys -> [2005/12/09 16:35:54 | 02,174,464 | ---- | C] ()
ipixActivex.ini -> C:\WINDOWS\ipixActivex.ini -> [2005/05/17 19:53:12 | 00,000,037 | ---- | C] ()
uccspecb.sys -> C:\WINDOWS\uccspecb.sys -> [2005/03/28 19:43:55 | 00,000,004 | ---- | C] ()
winamp.ini -> C:\WINDOWS\winamp.ini -> [2005/01/16 17:04:33 | 00,000,192 | ---- | C] ()
Mfts50.dll -> C:\WINDOWS\System32\Mfts50.dll -> [2004/08/04 00:56:42 | 00,004,608 | ---- | C] ()
msoffice.ini -> C:\WINDOWS\msoffice.ini -> [2004/07/08 18:22:23 | 00,000,002 | ---- | C] ()
cdPlayer.ini -> C:\WINDOWS\cdPlayer.ini -> [2004/03/20 00:12:05 | 00,005,020 | ---- | C] ()
VTruck3.ini -> C:\WINDOWS\VTruck3.ini -> [2004/02/26 20:14:23 | 00,000,545 | ---- | C] ()
VTruck2.ini -> C:\WINDOWS\VTruck2.ini -> [2004/02/26 20:06:40 | 00,000,568 | ---- | C] ()
AdslCfg.ini -> C:\WINDOWS\System32\AdslCfg.ini -> [2004/02/26 19:55:30 | 00,002,498 | ---- | C] ()
AdslCfg.ini -> C:\WINDOWS\AdslCfg.ini -> [2004/02/26 19:55:29 | 00,002,498 | ---- | C] ()
VTruck1.ini -> C:\WINDOWS\VTruck1.ini -> [2004/02/26 19:54:52 | 00,000,404 | ---- | C] ()
ntsautodial.ini -> C:\WINDOWS\ntsautodial.ini -> [2004/02/25 19:52:59 | 00,000,017 | ---- | C] ()
smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2004/02/19 05:09:52 | 00,000,061 | ---- | C] ()
wininit.ini -> C:\WINDOWS\wininit.ini -> [2004/02/19 04:56:07 | 00,000,360 | ---- | C] ()
psisdecd.dll -> C:\WINDOWS\System32\psisdecd.dll -> [2004/02/19 04:42:28 | 00,363,520 | ---- | C] ()
fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2004/02/19 04:42:10 | 00,001,793 | ---- | C] ()
OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2004/02/19 04:28:48 | 00,000,549 | ---- | C] ()
BDEMERGE.INI -> C:\WINDOWS\System32\BDEMERGE.INI -> [2003/08/19 12:40:04 | 00,000,258 | ---- | C] ()
ORUN32.INI -> C:\WINDOWS\ORUN32.INI -> [2003/08/19 12:38:56 | 00,000,788 | ---- | C] ()
px.ini -> C:\WINDOWS\System32\px.ini -> [2003/08/13 21:54:00 | 00,000,000 | ---- | C] ()
WIN.INI -> C:\WINDOWS\WIN.INI -> [2002/09/03 07:59:58 | 00,000,878 | ---- | C] ()
SYSTEM.INI -> C:\WINDOWS\SYSTEM.INI -> [2002/09/03 07:50:58 | 00,000,227 | ---- | C] ()
hptcpmon.ini -> C:\WINDOWS\System32\hptcpmon.ini -> [2001/07/06 16:30:00 | 00,003,399 | ---- | C] ()
indounin.dll -> C:\WINDOWS\System32\indounin.dll -> [1999/01/27 14:39:06 | 00,065,024 | ---- | C] ()
Iyvu9_32.dll -> C:\WINDOWS\System32\Iyvu9_32.dll -> [1997/06/13 08:56:08 | 00,056,832 | ---- | C] ()
 
[Files/Folders - Modified Within 30 Days]
5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
OTS.exe -> C:\Documents and Settings\Nina\Desktop\OTS.exe -> [2009/08/26 23:06:22 | 00,514,048 | ---- | M] (OldTimer Tools)
WPA.DBL -> C:\WINDOWS\System32\WPA.DBL -> [2009/08/26 22:59:54 | 00,001,170 | ---- | M] ()
Perflib_Perfdata_1c8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1c8.dat -> [2009/08/26 22:58:19 | 00,016,384 | ---- | M] ()
SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2009/08/26 22:58:03 | 00,000,006 | -H-- | M] ()
BOOTSTAT.DAT -> C:\WINDOWS\BOOTSTAT.DAT -> [2009/08/26 22:57:46 | 00,002,048 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2009/08/26 22:57:37 | 26,640,7936 | -HS- | M] ()
kmxcfg.u2k7 -> C:\WINDOWS\System32\drivers\kmxcfg.u2k7 -> [2009/08/26 22:56:56 | 00,000,064 | ---- | M] ()
kmxcfg.u2k6 -> C:\WINDOWS\System32\drivers\kmxcfg.u2k6 -> [2009/08/26 22:56:56 | 00,000,064 | ---- | M] ()
kmxcfg.u2k5 -> C:\WINDOWS\System32\drivers\kmxcfg.u2k5 -> [2009/08/26 22:56:56 | 00,000,064 | ---- | M] ()
kmxcfg.u2k4 -> C:\WINDOWS\System32\drivers\kmxcfg.u2k4 -> [2009/08/26 22:56:56 | 00,000,064 | ---- | M] ()
kmxcfg.u2k0 -> C:\WINDOWS\System32\drivers\kmxcfg.u2k0 -> [2009/08/26 22:56:55 | 00,139,094 | ---- | M] ()
kmxcfg.u2k3 -> C:\WINDOWS\System32\drivers\kmxcfg.u2k3 -> [2009/08/26 22:56:55 | 00,000,064 | ---- | M] ()
kmxcfg.u2k2 -> C:\WINDOWS\System32\drivers\kmxcfg.u2k2 -> [2009/08/26 22:56:55 | 00,000,064 | ---- | M] ()
kmxcfg.u2k1 -> C:\WINDOWS\System32\drivers\kmxcfg.u2k1 -> [2009/08/26 22:56:55 | 00,000,064 | ---- | M] ()
ntuser.dat -> C:\Documents and Settings\Nina\ntuser.dat -> [2009/08/26 22:56:27 | 04,214,784 | ---- | M] ()
NTUSER.INI -> C:\Documents and Settings\Nina\NTUSER.INI -> [2009/08/26 22:56:27 | 00,000,178 | -HS- | M] ()
User_Feed_Synchronization-{2D22FF8A-63E5-4EAB-AE03-ED4760958CAE}.job -> C:\WINDOWS\tasks\User_Feed_Synchronization-{2D22FF8A-63E5-4EAB-AE03-ED4760958CAE}.job -> [2009/08/26 15:19:53 | 00,000,420 | -H-- | M] ()
sfdb.dat -> C:\Documents and Settings\Nina\Local Settings\Temp\jkos-Nina\engine\bases\sfdb.dat -> [2009/08/25 18:56:39 | 00,000,084 | ---- | M] ()
kosglue-7.0.26.0.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\jkos-Nina\binaries\kosglue-7.0.26.0.dll -> [2009/08/25 18:21:17 | 00,729,152 | ---- | M] (Kaspersky Lab)
msvcr80.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\jkos-Nina\binaries\msvcr80.dll -> [2009/08/25 18:21:16 | 00,626,688 | ---- | M] (Microsoft Corporation)
msvcp80.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\jkos-Nina\binaries\msvcp80.dll -> [2009/08/25 18:21:16 | 00,548,864 | ---- | M] (Microsoft Corporation)
prLoader.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\jkos-Nina\binaries\prLoader.dll -> [2009/08/25 18:21:16 | 00,184,320 | ---- | M] (Kaspersky Lab)
prremote.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\jkos-Nina\binaries\prremote.dll -> [2009/08/25 18:21:16 | 00,090,112 | ---- | M] (Kaspersky Lab)
kave.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\jkos-Nina\binaries\kave.dll -> [2009/08/25 18:21:15 | 00,282,624 | ---- | M] (Kaspersky Lab.)
ikave.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\jkos-Nina\binaries\ikave.dll -> [2009/08/25 18:21:15 | 00,065,536 | ---- | M] ()
ScanningProcess.exe -> C:\Documents and Settings\Nina\Local Settings\Temp\jkos-Nina\binaries\ScanningProcess.exe -> [2009/08/25 18:21:13 | 00,139,264 | ---- | M] (Kaspersky Lab.)
FSSync.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\jkos-Nina\binaries\FSSync.dll -> [2009/08/25 18:21:12 | 00,038,400 | ---- | M] (Kaspersky Lab)
msvcm80.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\jkos-Nina\binaries\msvcm80.dll -> [2009/08/25 18:21:11 | 00,479,232 | ---- | M] (Microsoft Corporation)
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/08/25 15:52:50 | 00,000,696 | ---- | M] ()
mbam-setup.1.2D0D17.exe -> C:\Documents and Settings\Nina\Desktop\mbam-setup.1.2D0D17.exe -> [2009/08/25 15:50:59 | 03,942,048 | ---- | M] (Malwarebytes Corporation                                    )
QMGR1.DAT -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\QMGR1.DAT -> [2009/08/25 15:37:22 | 00,004,646 | ---- | M] ()
QMGR0.DAT -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\QMGR0.DAT -> [2009/08/25 15:37:22 | 00,004,232 | ---- | M] ()
Acrobat.com.lnk -> C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk -> [2009/08/25 14:35:58 | 00,000,734 | ---- | M] ()
Adobe Reader 9.lnk -> C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk -> [2009/08/25 14:34:04 | 00,001,729 | ---- | M] ()
CAAntiSpywareScan_Daily as Nina at 1 15 PM.job -> C:\WINDOWS\tasks\CAAntiSpywareScan_Daily as Nina at 1 15 PM.job -> [2009/08/25 13:17:19 | 00,000,454 | ---- | M] ()
gmer.zip -> C:\Documents and Settings\Nina\Desktop\gmer.zip -> [2009/08/22 12:35:11 | 00,280,282 | ---- | M] ()
AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2009/08/20 15:57:19 | 00,000,284 | ---- | M] ()
iTunes.lnk -> C:\Documents and Settings\All Users\Desktop\iTunes.lnk -> [2009/08/13 18:59:33 | 00,002,137 | ---- | M] ()
HijackThis.lnk -> C:\Documents and Settings\Nina\Desktop\HijackThis.lnk -> [2009/08/13 18:03:38 | 00,001,734 | ---- | M] ()
Prescription number (Rx#).wpd -> C:\Documents and Settings\Nina\My Documents\Prescription number (Rx#).wpd -> [2009/08/13 17:26:15 | 00,015,462 | ---- | M] ()
imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2009/08/12 03:09:30 | 00,001,374 | ---- | M] ()
MSN.com.url -> C:\Documents and Settings\Nina\Desktop\MSN.com.url -> [2009/08/05 16:03:28 | 00,006,206 | ---- | M] ()
mswebdvd.dll -> C:\WINDOWS\System32\mswebdvd.dll -> [2009/08/05 02:01:48 | 00,204,800 | ---- | M] (Microsoft Corporation)
mswebdvd.dll -> C:\WINDOWS\System32\dllcache\mswebdvd.dll -> [2009/08/05 02:01:48 | 00,204,800 | ---- | M] (Microsoft Corporation)
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation)
MRT.exe -> C:\WINDOWS\System32\MRT.exe -> [2009/07/29 17:49:14 | 24,281,536 | ---- | M] (Microsoft Corporation)
YLPGSCAT.DAT -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\YLPGSCAT.DAT -> [2003/06/18 11:00:00 | 12,283,223 | ---- | M] ()
COLLEGE.DAT -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\COLLEGE.DAT -> [2003/06/18 11:00:00 | 00,327,746 | ---- | M] ()
ABOUT.DAT -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ABOUT.DAT -> [2003/06/18 11:00:00 | 00,001,528 | ---- | M] ()
MOREINFO.DAT -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\MOREINFO.DAT -> [2003/06/18 11:00:00 | 00,000,102 | ---- | M] ()
AcroRd32.exe -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\AcroRd32.exe -> [2001/03/27 22:44:58 | 03,870,784 | R--- | M] (Adobe Systems Incorporated)
WHA Library.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\WHA Library.dll -> [2001/03/15 07:14:38 | 00,167,936 | R--- | M] (Adobe Systems Incorporated)
QT4.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\plug_ins\Movie\QT4.dll -> [2001/03/15 07:01:02 | 00,036,864 | R--- | M] (Adobe Systems, Inc.)
QT3.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\plug_ins\Movie\QT3.dll -> [2001/03/15 07:00:42 | 00,032,768 | R--- | M] (Adobe Systems, Inc.)
QT2.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\plug_ins\Movie\QT2.dll -> [2001/03/15 07:00:24 | 00,024,576 | R--- | M] (Adobe Systems, Inc.)
SVGControl.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\SVG Files\SVGControl.dll -> [2001/03/14 15:14:00 | 00,491,574 | R--- | M] (Adobe Systems Incorporated)
NPSVGVw.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\SVG Files\NPSVGVw.dll -> [2001/03/14 15:10:56 | 00,299,059 | R--- | M] (Adobe Systems Inc.)
SVGView.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\SVG Files\SVGView.dll -> [2001/03/14 15:07:52 | 01,597,491 | R--- | M] (Adobe Systems Incorporated)
SVGRSRC.DLL -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\SVG Files\SVGRSRC.DLL -> [2001/03/14 15:06:24 | 00,012,288 | R--- | M] ()
CoolType.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\CoolType.dll -> [2001/03/14 11:06:02 | 01,441,792 | R--- | M] (Adobe Systems, Incorporated)
Agm.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\Agm.dll -> [2001/03/14 11:06:02 | 01,138,688 | R--- | M] (Adobe Systems, Incorporated)
NPDocBox.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\plug_ins\InterTrust\NPDocBox.dll -> [2001/03/14 05:52:06 | 00,225,280 | R--- | M] (InterTrust Technologies Corporation, Inc.)
AceLite.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\AceLite.dll -> [2001/02/28 10:29:36 | 00,397,312 | R--- | M] (Adobe Systems, Incorporated)
nppdf32.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\Browser\nppdf32.dll -> [2001/02/26 22:48:44 | 00,103,312 | R--- | M] (Adobe Systems Inc.)
Uninst.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\Uninstall\Uninst.dll -> [2001/02/26 22:48:44 | 00,081,920 | R--- | M] (Adobe Systems, Inc.)
Bib.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\Bib.dll -> [2001/01/20 23:13:36 | 00,147,456 | R--- | M] (Adobe Systems, Incorporated)
ACROFX32.DLL -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\ACROFX32.DLL -> [2000/05/12 19:30:02 | 00,053,248 | R--- | M] ()
msvcp60.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\msvcp60.dll -> [1999/12/01 01:40:28 | 00,401,462 | R--- | M] (Microsoft Corporation)
msvcrt.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\msvcrt.dll -> [1999/02/11 04:33:58 | 00,266,293 | R--- | M] (Microsoft Corporation)
Setup.exe -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Setup.exe -> [1999/01/12 12:42:20 | 00,073,728 | R--- | M] (InstallShield Software Corporation)
lang.dat -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\lang.dat -> [1999/01/12 11:34:42 | 00,023,541 | R--- | M] ()
_ISDel.exe -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\_ISDel.exe -> [1998/10/27 13:06:48 | 00,027,648 | R--- | M] (InstallShield Software Corporation)
_Setup.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\_Setup.dll -> [1998/09/29 17:34:56 | 00,034,816 | R--- | M] (InstallShield Software Corporation)
os.dat -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\os.dat -> [1998/07/27 18:41:06 | 00,000,450 | R--- | M] ()
oleaut32.dll -> C:\Documents and Settings\Nina\Local Settings\Temp\pft1FE~tmp\Reader\oleaut32.dll -> [1998/06/18 12:33:08 | 00,598,288 | R--- | M] (Microsoft Corporation)
< End of report >
normnina
Regular Member
 
Posts: 18
Joined: August 13th, 2009, 9:18 pm
Advertisement
Register to Remove

Re: Suspected Malware - slow responses

Unread postby melboy » August 28th, 2009, 7:40 am

Hi normnina

Check a file

  • Go to VirusTotal or Jotti's
    c:\windows\system32\mfts50.dll
  • Copy/Paste the file in the quote box into the white Upload a file box.
  • Click Send/Submit, and the file will upload to VirusTotal/Jotti, where it will be scanned by several anti-virus programmes.
  • After a while, a window will open, with details of what the scans found.
  • Copy and paste the results into your next reply.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

VirusTotal

Unread postby normnina » August 28th, 2009, 8:33 pm

File mfts50.dll received on 2009.08.29 00:19:49 (UTC)Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.08.28 -
AhnLab-V3 5.0.0.2 2009.08.28 -
AntiVir 7.9.1.7 2009.08.28 -
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.29 -
Avast 4.8.1335.0 2009.08.28 -
AVG 8.5.0.406 2009.08.28 -
BitDefender 7.2 2009.08.29 -
CAT-QuickHeal 10.00 2009.08.28 -
ClamAV 0.94.1 2009.08.28 -
Comodo 2124 2009.08.29 -
DrWeb 5.0.0.12182 2009.08.29 -
eSafe 7.0.17.0 2009.08.27 -
eTrust-Vet 31.6.6707 2009.08.28 -
F-Prot 4.5.1.85 2009.08.29 -
F-Secure 8.0.14470.0 2009.08.28 -
Fortinet 3.120.0.0 2009.08.28 -
GData 19 2009.08.29 -
Ikarus T3.1.1.68.0 2009.08.28 -
Jiangmin 11.0.800 2009.08.28 -
K7AntiVirus 7.10.830 2009.08.28 -
Kaspersky 7.0.0.125 2009.08.29 -
McAfee 5723 2009.08.28 -
McAfee+Artemis 5723 2009.08.28 -
McAfee-GW-Edition 6.8.5 2009.08.29 -
Microsoft 1.5005 2009.08.28 -
NOD32 4378 2009.08.28 -
Norman 2009.08.28 -
nProtect 2009.1.8.0 2009.08.28 -
Panda 10.0.2.2 2009.08.28 -
PCTools 4.4.2.0 2009.08.28 -
Prevx 3.0 2009.08.29 -
Rising 21.44.40.00 2009.08.28 -
Sophos 4.45.0 2009.08.29 -
Sunbelt 3.2.1858.2 2009.08.29 -
Symantec 1.4.4.12 2009.08.29 -
TheHacker 6.3.4.3.390 2009.08.28 -
TrendMicro 8.950.0.1094 2009.08.28 -
VBA32 3.12.10.10 2009.08.28 -
ViRobot 2009.8.28.1907 2009.08.28 -
VirusBuster 4.6.5.0 2009.08.28 -

Additional information
File size: 4608 bytes
MD5...: f107e73894638f8f0e85481de58898c2
SHA1..: ffd20ee78d0d7cd7892deb35c7d73f9599bb9dbb
SHA256: 0cdf957dffd7ea709cea6dbeeb8fd0f4a5efe53c78d167fadc5195d7485dd8b0
ssdeep: 48:a7f77+d7f77g77f77f77e7f77L7f77gO7f77f777:afP+pfPgPfPfPufPffPH<BR>fPfP7<BR>
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set<BR>-
pdfid.: -
trid..: OpenGL object (29.2%)<BR>Lotus 123 Worksheet (generic) (14.6%)<BR>HSC music composer song (9.2%)<BR>Game Music Creator Music (8.2%)<BR>MacBinary 1 header (7.5%)
normnina
Regular Member
 
Posts: 18
Joined: August 13th, 2009, 9:18 pm

Jotti's

Unread postby normnina » August 28th, 2009, 8:35 pm

Jotti's malware scan
Filename: mfts50.dll
Status: Scan finished. 0 out of 21 scanners reported malware.
Scan taken on: Sat 29 Aug 2009 02:27:03 (CET) Permalink



--------------------------------------------------------------------------------
Additional info
File size: 4608 bytes
Filetype: Unknown
MD5: f107e73894638f8f0e85481de58898c2
SHA1: ffd20ee78d0d7cd7892deb35c7d73f9599bb9dbb







Scanners
2009-08-28 Found nothing 2009-08-29 Found nothing
2009-08-29 Found nothing 2009-08-28 Found nothing
2009-08-28 Found nothing 2009-08-29 Found nothing
2009-08-28 Found nothing 2009-08-28 Found nothing
2009-08-28 Found nothing 2009-08-28 Found nothing
2009-08-28 Found nothing 2009-08-28 Found nothing
2009-08-28 Found nothing 2009-08-27 Found nothing
2009-08-29 Found nothing 2009-08-28 Found nothing
2009-08-29 Found nothing 2009-08-27 Found nothing
2009-08-28 Found nothing 2009-08-28 Found nothing
2009-08-28 Found nothing



--------------------------------------------------------------------------------



Scan a file - Hash search - Frequently Asked Questions - Privacy policy

© 2004-2009 Jotti <jotti@jotti.org>

Sponsored by Hotelscraper
normnina
Regular Member
 
Posts: 18
Joined: August 13th, 2009, 9:18 pm

Re: Suspected Malware - slow responses

Unread postby melboy » August 29th, 2009, 11:12 am

Hi normnina,

How are things running? The scans are finding leftover components of infections probably dealt with previously by your other security programs, but no signs of a current infection. If you are still finding things are running slow then it is likely not a malware issue, but other system issues (low RAM etc).


OTS fix

  • Double Click OTS.exe to start it.
  • Copy/Paste the information inside the quotebox below into the panel where it says "Paste fix here"
  • click the "Run Fix" button.

[Files/Folders - Created Within 30 Days]
NY -> wkiwjnsh.ini -> C:\WINDOWS\System32\wkiwjnsh.ini
NY -> mlnmp.ini2 -> C:\WINDOWS\System32\mlnmp.ini2
NY -> mlnmp.ini -> C:\WINDOWS\System32\mlnmp.ini
NY -> bccdd.ini -> C:\WINDOWS\System32\bccdd.ini
NY -> stutv.ini -> C:\WINDOWS\System32\stutv.ini
NY -> uccspecb.sys -> C:\WINDOWS\uccspecb.sys
[Purity]

The fix should only take a very short time.
When the fix is completed a message box will popup either telling you that it is completed (#1), or that a reboot is required to complete the fix (#2).

Note #1: If the fix is completed:
  • Click the Ok button
  • Notepad will open with a log of actions taken during the fix.
  • Post that log back here in your next reply.

Note #2: If a reboot is required:
  • click the "Yes" button to reboot the machine.
  • After the reboot, OTS will finish moving any files that could not be moved during the fix
  • NotePad will open with the final results at that time.
  • Post that log back here in your next reply.


Re-run - RSIT (Random's System Information Tool)
You should still have this program on your desktop.

  • Double click on RSIT.exe to run it.
  • Click Continue at the disclaimer screen.
  • RSIT will start running. When done... ONLY the "C:\RSIT\log.txt"...will be reproduced. (it will be maximized)
  • Please post the "log.txt" file contents in your next reply.

In your next reply:
  1. OTS log
  2. RSIT log and a description of how the computer is running now.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

OTS LOG

Unread postby normnina » August 29th, 2009, 6:10 pm

[Files/Folders - Created Within 30 Days]
C:\WINDOWS\System32\wkiwjnsh.ini moved successfully.
C:\WINDOWS\System32\mlnmp.ini2 moved successfully.
C:\WINDOWS\System32\mlnmp.ini moved successfully.
C:\WINDOWS\System32\bccdd.ini moved successfully.
C:\WINDOWS\System32\stutv.ini moved successfully.
C:\WINDOWS\uccspecb.sys moved successfully.
< End of fix log >
OTS by OldTimer - Version 3.0.10.3 fix logfile created on 08292009_150907
normnina
Regular Member
 
Posts: 18
Joined: August 13th, 2009, 9:18 pm

RSIT

Unread postby normnina » August 29th, 2009, 6:19 pm

Logfile of random's system information tool 1.06 (written by random/random)
Run by Nina at 2009-08-29 15:15:00
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 61 GB (80%) free of 76 GB
Total RAM: 254 MB (12% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:15:57 PM, on 8/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\twc\medicsp2\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Nina\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Nina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>;*.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
O4 - HKLM\..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: PackageCab - http://ak.imgag.com/imgag/cp/install/AxCtp2.cab
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://supportcenter.rr.com/sdccommon/d ... gctlcm.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.symantec.com/techsup ... SupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.napster.com/client/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 6371183062
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se6662.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 2561623984
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2561594484
O16 - DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} (ZPA_WheelOfFortune Object) - http://zone.msn.com/bingame/zpagames/zp ... b55579.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/a ... _en_dl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v ... 102118.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://hgtv1.view22.com/view22/app/view22rte.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {DD3641E5-A9CF-11D1-9AA1-444553540000} (Surround Video V3.0 Control Object) - http://www.sunterra.com/downloads/svh/svideo3.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/41/ins ... downde.cab
O18 - Protocol: bw+0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {7FF99DBC-B1BB-4E2B-B9C8-01F41B2A895B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: SupportSoft Sprocket Service (medicsp2) (sprtsvc_medicsp2) - SupportSoft, Inc. - C:\Program Files\twc\medicsp2\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 23940 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\CAAntiSpywareScan_Daily as Nina at 1 15 PM.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{2D22FF8A-63E5-4EAB-AE03-ED4760958CAE}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-03-27 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2003-08-06 106548]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
Locked

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCMSMMSG"=C:\WINDOWS\BCMSMMSG.exe [2003-08-29 122880]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2003-08-06 114741]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-12-09 225280]
"LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
"cctray"=C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe [2009-07-31 177392]
"QOELOADER"=C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe [2009-02-01 14088]
"CAVRID"=C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe [2009-07-31 230664]
"cafwc"=C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe [2009-02-01 1193200]
"capfasem"=C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe [2009-02-01 173296]
""= []
"capfupgrade"=C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe [2009-02-01 259312]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-25 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-03-27 24103720]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InfoData]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2006-12-08 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]
C:\Program Files\Logitech\Video\CameraAssistant.exe [2005-12-07 489472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]
C:\Program Files\Logitech\Video\InstallHelper.exe [2005-12-07 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe [2003-10-06 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mm_server]
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe [2003-10-06 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
C:\Program Files\Microsoft Money\System\mnyexpr.exe [2003-06-18 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
C:\Program Files\Dell\Media Experience\PCMService.exe [2003-08-26 204800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmileboxTray]
C:\Documents and Settings\Nina\Application Data\Smilebox\SmileboxTray.exe [2009-01-29 254600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPAMfighter Agent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue Registry Booster2]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AT&T Self Support Tool.lnk]
C:\PROGRA~1\SBCSEL~1\bin\matcli.exe -boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2004-05-29 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2006-12-08 196608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ymetray.lnk]
C:\PROGRA~1\Yahoo!\YAHOO!~1\ymetray.exe yahoomusicengine -preload []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"Pml Driver HPZ12"=2
"LVPrcSrv"=2
"DSBrokerService"=3
"SharedAccess"=2
"mnmsrvc"=3
"gusvc"=3
"CCALib8"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-06-22 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PFW]
C:\WINDOWS\system32\UmxWnp.Dll [2007-05-18 79368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe:*:Disabled:TODO: <File description>"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - E:\LaunchU3.exe -a


======List of files/folders created in the last 1 months======

2009-08-29 15:09:07 ----D---- C:\_OTS
2009-08-26 03:04:29 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-08-25 15:53:03 ----D---- C:\Documents and Settings\Nina\Application Data\Malwarebytes
2009-08-25 15:52:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-25 15:52:43 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-08-25 14:58:48 ----A---- C:\WINDOWS\system32\javaws.exe
2009-08-25 14:58:47 ----A---- C:\WINDOWS\system32\javaw.exe
2009-08-25 14:58:47 ----A---- C:\WINDOWS\system32\java.exe
2009-08-25 14:30:58 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-08-19 20:28:39 ----D---- C:\rsit
2009-08-19 19:08:05 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-08-13 18:03:36 ----D---- C:\Program Files\Trend Micro
2009-08-12 03:09:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-12 03:09:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-12 03:08:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-12 03:08:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-12 03:08:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-12 03:07:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-12 03:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-12 03:06:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-12 03:01:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-10 16:13:08 ----D---- C:\Documents and Settings\All Users\Application Data\NOS

======List of files/folders modified in the last 1 months======

2009-08-29 15:15:01 ----D---- C:\WINDOWS\Prefetch
2009-08-29 15:09:08 ----D---- C:\WINDOWS\SYSTEM32
2009-08-29 15:09:08 ----D---- C:\WINDOWS
2009-08-29 02:30:12 ----D---- C:\WINDOWS\Temp
2009-08-27 00:00:34 ----D---- C:\WINDOWS\system32\DRIVERS
2009-08-26 22:59:23 ----AD---- C:\WINDOWS\system32\IAS
2009-08-26 22:59:06 ----AC---- C:\WINDOWS\ModemLog_Communications cable between two computers.txt
2009-08-26 22:58:52 ----A---- C:\WINDOWS\ModemLog_BCM V.92 56K Modem.txt
2009-08-26 22:56:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-26 03:05:41 ----HD---- C:\WINDOWS\INF
2009-08-26 03:04:09 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-25 19:33:49 ----D---- C:\WINDOWS\CAVTemp
2009-08-25 15:52:43 ----RD---- C:\Program Files
2009-08-25 15:05:22 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-08-25 15:02:25 ----HD---- C:\Config.Msi
2009-08-25 14:59:13 ----SHD---- C:\WINDOWS\Installer
2009-08-25 14:58:05 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-08-25 14:35:58 ----D---- C:\Program Files\Adobe
2009-08-25 14:34:50 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-08-25 14:34:01 ----D---- C:\Program Files\Common Files\Adobe
2009-08-25 14:31:08 ----D---- C:\Documents and Settings\Nina\Application Data\Adobe
2009-08-25 14:30:58 ----D---- C:\Program Files\Common Files
2009-08-25 14:15:21 ----D---- C:\WINDOWS\WinSxS
2009-08-19 19:26:24 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-08-19 19:25:50 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-08-14 18:12:39 ----D---- C:\WINDOWS\system32\FxsTmp
2009-08-13 18:52:23 ----A---- C:\caisslog.txt
2009-08-12 03:09:30 ----A---- C:\WINDOWS\imsins.BAK
2009-08-12 03:09:20 ----RSHD---- C:\WINDOWS\system32\DLLCACHE
2009-08-12 03:08:21 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-12 03:07:35 ----D---- C:\Program Files\Outlook Express
2009-08-06 21:11:06 ----D---- C:\WINDOWS\network diagnostic
2009-08-05 02:01:48 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-07-31 09:40:14 ----D---- C:\Program Files\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 KmxAgent;KmxAgent; C:\WINDOWS\System32\DRIVERS\kmxagent.sys [2008-06-24 63504]
R1 KmxFile;KmxFile; C:\WINDOWS\System32\DRIVERS\KmxFile.sys [2008-06-24 45584]
R1 KmxFw;KmxFw; C:\WINDOWS\System32\DRIVERS\kmxfw.sys [2008-06-24 115216]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\System32\DRIVERS\omci.sys [2002-11-08 17217]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2003-07-14 5621]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2003-07-14 23219]
R1 VETEFILE;VET File Scan Engine; C:\WINDOWS\system32\drivers\VETEFILE.sys [2009-02-01 880560]
R1 VETFDDNT;VET Floppy Boot Sector Monitor; C:\WINDOWS\system32\drivers\VETFDDNT.sys [2007-08-20 21512]
R1 VET-FILT;VET File System Filter; C:\WINDOWS\system32\drivers\VET-FILT.sys [2007-08-20 26376]
R1 VETMONNT;VET File Monitor; C:\WINDOWS\system32\drivers\VETMONNT.sys [2007-08-20 32264]
R1 VET-REC;VET File System Recognizer; C:\WINDOWS\system32\drivers\VET-REC.sys [2007-08-20 21128]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2003-06-20 40448]
R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 KmxCF;KmxCF; C:\WINDOWS\System32\DRIVERS\KmxCF.sys [2008-06-24 134648]
R2 KmxSbx;KmxSbx; C:\WINDOWS\System32\DRIVERS\KmxSbx.sys [2008-06-24 66576]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2004-04-13 15781]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2003-08-06 25685]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2003-08-06 34837]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2003-08-06 4117]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2003-08-06 2233]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2003-08-06 83284]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2003-08-06 14229]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2003-08-06 6357]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2003-08-06 98068]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2003-08-06 100373]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys [2003-05-23 43136]
R3 BCMModem;BCM V.92 56K Modem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [2003-08-29 1101696]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-07 51120]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-07 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-07 21744]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2005-06-22 807998]
R3 KmxCfg;KmxCfg; C:\WINDOWS\System32\DRIVERS\kmxcfg.sys [2008-06-24 88816]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-12-05 39424]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2007-05-19 28256]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-08-29 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-02-28 545024]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VETEBOOT;VET Boot Scan Engine; C:\WINDOWS\system32\drivers\VETEBOOT.sys [2009-02-01 108368]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-13 42752]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-08 120830]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-08 98842]
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2004-08-03 161020]
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2004-08-03 12415]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2004-08-03 12127]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2004-08-03 11775]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2004-08-03 12063]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2004-08-03 19455]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2004-08-03 29311]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2004-08-03 19551]
S3 iAimTV2;iAimTV2; C:\WINDOWS\System32\DRIVERS\wATV03nt.sys []
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2004-08-03 33599]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2004-08-03 23615]
S3 ICAM3NT5;Intel USB Video Camera III; C:\WINDOWS\System32\Drivers\Icam3.sys [2001-08-17 141056]
S3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys []
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
S3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-12-05 287360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys []
S3 WlanUIG;2Wire 802.11g USB Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-05-16 347648]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-13 5504]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CAISafe;CAISafe; C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe [2007-08-20 144960]
R2 ITMRTSVC;CA Pest Patrol Realtime Protection Service; C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe [2007-01-04 280080]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-25 153376]
R2 sprtsvc_medicsp2;SupportSoft Sprocket Service (medicsp2); C:\Program Files\twc\medicsp2\bin\sprtsvc.exe [2007-03-07 202280]
R2 UmxAgent;HIPS Event Manager; C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe [2007-10-18 1010192]
R2 UmxCfg;HIPS Configuration Interpreter; C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe [2007-10-18 801296]
R2 UmxFwHlp;HIPS Firewall Helper; C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe [2007-10-18 145936]
R2 UmxPol;HIPS Policy Manager; C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe [2008-06-24 281104]
R2 VETMSGNT;VET Message Service; C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe [2009-07-31 242952]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 CaCCProvSP;CaCCProvSP; C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe [2009-07-31 214256]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
R3 PPCtlPriv;PPCtlPriv; C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe [2007-08-16 189704]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-07 136120]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files\Common Files\supportsoft\bin\ssrc.exe [2008-07-15 394608]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
S4 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07 76848]
S4 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2005-12-09 81920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S4 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------
normnina
Regular Member
 
Posts: 18
Joined: August 13th, 2009, 9:18 pm

Thank You

Unread postby normnina » August 29th, 2009, 6:35 pm

Hi melboy

First, thank you so much for your help. You are an excellent tech and very articulate. It was easy for me to understand what I needed to do, even though I'm not very educated on the workings of computers.

My computer is running much better. I was having a myriad of problems; one of the most annoying was that the computer would hang up quite often. That has seemed to stop.

I don't understand a lot about RAM, but I get warning messages from time-to-time that my virtual memory is too low. Is that the same as the RAM? I read through your recommendation, but haven't done anything with it yet.

Also, how do I avoid malware in the future???

I just can't thank you enough for your help. Thank you for your patience and your valuable time.
normnina
Regular Member
 
Posts: 18
Joined: August 13th, 2009, 9:18 pm

Re: Suspected Malware - slow responses

Unread postby melboy » August 30th, 2009, 6:00 am

Hi normnina :)

You're most welcome and thank you for your kind words, I appreciate it!

I get warning messages from time-to-time that my virtual memory is too low.

That would be indicative of low RAM. Virtual memory is an area of your hard drive (C:\pagefile.sys) utilized by Windows along with physical RAM when running programs. It is usually by default 1.5 times the size of your installed physical RAM.

As well as my previous advice for installing more physical RAM, plesase refer to this topic too.


Your log now appears to be clean. Congratulations!
This is my general post for when your logs show no more signs of malware ;)- Please let me know if you still are having problems with your computer and what these problems are.


OTS Clean Up

  • Start OTS
  • Click the CleanUp button
  • OTS will download a small file from the Internet. If a security program or firewall warns you of this allow it to download.
  • OTS will delete any tools downloaded and files/folders created and then ask you to reboot so it can remove itself.
  • Click Yes.




General Security and Computer Health
Below are some steps to follow in order to dramatically lower the chances of reinfection. You may have already implemented some of the steps below, however you should follow any steps that you have not already implemented.

  • Clear Infected System Restore Points
    • Turn System Restore off
    • On the Desktop, right click on the My Computer icon.
    • Click Properties.
    • Click the System Restore tab.
    • Check Turn off System Restore.
    • Click Apply, and then click OK.
      Restart your computer

      • Turn System Restore on
      • On the Desktop, right click on the My Computer icon.
      • Click Properties.
      • Click the System Restore tab.
      • Uncheck Turn off System Restore on all drives.
      • Click Apply
      • Click each drive in turn where system restore is not required and click Settings
        Note: System restore is only needed on drives with an operating system installed
      • For each drive without an operating system, check Turn off system restore on this drive, click Yes then click OK.
      Note: only do this once, and not on a regular basis

    • Make sure that you keep your antivirus updated
      New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
      Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.
    • Security Updates for Windows, Internet Explorer & Microsoft Office
      Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.
      Note: The update process uses ActiveX, so you will need to use internet explorer for it and allow the ActiveX control to install.
    • Update Non-Microsoft Programs
      Microsoft isn't the only company whose products can contain security vulnerabilities. To check whether other programs running on your PC are in need of an update, you can use the Secunia Software Inspector - I suggest that you run it at least once a month.

    Recommended Programs

    I would recommend the download and installation of some or all of the following programs (if not already present), and the updating of them on a regular basis.

    • WinPatrol
      As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. For more information, please visit HERE.
    • Malwarebytes' Anti-Malware (MBAM)
      As you already have Malwarebytes' Anti-Malware on board I would keep it regularly updated and run regular quick scans with it. (TIP: Cleaning out temp files can reduce scanning times.) You can find a tutorial for MBAM HERE.
    • Hosts File
      For added protection you may also like to add a host file. A simple explanation of what a Hosts file does is HERE and for more information regarding host files read HERE.
    • Use an alternative Internet Browser
      Many of the exploits are directed to users of Internet Explorer. Try using a different browser instead:
      Firefox
      Opera


Finally I am trying to make one point very clear. It is absolutely essential to keep all of your security programs up to date.

Also please read this great article by Tony Klein So How Did I Get Infected In First Place

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Happy surfing and stay clean!
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Suspected Malware - slow responses

Unread postby normnina » August 30th, 2009, 7:09 pm

Hi melboy :P

I'm working on the last bit of instructions you recommended, so looks like this can be closed.

THANK YOU!
normnina
normnina
Regular Member
 
Posts: 18
Joined: August 13th, 2009, 9:18 pm

Re: Suspected Malware - slow responses

Unread postby askey127 » September 6th, 2009, 6:38 am

normnina, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13904
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 12 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware