Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strange Recurring Virus/trojan Horse Problem


  • This topic is locked This topic is locked
16 replies to this topic

#1 Ruidiance

Ruidiance

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 03 February 2007 - 09:44 AM

Hello everyone, I've got a weird program that keeps getting created every few minutes. This program is called Update.exe and is in a folder that has a .dll file named system.dll. The thing is, everytime I delete this file, it auto-recreates itself after a few minutes. AVG Free Edition will inform me that a virus has been found, and that the virus is that file. Here is the directory of the two files: C:\Program Files\Common Files\{883A0E0B-07CF-1033-0920-021102000001}

I've noticed a few strange things that occur:

1) The recurring creation of the Update.exe and the system.dll files.

2) My homepage will reset to www.virushelpzone.com everytime I reboot.

3) Trying to use any administrative tools will result in the window being shut down automatically.

4) HiJackThis! can only work in SafeMode renamed to kitty.com , otherwise it will also close before I can use it.

5) I have used AdAware and AVG Free Edition (both up-to-date) and performed full-system-scans. I have deleted everything malicious detected.

6) I have also emptied my recycle bin, deleted my cookies and temporary internet files and used CCleaner.

If you can help me in any possible way, please reply. Thanks in advance!

Here is the HiJackThis! log file:

Logfile of HijackThis v1.99.1
Scan saved at 9:57:53 PM, on 2/3/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\User1\My Documents\My Downloads\hijackthis\kitty.com.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virushelpzone.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F3 - REG:win.ini: load=C:\WINDOWS\System32\sqtjqtlo\winlogon.exe
F3 - REG:win.ini: run=C:\WINDOWS\System32\sqtjqtlo\winlogon.exe
O1 - Hosts: 1.1.1.1 f-secure.com
O1 - Hosts: 1.1.1.1 www.f-secure.com
O1 - Hosts: 1.1.1.1 ftp.f-secure.com
O1 - Hosts: 1.1.1.1 ftp.sophos.com
O1 - Hosts: 1.1.1.1 liveupdate.symantec.com
O1 - Hosts: 1.1.1.1 customer.symantec.com
O1 - Hosts: 1.1.1.1 dispatch.mcafee.com
O1 - Hosts: 1.1.1.1 download.mcafee.com
O1 - Hosts: 1.1.1.1 rads.mcafee.com
O1 - Hosts: 1.1.1.1 mast.mcafee.com
O1 - Hosts: 1.1.1.1 my-etrust.com
O1 - Hosts: 1.1.1.1 www.my-etrust.com
O1 - Hosts: 1.1.1.1 nai.com
O1 - Hosts: 1.1.1.1 www.nai.com
O1 - Hosts: 1.1.1.1 networkassociates.com
O1 - Hosts: 1.1.1.1 secure.nai.com
O1 - Hosts: 1.1.1.1 securityresponse.symantec.com
O1 - Hosts: 1.1.1.1 service1.symantec.com
O1 - Hosts: 1.1.1.1 sophos.com
O1 - Hosts: 1.1.1.1 www.sophos.com
O1 - Hosts: 1.1.1.1 support.microsoft.com
O1 - Hosts: 1.1.1.1 symantec.com
O1 - Hosts: 1.1.1.1 www.symantec.com
O1 - Hosts: 1.1.1.1 update.symantec.com
O1 - Hosts: 1.1.1.1 updates.symantec.com
O1 - Hosts: 1.1.1.1 us.mcafee.com
O1 - Hosts: 1.1.1.1 vil.nai.com
O1 - Hosts: 1.1.1.1 viruslist.com
O1 - Hosts: 1.1.1.1 www.viruslist.com
O1 - Hosts: 1.1.1.1 grisoft.com
O1 - Hosts: 1.1.1.1 www.grisoft.com
O1 - Hosts: 1.1.1.1 free.grisoft.com
O1 - Hosts: 1.1.1.1 trendmicro.com
O1 - Hosts: 1.1.1.1 housecall.trendmicro.com
O1 - Hosts: 1.1.1.1 www.trendmicro.com
O1 - Hosts: 1.1.1.1 pandasoftware.com
O1 - Hosts: 1.1.1.1 www.pandasoftware.com
O1 - Hosts: 1.1.1.1 usa.kaspersky.com
O1 - Hosts: 1.1.1.1 ewido.net
O1 - Hosts: 1.1.1.1 www.ewido.net
O1 - Hosts: 1.1.1.1 zonelabs.com
O1 - Hosts: 1.1.1.1 www.zonelabs.com
O1 - Hosts: 1.1.1.1 bitdefender.com
O1 - Hosts: 1.1.1.1 www.bitdefender.com
O1 - Hosts: 1.1.1.1 download.bitdefender.com
O1 - Hosts: 1.1.1.1 upgrade.bitdefender.com
O1 - Hosts: 1.1.1.1 spywareinfo.com
O1 - Hosts: 1.1.1.1 www.spywareinfo.com
O1 - Hosts: 1.1.1.1 merijn.org
O1 - Hosts: 1.1.1.1 www.merijn.org
O1 - Hosts: 1.1.1.1 sysinternals.com
O1 - Hosts: 1.1.1.1 www.sysinternals.com
O1 - Hosts: 1.1.1.1 onguardonline.gov
O1 - Hosts: 1.1.1.1 www.onguardonline.gov
O1 - Hosts: 1.1.1.1 avast.com
O1 - Hosts: 1.1.1.1 www.avast.com
O1 - Hosts: 1.1.1.1 safety.live.com
O1 - Hosts: 1.1.1.1 www.paretologic.com
O1 - Hosts: 1.1.1.1 paretologic.com
O1 - Hosts: 1.1.1.1 virusscan.jotti.org
O1 - Hosts: 1.1.1.1 services.google.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\Adobe\Acrobat Reader 5\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [DrvListnr] C:\Program Files\Analog Devices\SoundMAX\DrvListnr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\tppaldr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Startup: winlogon.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-sg\msntabres.dll.mui/229?9624e548074a45ae8c07b689b9a884a9
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-sg\msntabres.dll.mui/230?9624e548074a45ae8c07b689b9a884a9
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633
O18 - Protocol: bw+0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {1DE50CE8-1398-4A6B-A387-DFF861C408BA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - (no CLSID) - (no file)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Client IP-IPX - Unknown owner - C:\WINDOWS\System32\svchosts.exe" -e te-110-12-0000282 (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

BC AdBot (Login to Remove)

 


#2 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:04:03 AM

Posted 03 February 2007 - 10:09 AM

Hello Ruidiance and welcome to the BC HijackThis forum. I'd like to try a different scanner and see what it shows us.

Download WinPFind3U.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.
  • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
  • Now click the Run Scan button on the toolbar.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#3 Ruidiance

Ruidiance
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 03 February 2007 - 10:44 AM

WinPFind3 logfile created on: 2/3/2007 11:25:31 PM
WinPFind3U by OldTimer - Version 1.0.11 Folder = C:\Documents and Settings\User1\My Documents\My Downloads\WinPFind3u\
Microsoft Windows XP (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2600.0000)

523056 Kb Total Physical Memory | 313748 Kb Available Physical Memory | 59.98% Memory free
1279908 Kb Paging File | 1037176 Kb Available in Paging File | 81.04% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80413325 Kb Total Space | 65540244 Kb Free Space | 81.50% Space Free
Drive D: | 21808204 Kb Total Space | 14963888 Kb Free Space | 68.62% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded


[Processes - Non-Microsoft Only]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 343552 bytes | Modified Date = 11/25/2006 12:31:02 PM | Attr = ]
avgcc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.418 | Size = 406016 bytes | Modified Date = 11/25/2006 12:31:02 PM | Attr = ]
avgemc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.432 | Size = 323072 bytes | Modified Date = 12/6/2006 9:49:30 AM | Attr = ]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 11/25/2006 12:31:04 PM | Attr = ]
em_exec.exe -> %ProgramFiles%\Logitech\MouseWare\system\EM_EXEC.EXE -> Logitech Inc. [Ver = 9.75.302 | Size = 37888 bytes | Modified Date = 11/21/2002 9:50:00 AM | Attr = ]
googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 908, 5008 | Size = 163576 bytes | Modified Date = 11/28/2006 1:48:46 AM | Attr = ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
itouch.exe -> %ProgramFiles%\Logitech\iTouch\iTouch.exe -> Logitech Inc. [Ver = 2.15.264 | Size = 631362 bytes | Modified Date = 11/23/2002 2:15:00 AM | Attr = ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 11/9/2006 3:07:30 PM | Attr = ]
logitechdesktopmessenger.exe -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> Logitech [Ver = 2.30.04 | Size = 36864 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
smtray.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMTray.exe -> Analog Devices, Inc. [Ver = 3, 0, 205, 0 | Size = 81920 bytes | Modified Date = 1/30/2002 6:01:54 PM | Attr = ]
tppaldr.exe -> %SystemRoot%\TPPALDR.EXE -> [File Corrupted - Detail Data unreadable]
winlogon.exe -> %System32%\xsqivvjmv\winlogon.exe -> [Ver = | Size = 74752 bytes | Modified Date = 2/1/2007 9:50:04 PM | Attr = RHS]
winpfind3u.exe -> %UserDocuments%\My Downloads\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.11.0 | Size = 306176 bytes | Modified Date = 1/18/2007 6:01:14 PM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 343552 bytes | Modified Date = 11/25/2006 12:31:02 PM | Attr = ]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 11/25/2006 12:31:04 PM | Attr = ]
(AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.432 | Size = 323072 bytes | Modified Date = 12/6/2006 9:49:30 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.0.503.0 | Size = 204800 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
(Client IP-IPX) Client IP-IPX [Win32_Own | Auto | Stopped] -> %System32%\svchosts.exe -> [Ver = | Size = 36864 bytes | Modified Date = 2/3/2007 10:13:40 PM | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
AVG7_CC -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.418 | Size = 406016 bytes | Modified Date = 11/25/2006 12:31:02 PM | Attr = ]
DrvListnr -> %ProgramFiles%\Analog Devices\SoundMAX\DrvListnr.exe -> File not found
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
KernelFaultCheck -> -> File not found
Logitech Utility -> %SystemRoot%\LOGI_MWX.EXE -> Logitech Inc. [Ver = 9.75.294 | Size = 19968 bytes | Modified Date = 11/8/2002 5:50:00 PM | Attr = ]
NeroCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 7/9/2001 5:50:42 PM | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 86016 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
nwiz -> %System32%\nwiz.exe -> [Ver = | Size = 1622016 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
Smapp -> %ProgramFiles%\Analog Devices\SoundMAX\SMTray.exe -> Analog Devices, Inc. [Ver = 3, 0, 205, 0 | Size = 81920 bytes | Modified Date = 1/30/2002 6:01:54 PM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 11/9/2006 3:07:30 PM | Attr = ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
TPP Auto Loader -> %SystemRoot%\TPPALDR.EXE -> [File Corrupted - Detail Data unreadable]
winlogon -> -> File not found
zBrowser Launcher -> %ProgramFiles%\Logitech\iTouch\iTouch.exe -> Logitech Inc. [Ver = 2.15.264 | Size = 631362 bytes | Modified Date = 11/23/2002 2:15:00 AM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
BitTorrent -> %ProgramFiles%\BitTorrent\bittorrent.exe -> File not found
LDM -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> Logitech [Ver = 2.30.04 | Size = 36864 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 908, 5008 | Size = 163576 bytes | Modified Date = 11/28/2006 1:48:46 AM | Attr = ]
winlogon -> -> File not found
< Windows NT\\Load [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\load
C:\WINDOWS\System32\xsqivvjmv\winlogon.exe -> %System32%\xsqivvjmv\winlogon.exe -> [Ver = | Size = 74752 bytes | Modified Date = 2/1/2007 9:50:04 PM | Attr = RHS]
< Windows NT\\Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\run
C:\WINDOWS\System32\xsqivvjmv\winlogon.exe -> %System32%\xsqivvjmv\winlogon.exe -> [Ver = | Size = 74752 bytes | Modified Date = 2/1/2007 9:50:04 PM | Attr = RHS]
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup
%AllUsersStartup%\Logitech Desktop Messenger.lnk -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe -> Logitech [Ver = 2.30.04 | Size = 196608 bytes | Modified Date = 12/3/2006 8:10:34 PM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoAdminPage -> 1 ->
-> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = My Current Home Page ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
1.1.1.1 f-secure.com -> ->
1.1.1.1 www.f-secure.com -> ->
1.1.1.1 ftp.f-secure.com -> ->
1.1.1.1 ftp.sophos.com -> ->
1.1.1.1 liveupdate.symantec.com -> ->
1.1.1.1 customer.symantec.com -> ->
1.1.1.1 dispatch.mcafee.com -> ->
1.1.1.1 download.mcafee.com -> ->
1.1.1.1 rads.mcafee.com -> ->
1.1.1.1 mast.mcafee.com -> ->
1.1.1.1 my-etrust.com -> ->
1.1.1.1 www.my-etrust.com -> ->
1.1.1.1 nai.com -> ->
1.1.1.1 www.nai.com -> ->
1.1.1.1 networkassociates.com -> ->
1.1.1.1 secure.nai.com -> ->
1.1.1.1 securityresponse.symantec.com -> ->
1.1.1.1 service1.symantec.com -> ->
1.1.1.1 sophos.com -> ->
1.1.1.1 www.sophos.com -> ->
1.1.1.1 support.microsoft.com -> ->
1.1.1.1 symantec.com -> ->
1.1.1.1 www.symantec.com -> ->
1.1.1.1 update.symantec.com -> ->
1.1.1.1 updates.symantec.com -> ->
1.1.1.1 us.mcafee.com -> ->
1.1.1.1 vil.nai.com -> ->
1.1.1.1 viruslist.com -> ->
1.1.1.1 www.viruslist.com -> ->
1.1.1.1 grisoft.com -> ->
1.1.1.1 www.grisoft.com -> ->
1.1.1.1 free.grisoft.com -> ->
1.1.1.1 trendmicro.com -> ->
1.1.1.1 housecall.trendmicro.com -> ->
1.1.1.1 www.trendmicro.com -> ->
1.1.1.1 pandasoftware.com -> ->
1.1.1.1 www.pandasoftware.com -> ->
1.1.1.1 usa.kaspersky.com -> ->
1.1.1.1 ewido.net -> ->
1.1.1.1 www.ewido.net -> ->
1.1.1.1 zonelabs.com -> ->
1.1.1.1 www.zonelabs.com -> ->
1.1.1.1 bitdefender.com -> ->
1.1.1.1 www.bitdefender.com -> ->
1.1.1.1 download.bitdefender.com -> ->
1.1.1.1 upgrade.bitdefender.com -> ->
1.1.1.1 spywareinfo.com -> ->
1.1.1.1 www.spywareinfo.com -> ->
1.1.1.1 merijn.org -> ->
1.1.1.1 www.merijn.org -> ->
1.1.1.1 sysinternals.com -> ->
1.1.1.1 www.sysinternals.com -> ->
1.1.1.1 onguardonline.gov -> ->
1.1.1.1 www.onguardonline.gov -> ->
1.1.1.1 avast.com -> ->
1.1.1.1 www.avast.com -> ->
1.1.1.1 safety.live.com -> ->
1.1.1.1 www.paretologic.com -> ->
1.1.1.1 paretologic.com -> ->
1.1.1.1 virusscan.jotti.org -> ->
1.1.1.1 services.google.com -> ->
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->
HKLM: Main\\Default_Search_URL -> http://www.google.com/ie ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL -> http://www.google.com/ie ->
HKLM: SearchAssistant -> http://www.google.com/ie ->
HKCU: Local Page -> C:\WINDOWS\System32\blank.htm ->
HKCU: Search Bar -> http://www.google.com/ie ->
HKCU: Search Page -> http://www.google.com ->
HKCU: Start Page -> http://www.virushelpzone.com/ ->
HKCU: SearchAssistant -> http://www.google.com/ie ->
HKCU: ProxyEnable -> 0 ->
HKCU: ProxyOverride -> localhost ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat Reader 5\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 3/2/2001 12:02:04 PM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 11/9/2006 3:21:52 PM | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 3054 | Size = 2120768 bytes | Modified Date = 10/17/2006 3:04:08 PM | Attr = R ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 3054 | Size = 2120768 bytes | Modified Date = 10/17/2006 3:04:08 PM | Attr = R ]
{8E718888-423F-11D2-876E-00A0C9082467} [HKLM] -> %System32%\msdxm.ocx [&Radio] -> [Ver = | Size = 843804 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 3054 | Size = 2120768 bytes | Modified Date = 10/17/2006 3:04:08 PM | Attr = R ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 3054 | Size = 2120768 bytes | Modified Date = 10/17/2006 3:04:08 PM | Attr = R ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8194 - Sun Java Console ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8193 - Reg Data - Value does not exist ->
NextId -> 8195 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\npjpi150_10.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 75528 bytes | Modified Date = 11/9/2006 3:21:54 PM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 11/9/2006 3:21:52 PM | Attr = ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
&Search -> http:\kl.bar.need2find.com\KL\menusearch.htm -> File not found
&Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll\search.htm -> File not found
E&xport to Microsoft Excel -> -> File not found
Open in new background tab -> -> File not found
Open in new foreground tab -> -> File not found
< Internet Explorer Plugins [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\
.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Data - Value does not exist] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 | Size = 225280 bytes | Modified Date = 1/30/2001 1:56:24 PM | Attr = ]
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Taskbar and Start Menu] -> File not found
{1CDB2949-8F65-4355-8456-263E7C208A5D} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer] -> [Ver = | Size = 466944 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer Menu] -> [Ver = | Size = 466944 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [nView Desktop Context Menu] -> [Ver = | Size = 466944 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Display Panning CPL Extension] -> File not found
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Shell extensions for file compression] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [User Accounts] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Encryption Context Menu] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [HyperTerminal Icon Ext] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 11/25/2006 12:31:04 PM | Attr = ]
{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Find Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 11/25/2006 12:31:04 PM | Attr = ]
{A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCpl DesktopContext Class] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] -> [Ver = | Size = 126464 bytes | Modified Date = 9/14/2006 12:20:24 AM | Attr = ]
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} [HKLM] -> %ProgramFiles%\iTunes\iTunesMiniPlayer.dll [iTunes] -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 132672 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealOne Player\rpshell.dll [Shell Extensions for RealOne Player] -> RealNetworks, Inc. [Ver = 1.0.1.2488 | Size = 54848 bytes | Modified Date = 1/26/2007 6:40:40 PM | Attr = ]
{FFB699E0-306A-11d3-8BD1-00104B6F7516} [HKLM] -> %System32%\nvcpl.dll [Play on my TV helper] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 11/25/2006 12:31:04 PM | Attr = ]
{C8CA0A66-AF32-4D5E-879E-F0809ACEDC55} [HKLM] -> %ProgramFiles%\MP3 Player Utilities 3.68\AMVTools\AmvTransform.dll [VIDEOTRANS] -> [Ver = 1, 0, 0, 1 | Size = 32768 bytes | Modified Date = 7/22/2005 8:21:46 AM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 9/14/2006 12:20:24 AM | Attr = ]
< ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 9/14/2006 12:20:24 AM | Attr = ]
< ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [00nView] -> [Ver = | Size = 466944 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCplDesktopContext] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 11/25/2006 12:31:04 PM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 9/14/2006 12:20:24 AM | Attr = ]
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{1781B5BF-A82B-478A-A8AD-AB1C14AC9CC6} -> () ->
{2B6D1054-0510-47FB-AD4E-410745630A9F} -> (Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4)) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
bw+0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw+0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw-0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw00 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw00s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw-0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw10 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw10s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw20 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw20s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw30 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw30s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw40 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw40s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw50 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw50s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw60 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw60s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw70 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw70s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw80 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw80s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw90 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw90s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwa0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwa0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwb0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwb0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwc0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwc0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwd0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwd0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwe0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwe0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwf0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwf0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwfile-8876480 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwg0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwg0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwh0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwh0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwi0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwi0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwj0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwj0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwk0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwk0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwl0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwl0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwm0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwm0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwn0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwn0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwo0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwo0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwp0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwp0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwq0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwq0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwr0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwr0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bws0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bws0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwt0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwt0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwu0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwu0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwv0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwv0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bww0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bww0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwx0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwx0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwy0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwy0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwz0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwz0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
offline-8876480 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
vnd.ms.radio -> %System32%\msdxm.ocx -> [Ver = | Size = 843804 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
< Protocol Filters [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\
text/html -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{0000000A-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/8/B...42/wmsp9dmo.cab ->
{00000055-9980-0010-8000-00AA00389B71} -> - CodeBase = http://codecs.microsoft.com/codecs/i386/fhg.CAB ->
{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} -> Office Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=67633 ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.macromedia.com/pub/shock...director/sw.cab ->
{3334504D-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/0/C...C4D/mp43dmo.CAB ->
{33564D57-0000-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB ->
{33564D57-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/D/0...D0C/wmv9dmo.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload.macromedia.com/get/flash...ent/swflash.cab ->


[Files - Created Within 30 days]
Thumbs.db -> %SystemDrive%\Thumbs.db -> [Ver = | Size = 25088 bytes | Created Date = 1/7/2007 11:30:36 AM | Attr = HS]
system.dll -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\system.dll -> [Ver = | Size = 6144 bytes | Created Date = 2/3/2007 10:13:39 PM | Attr = ]
atrc.dll -> %CommonProgramFiles%\Real\Codecs\atrc.dll -> RealNetworks, Inc. [Ver = 10.0.0.3083 | Size = 77824 bytes | Created Date = 1/26/2007 6:40:43 PM | Attr = ]
cook.dll -> %CommonProgramFiles%\Real\Codecs\cook.dll -> RealNetworks, Inc. [Ver = 10.0.0.2389 | Size = 65536 bytes | Created Date = 1/26/2007 6:40:43 PM | Attr = ]
drv1.dll -> %CommonProgramFiles%\Real\Codecs\drv1.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 102400 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
drv2.dll -> %CommonProgramFiles%\Real\Codecs\drv2.dll -> RealNetworks, Inc. [Ver = 10.0.0.2373 | Size = 176128 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
drvc.dll -> %CommonProgramFiles%\Real\Codecs\drvc.dll -> RealNetworks, Inc. [Ver = 10.0.0.1740 | Size = 266240 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
hxltcolor.dll -> %CommonProgramFiles%\Real\Codecs\hxltcolor.dll -> RealNetworks, Inc. [Ver = 10.0.0.1110 | Size = 241664 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
raac.dll -> %CommonProgramFiles%\Real\Codecs\raac.dll -> RealNetworks, Inc. [Ver = 10.0.0.1066 | Size = 552960 bytes | Created Date = 1/26/2007 6:40:43 PM | Attr = ]
rv10.dll -> %CommonProgramFiles%\Real\Codecs\rv10.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 49152 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
rv20.dll -> %CommonProgramFiles%\Real\Codecs\rv20.dll -> RealNetworks, Inc. [Ver = 10.0.0.2373 | Size = 57344 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
rv30.dll -> %CommonProgramFiles%\Real\Codecs\rv30.dll -> RealNetworks, Inc. [Ver = 10.0.0.1740 | Size = 49152 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
rv40.dll -> %CommonProgramFiles%\Real\Codecs\rv40.dll -> RealNetworks, Inc. [Ver = 10.0.0.1740 | Size = 49152 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
sipr.dll -> %CommonProgramFiles%\Real\Codecs\sipr.dll -> RealNetworks, Inc. [Ver = 10.0.0.3080 | Size = 106496 bytes | Created Date = 1/26/2007 6:40:43 PM | Attr = ]
devices.ini -> %CommonProgramFiles%\Real\Common\devices.ini -> [Ver = | Size = 2534 bytes | Created Date = 1/26/2007 6:41:09 PM | Attr = ]
twebbrowse.dll -> %CommonProgramFiles%\Real\Common\twebbrowse.dll -> RealNetworks, Inc. [Ver = 1.0.2.1844 | Size = 81920 bytes | Created Date = 1/26/2007 6:40:39 PM | Attr = ]
BarControl.dll -> %CommonProgramFiles%\Real\GToolbar\BarControl.dll -> Google, Inc [Ver = 2.0.0.8 | Size = 110592 bytes | Created Date = 1/26/2007 6:40:52 PM | Attr = ]
gdsapi.dll -> %CommonProgramFiles%\Real\GToolbar\gdsapi.dll -> [Ver = | Size = 4096 bytes | Created Date = 1/26/2007 6:40:55 PM | Attr = ]
GDSSetup.exe -> %CommonProgramFiles%\Real\GToolbar\GDSSetup.exe -> [Ver = | Size = 746600 bytes | Created Date = 1/26/2007 6:40:55 PM | Attr = ]
GoogleToolbarInstaller.exe -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller.exe -> Google [Ver = 3, 0, 131, 0 | Size = 583696 bytes | Created Date = 1/26/2007 6:40:52 PM | Attr = ]
GoogleToolbarInstaller98.exe -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller98.exe -> Google [Ver = 3, 0, 131, 0 | Size = 733712 bytes | Created Date = 1/26/2007 6:40:55 PM | Attr = ]
aacff.dll -> %CommonProgramFiles%\Real\Plugins\aacff.dll -> RealNetworks, Inc. [Ver = 10.0.0.1029 | Size = 69632 bytes | Created Date = 1/26/2007 6:40:58 PM | Attr = ]
audplin.dll -> %CommonProgramFiles%\Real\Plugins\audplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1483 | Size = 86016 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
authmgr.dll -> %CommonProgramFiles%\Real\Plugins\authmgr.dll -> RealNetworks, Inc. [Ver = 10.0.0.1687 | Size = 53248 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
cdda3260.dll -> %CommonProgramFiles%\Real\Plugins\cdda3260.dll -> RealNetworks, Inc. [Ver = 6.0.3.2509 | Size = 36864 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
clbascauth.dll -> %CommonProgramFiles%\Real\Plugins\clbascauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1254 | Size = 40960 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
clntxres.dll -> %CommonProgramFiles%\Real\Plugins\clntxres.dll -> RealNetworks, Inc. [Ver = 10.0.0.4181 | Size = 53248 bytes | Created Date = 1/26/2007 6:40:31 PM | Attr = ]
cont3260.dll -> %CommonProgramFiles%\Real\Plugins\cont3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.2148 | Size = 65536 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
fpsechnd.dll -> %CommonProgramFiles%\Real\Plugins\fpsechnd.dll -> RealNetworks, Inc. [Ver = 6.0.9.32 | Size = 233472 bytes | Created Date = 1/26/2007 6:41:08 PM | Attr = ]
httpfsys.dll -> %CommonProgramFiles%\Real\Plugins\httpfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.3032 | Size = 176128 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
hxsdp.dll -> %CommonProgramFiles%\Real\Plugins\hxsdp.dll -> RealNetworks, Inc. [Ver = 10.0.0.513 | Size = 40960 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
hxxml.dll -> %CommonProgramFiles%\Real\Plugins\hxxml.dll -> [Ver = | Size = 86016 bytes | Created Date = 1/26/2007 6:40:51 PM | Attr = ]
imgrender.dll -> %CommonProgramFiles%\Real\Plugins\imgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1269 | Size = 532480 bytes | Created Date = 1/26/2007 6:40:46 PM | Attr = ]
memfsys.dll -> %CommonProgramFiles%\Real\Plugins\memfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.1219 | Size = 77824 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
mp3fformat.dll -> %CommonProgramFiles%\Real\Plugins\mp3fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.3223 | Size = 45056 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
mp3metaff.dll -> %CommonProgramFiles%\Real\Plugins\mp3metaff.dll -> RealNetworks, Inc. [Ver = 10.0.0.1219 | Size = 65536 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
mp3render.dll -> %CommonProgramFiles%\Real\Plugins\mp3render.dll -> RealNetworks, Inc. [Ver = 10.0.0.1252 | Size = 151552 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
mp4arender.dll -> %CommonProgramFiles%\Real\Plugins\mp4arender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1055 | Size = 126976 bytes | Created Date = 1/26/2007 6:40:58 PM | Attr = ]
mp4fformat.dll -> %CommonProgramFiles%\Real\Plugins\mp4fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2953 | Size = 73728 bytes | Created Date = 1/26/2007 6:40:58 PM | Attr = ]
mp4wrtr.dll -> %CommonProgramFiles%\Real\Plugins\mp4wrtr.dll -> [Ver = | Size = 98304 bytes | Created Date = 1/26/2007 6:41:04 PM | Attr = ]
mpgfformat.dll -> %CommonProgramFiles%\Real\Plugins\mpgfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1428 | Size = 69632 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
mpgrender.dll -> %CommonProgramFiles%\Real\Plugins\mpgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1231 | Size = 172032 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
ntlmauth.dll -> %CommonProgramFiles%\Real\Plugins\ntlmauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1232 | Size = 45056 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
pacplin.dll -> %CommonProgramFiles%\Real\Plugins\pacplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 360448 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
pdgenxferfsys.dll -> %CommonProgramFiles%\Real\Plugins\pdgenxferfsys.dll -> RealNetworks, Inc. [Ver = 6.0.12.1680 | Size = 73728 bytes | Created Date = 1/26/2007 6:41:09 PM | Attr = ]
plusplin.dll -> %CommonProgramFiles%\Real\Plugins\plusplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 57344 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
ramfformat.dll -> %CommonProgramFiles%\Real\Plugins\ramfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2477 | Size = 45056 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
ramrender.dll -> %CommonProgramFiles%\Real\Plugins\ramrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.2164 | Size = 57344 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
rarender.dll -> %CommonProgramFiles%\Real\Plugins\rarender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1260 | Size = 151552 bytes | Created Date = 1/26/2007 6:40:43 PM | Attr = ]
recf3260.dll -> %CommonProgramFiles%\Real\Plugins\recf3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.3113 | Size = 36864 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
rmfformat.dll -> %CommonProgramFiles%\Real\Plugins\rmfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1475 | Size = 176128 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
rmwrtr.dll -> %CommonProgramFiles%\Real\Plugins\rmwrtr.dll -> RealNetworks, Inc. [Ver = 6.0.2.1155 | Size = 282624 bytes | Created Date = 1/26/2007 6:41:04 PM | Attr = ]
rn5auth.dll -> %CommonProgramFiles%\Real\Plugins\rn5auth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1455 | Size = 45056 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
rtfformat.dll -> %CommonProgramFiles%\Real\Plugins\rtfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1457 | Size = 110592 bytes | Created Date = 1/26/2007 6:40:45 PM | Attr = ]
rtrender.dll -> %CommonProgramFiles%\Real\Plugins\rtrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1250 | Size = 122880 bytes | Created Date = 1/26/2007 6:40:46 PM | Attr = ]
rvrender.dll -> %CommonProgramFiles%\Real\Plugins\rvrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1644 | Size = 172032 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
sdpplin.dll -> %CommonProgramFiles%\Real\Plugins\sdpplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.373 | Size = 45056 bytes | Created Date = 1/26/2007 6:40:48 PM | Attr = ]
smlfformat.dll -> %CommonProgramFiles%\Real\Plugins\smlfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2112 | Size = 61440 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
smlrender.dll -> %CommonProgramFiles%\Real\Plugins\smlrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1728 | Size = 532480 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
smmrender.dll -> %CommonProgramFiles%\Real\Plugins\smmrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1250 | Size = 57344 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
smplfsys.dll -> %CommonProgramFiles%\Real\Plugins\smplfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.2020 | Size = 69632 bytes | Created Date = 1/26/2007 6:40:31 PM | Attr = ]
stubdrm.dll -> %CommonProgramFiles%\Real\Plugins\stubdrm.dll -> RealNetworks, Inc.

#4 Ruidiance

Ruidiance
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 03 February 2007 - 10:53 AM

stubdrm.dll -> %CommonProgramFiles%\Real\Plugins\stubdrm.dll -> RealNetworks, Inc. [Ver = 10.0.0.1655 | Size = 32768 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
swfformat.dll -> %CommonProgramFiles%\Real\Plugins\swfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1460 | Size = 94208 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
swfrender.dll -> %CommonProgramFiles%\Real\Plugins\swfrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 614400 bytes | Created Date = 1/26/2007 6:40:45 PM | Attr = ]
vidplin.dll -> %CommonProgramFiles%\Real\Plugins\vidplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1269 | Size = 167936 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
vidsite.dll -> %CommonProgramFiles%\Real\Plugins\vidsite.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 376832 bytes | Created Date = 1/26/2007 6:40:31 PM | Attr = ]
vsrcplin.dll -> %CommonProgramFiles%\Real\Plugins\vsrcplin.dll -> RealNetworks, Inc. [Ver = 10.1.0.1180 | Size = 135168 bytes | Created Date = 1/26/2007 6:40:31 PM | Attr = ]
vsrlocal.dll -> %CommonProgramFiles%\Real\Plugins\vsrlocal.dll -> RealNetworks, Inc. [Ver = 10.1.0.1180 | Size = 94208 bytes | Created Date = 1/26/2007 6:40:31 PM | Attr = ]
wm9fformat.dll -> %CommonProgramFiles%\Real\Plugins\wm9fformat.dll -> RealNetworks, Inc. [Ver = 1.0.0.1338 | Size = 176128 bytes | Created Date = 1/26/2007 6:40:59 PM | Attr = ]
wm9writer.dll -> %CommonProgramFiles%\Real\Plugins\wm9writer.dll -> RealNetworks, Inc. [Ver = 1.0.0.1322 | Size = 28672 bytes | Created Date = 1/26/2007 6:40:59 PM | Attr = ]
wmsechnd.dll -> %CommonProgramFiles%\Real\Plugins\wmsechnd.dll -> RealNetworks, Inc. [Ver = 1.0.0.657 | Size = 180224 bytes | Created Date = 1/26/2007 6:40:59 PM | Attr = ]
locd3210.dll -> %CommonProgramFiles%\Real\RCAPlugins\locd3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2382 | Size = 102400 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
rpcontrols1.dll -> %CommonProgramFiles%\Real\RCAPlugins\rpcontrols1.dll -> RealNetworks, Inc. [Ver = 6.0.1.2485 | Size = 757760 bytes | Created Date = 1/26/2007 6:40:50 PM | Attr = ]
rpcontrols2.dll -> %CommonProgramFiles%\Real\RCAPlugins\rpcontrols2.dll -> RealNetworks [Ver = 6.0.1.2485 | Size = 692224 bytes | Created Date = 1/26/2007 6:40:50 PM | Attr = ]
sonr3210.dll -> %CommonProgramFiles%\Real\RCAPlugins\sonr3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2580 | Size = 196608 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
theweatherchannel_stubreal.exe -> %CommonProgramFiles%\Real\TWC\theweatherchannel_stubreal.exe -> The Weather Channel Interactive [Ver = 3, 0, 4, 0 | Size = 285808 bytes | Created Date = 1/26/2007 6:40:58 PM | Attr = ]
TWCControl.dll -> %CommonProgramFiles%\Real\TWC\TWCControl.dll -> RealNetworks, Inc. [Ver = 1.0.0.3 | Size = 90112 bytes | Created Date = 1/26/2007 6:40:57 PM | Attr = ]
nprfxins.dll -> %CommonProgramFiles%\Real\Update_OB\nprfxins.dll -> RichFX Inc. [Ver = 3.31.0659 | Size = 569397 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
pnmi3270.dll -> %CommonProgramFiles%\Real\Update_OB\pnmi3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.2157 | Size = 36864 bytes | Created Date = 1/26/2007 6:40:28 PM | Attr = ]
r1puninst.exe -> %CommonProgramFiles%\Real\Update_OB\r1puninst.exe -> RealNetworks, Inc. [Ver = 7.0.0.4246 | Size = 188416 bytes | Created Date = 1/26/2007 6:40:26 PM | Attr = ]
RealOneMessageCenter.exe -> %CommonProgramFiles%\Real\Update_OB\RealOneMessageCenter.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 69632 bytes | Created Date = 1/26/2007 6:40:27 PM | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Created Date = 1/26/2007 6:40:27 PM | Attr = ]
Annabelle.rpv -> %CommonProgramFiles%\Real\Visualizations\Annabelle.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 43008 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
CosmicBelt.rpv -> %CommonProgramFiles%\Real\Visualizations\CosmicBelt.rpv -> [Ver = | Size = 80384 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
Fire.rpv -> %CommonProgramFiles%\Real\Visualizations\Fire.rpv -> RealNetworks, Inc. [Ver = 1.0.0.1 | Size = 7168 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
FreqBands.rpv -> %CommonProgramFiles%\Real\Visualizations\FreqBands.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 7680 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
Nebula.rpv -> %CommonProgramFiles%\Real\Visualizations\Nebula.rpv -> [Ver = | Size = 69632 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
xmencmp3.dll -> %CommonProgramFiles%\xing shared\mpeg encode\xmencmp3.dll -> RealNetworks, Inc. [Ver = 1, 0, 0, 17 | Size = 352256 bytes | Created Date = 1/26/2007 6:41:02 PM | Attr = ]
coreres.xrs -> %CommonProgramFiles%\Real\Plugins\ExtResources\coreres.xrs -> RealNetworks, Inc. [Ver = 10.0.0.4432 | Size = 65536 bytes | Created Date = 1/26/2007 6:40:31 PM | Attr = ]
msgoff.htm -> %CommonProgramFiles%\Real\Update_OB\UI\msgoff.htm -> [Ver = | Size = 3215 bytes | Created Date = 1/26/2007 6:40:28 PM | Attr = ]
real_logo_93x44.gif -> %CommonProgramFiles%\Real\Update_OB\UI\Images\real_logo_93x44.gif -> [Ver = | Size = 741 bytes | Created Date = 1/26/2007 6:40:28 PM | Attr = ]
msgdata.js -> %CommonProgramFiles%\Real\Update_OB\UI\loc\msgdata.js -> [Ver = | Size = 1039 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
msgStyle.css -> %CommonProgramFiles%\Real\Update_OB\UI\loc\msgStyle.css -> [Ver = | Size = 991 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
ctor.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 69715 bytes | Created Date = 1/6/2007 8:12:33 AM | Attr = ]
DotNetInstaller.exe -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe -> InstallShield Software Corporation [Ver = 9.1.0.429 | Size = 5632 bytes | Created Date = 1/6/2007 8:12:33 AM | Attr = ]
iGdi.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 188548 bytes | Created Date = 1/6/2007 8:12:27 AM | Attr = ]
iKernel.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 729088 bytes | Created Date = 1/6/2007 8:12:33 AM | Attr = ]
iscript.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 266240 bytes | Created Date = 1/6/2007 8:12:33 AM | Attr = ]
iuser.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 192512 bytes | Created Date = 1/6/2007 8:12:33 AM | Attr = ]
setup.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 311428 bytes | Created Date = 1/6/2007 8:12:26 AM | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 2/3/2007 12:20:57 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 2/3/2007 12:20:57 PM | Attr = H ]
SIERRA.INI -> %SystemRoot%\SIERRA.INI -> [Ver = | Size = 459 bytes | Created Date = 1/21/2007 4:23:12 PM | Attr = ]
smdat32a.sys -> %SystemRoot%\smdat32a.sys -> [Ver = | Size = 0 bytes | Created Date = 1/15/2007 12:12:55 PM | Attr = ]
smdat32m.sys -> %SystemRoot%\smdat32m.sys -> [Ver = | Size = 10 bytes | Created Date = 1/15/2007 12:12:55 PM | Attr = ]
unvise32.exe -> %SystemRoot%\unvise32.exe -> MindVision Software [Ver = 3.1.1 | Size = 86016 bytes | Created Date = 1/21/2007 4:33:46 PM | Attr = ]
libmySQL.dll -> %System32%\libmySQL.dll -> [Ver = | Size = 217088 bytes | Created Date = 1/21/2007 4:32:19 PM | Attr = ]
netstat.com -> %System32%\netstat.com -> [Ver = | Size = 2 bytes | Created Date = 2/1/2007 9:50:35 PM | Attr = HS]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 88566 bytes | Created Date = 1/6/2007 8:12:59 AM | Attr = ]
nvdisp.nvu -> %System32%\nvdisp.nvu -> [Ver = | Size = 17056 bytes | Created Date = 1/6/2007 8:12:58 AM | Attr = ]
nvudisp.exe -> %System32%\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 55 | Size = 208896 bytes | Created Date = 1/6/2007 8:12:58 AM | Attr = ]
NVUNINST.EXE -> %System32%\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 55 | Size = 208896 bytes | Created Date = 1/6/2007 8:12:35 AM | Attr = ]
SierraNW.dll -> %System32%\SierraNW.dll -> Cendant Software [Ver = 4, 0, 2, 4 | Size = 1022976 bytes | Created Date = 1/21/2007 4:23:32 PM | Attr = ]
SNWValid.dll -> %System32%\SNWValid.dll -> Cendant Software [Ver = 4, 0, 2, 4 | Size = 231936 bytes | Created Date = 1/21/2007 4:23:32 PM | Attr = ]
svchosts.exe -> %System32%\svchosts.exe -> [Ver = | Size = 36864 bytes | Created Date = 2/3/2007 3:37:08 PM | Attr = ]
taskkill.com -> %System32%\taskkill.com -> [Ver = | Size = 2 bytes | Created Date = 2/1/2007 9:50:35 PM | Attr = HS]
TrackerNET.dll -> %System32%\TrackerNET.dll -> [Ver = | Size = 102400 bytes | Created Date = 1/21/2007 4:32:19 PM | Attr = ]
unsvchosts.exe -> %System32%\unsvchosts.exe -> [Ver = | Size = 2560 bytes | Created Date = 2/3/2007 3:37:08 PM | Attr = ]
dump_wmimmc.sys -> %System32%\drivers\dump_wmimmc.sys -> [Ver = | Size = 134878 bytes | Created Date = 1/17/2007 6:53:42 PM | Attr = ]

[Files - Modified Within 30 days]
sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:00:16 PM | Attr = H ]
sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:00:44 PM | Attr = H ]
sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:00:52 PM | Attr = H ]
sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:01:26 PM | Attr = H ]
sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:01:34 PM | Attr = H ]
sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:01:36 PM | Attr = H ]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:01:50 PM | Attr = H ]
sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:01:52 PM | Attr = H ]
sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:03:42 PM | Attr = H ]
sqmdata09.sqm -> %SystemDrive%\sqmdata09.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/24/2007 2:34:18 PM | Attr = H ]
sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/25/2007 1:31:40 AM | Attr = H ]
sqmdata11.sqm -> %SystemDrive%\sqmdata11.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/25/2007 10:01:16 AM | Attr = H ]
sqmdata12.sqm -> %SystemDrive%\sqmdata12.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/25/2007 1:26:26 PM | Attr = H ]
sqmdata13.sqm -> %SystemDrive%\sqmdata13.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/25/2007 9:32:26 PM | Attr = H ]
sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/26/2007 2:55:34 AM | Attr = H ]
sqmdata15.sqm -> %SystemDrive%\sqmdata15.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/27/2007 1:04:28 AM | Attr = H ]
sqmdata16.sqm -> %SystemDrive%\sqmdata16.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/27/2007 9:06:38 AM | Attr = H ]
sqmdata17.sqm -> %SystemDrive%\sqmdata17.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/27/2007 10:12:42 PM | Attr = H ]
sqmdata18.sqm -> %SystemDrive%\sqmdata18.sqm -> [Ver = | Size = 268 bytes | Modified Date = 1/28/2007 8:33:02 AM | Attr = H ]
sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:00:10 PM | Attr = H ]
sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:00:16 PM | Attr = H ]
sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:00:44 PM | Attr = H ]
sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:00:52 PM | Attr = H ]
sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:01:26 PM | Attr = H ]
sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:01:34 PM | Attr = H ]
sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:01:36 PM | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:01:50 PM | Attr = H ]
sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:01:52 PM | Attr = H ]
sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:03:42 PM | Attr = H ]
sqmnoopt09.sqm -> %SystemDrive%\sqmnoopt09.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/24/2007 2:34:18 PM | Attr = H ]
sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/25/2007 1:31:40 AM | Attr = H ]
sqmnoopt11.sqm -> %SystemDrive%\sqmnoopt11.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/25/2007 10:01:16 AM | Attr = H ]
sqmnoopt12.sqm -> %SystemDrive%\sqmnoopt12.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/25/2007 1:26:26 PM | Attr = H ]
sqmnoopt13.sqm -> %SystemDrive%\sqmnoopt13.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/25/2007 9:32:26 PM | Attr = H ]
sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/26/2007 2:55:34 AM | Attr = H ]
sqmnoopt15.sqm -> %SystemDrive%\sqmnoopt15.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/27/2007 1:04:28 AM | Attr = H ]
sqmnoopt16.sqm -> %SystemDrive%\sqmnoopt16.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/27/2007 9:06:38 AM | Attr = H ]
sqmnoopt17.sqm -> %SystemDrive%\sqmnoopt17.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/27/2007 10:12:42 PM | Attr = H ]
sqmnoopt18.sqm -> %SystemDrive%\sqmnoopt18.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/28/2007 8:33:02 AM | Attr = H ]
sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:00:10 PM | Attr = H ]
Thumbs.db -> %SystemDrive%\Thumbs.db -> [Ver = | Size = 25088 bytes | Modified Date = 1/11/2007 9:59:20 AM | Attr = HS]
system.dll -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\system.dll -> [Ver = | Size = 6144 bytes | Modified Date = 2/3/2007 10:13:40 PM | Attr = ]
AdobeFnt.lst -> %CommonProgramFiles%\Adobe\TypeSpt\AdobeFnt.lst -> [Ver = | Size = 94974 bytes | Modified Date = 1/10/2007 9:27:16 AM | Attr = ]
atrc.dll -> %CommonProgramFiles%\Real\Codecs\atrc.dll -> RealNetworks, Inc. [Ver = 10.0.0.3083 | Size = 77824 bytes | Modified Date = 1/26/2007 6:40:44 PM | Attr = ]
cook.dll -> %CommonProgramFiles%\Real\Codecs\cook.dll -> RealNetworks, Inc. [Ver = 10.0.0.2389 | Size = 65536 bytes | Modified Date = 1/26/2007 6:40:44 PM | Attr = ]
drv1.dll -> %CommonProgramFiles%\Real\Codecs\drv1.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 102400 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
drv2.dll -> %CommonProgramFiles%\Real\Codecs\drv2.dll -> RealNetworks, Inc. [Ver = 10.0.0.2373 | Size = 176128 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
drvc.dll -> %CommonProgramFiles%\Real\Codecs\drvc.dll -> RealNetworks, Inc. [Ver = 10.0.0.1740 | Size = 266240 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
hxltcolor.dll -> %CommonProgramFiles%\Real\Codecs\hxltcolor.dll -> RealNetworks, Inc. [Ver = 10.0.0.1110 | Size = 241664 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
raac.dll -> %CommonProgramFiles%\Real\Codecs\raac.dll -> RealNetworks, Inc. [Ver = 10.0.0.1066 | Size = 552960 bytes | Modified Date = 1/26/2007 6:40:44 PM | Attr = ]
rv10.dll -> %CommonProgramFiles%\Real\Codecs\rv10.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 49152 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
rv20.dll -> %CommonProgramFiles%\Real\Codecs\rv20.dll -> RealNetworks, Inc. [Ver = 10.0.0.2373 | Size = 57344 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
rv30.dll -> %CommonProgramFiles%\Real\Codecs\rv30.dll -> RealNetworks, Inc. [Ver = 10.0.0.1740 | Size = 49152 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
rv40.dll -> %CommonProgramFiles%\Real\Codecs\rv40.dll -> RealNetworks, Inc. [Ver = 10.0.0.1740 | Size = 49152 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
sipr.dll -> %CommonProgramFiles%\Real\Codecs\sipr.dll -> RealNetworks, Inc. [Ver = 10.0.0.3080 | Size = 106496 bytes | Modified Date = 1/26/2007 6:40:44 PM | Attr = ]
devices.ini -> %CommonProgramFiles%\Real\Common\devices.ini -> [Ver = | Size = 2534 bytes | Modified Date = 1/26/2007 6:41:12 PM | Attr = ]
objb3201.dll -> %CommonProgramFiles%\Real\Common\objb3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6726 | Size = 172032 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
pnen3260.dll -> %CommonProgramFiles%\Real\Common\pnen3260.dll -> RealNetworks, Inc. [Ver = 10.0.0.1283 | Size = 1310720 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
pngu3267.dll -> %CommonProgramFiles%\Real\Common\pngu3267.dll -> RealNetworks, Inc. [Ver = 6.7.0.2962 | Size = 421888 bytes | Modified Date = 1/26/2007 6:40:34 PM | Attr = ]
pnrs3260.dll -> %CommonProgramFiles%\Real\Common\pnrs3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.4317 | Size = 28672 bytes | Modified Date = 1/26/2007 6:40:34 PM | Attr = ]
rjbviz.dll -> %CommonProgramFiles%\Real\Common\rjbviz.dll -> RealNetworks, Inc. [Ver = 1.0.2.4142 | Size = 147456 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
rppr3260.dll -> %CommonProgramFiles%\Real\Common\rppr3260.dll -> RealNetworks, Inc. [Ver = 6.0.10.2490 | Size = 28672 bytes | Modified Date = 1/26/2007 6:40:36 PM | Attr = ]
rpun3260.dll -> %CommonProgramFiles%\Real\Common\rpun3260.dll -> RealNetworks, Inc. [Ver = 6.0.10.2489 | Size = 36864 bytes | Modified Date = 1/26/2007 6:41:12 PM | Attr = ]
security.dll -> %CommonProgramFiles%\Real\Common\security.dll -> RealNetworks, Inc. [Ver = 1.0.3.2518 | Size = 45056 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
twebbrowse.dll -> %CommonProgramFiles%\Real\Common\twebbrowse.dll -> RealNetworks, Inc. [Ver = 1.0.2.1844 | Size = 81920 bytes | Modified Date = 1/26/2007 6:40:40 PM | Attr = ]
BarControl.dll -> %CommonProgramFiles%\Real\GToolbar\BarControl.dll -> Google, Inc [Ver = 2.0.0.8 | Size = 110592 bytes | Modified Date = 1/26/2007 6:40:54 PM | Attr = ]
gdsapi.dll -> %CommonProgramFiles%\Real\GToolbar\gdsapi.dll -> [Ver = | Size = 4096 bytes | Modified Date = 1/26/2007 6:40:56 PM | Attr = ]
GDSSetup.exe -> %CommonProgramFiles%\Real\GToolbar\GDSSetup.exe -> [Ver = | Size = 746600 bytes | Modified Date = 1/26/2007 6:40:58 PM | Attr = ]
GoogleToolbarInstaller.exe -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller.exe -> Google [Ver = 3, 0, 131, 0 | Size = 583696 bytes | Modified Date = 1/26/2007 6:40:54 PM | Attr = ]
GoogleToolbarInstaller98.exe -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller98.exe -> Google [Ver = 3, 0, 131, 0 | Size = 733712 bytes | Modified Date = 1/26/2007 6:40:56 PM | Attr = ]
aacff.dll -> %CommonProgramFiles%\Real\Plugins\aacff.dll -> RealNetworks, Inc. [Ver = 10.0.0.1029 | Size = 69632 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
audplin.dll -> %CommonProgramFiles%\Real\Plugins\audplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1483 | Size = 86016 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
authmgr.dll -> %CommonProgramFiles%\Real\Plugins\authmgr.dll -> RealNetworks, Inc. [Ver = 10.0.0.1687 | Size = 53248 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
cdda3260.dll -> %CommonProgramFiles%\Real\Plugins\cdda3260.dll -> RealNetworks, Inc. [Ver = 6.0.3.2509 | Size = 36864 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
clbascauth.dll -> %CommonProgramFiles%\Real\Plugins\clbascauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1254 | Size = 40960 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
clntxres.dll -> %CommonProgramFiles%\Real\Plugins\clntxres.dll -> RealNetworks, Inc. [Ver = 10.0.0.4181 | Size = 53248 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
cont3260.dll -> %CommonProgramFiles%\Real\Plugins\cont3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.2148 | Size = 65536 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
fpsechnd.dll -> %CommonProgramFiles%\Real\Plugins\fpsechnd.dll -> RealNetworks, Inc. [Ver = 6.0.9.32 | Size = 233472 bytes | Modified Date = 1/26/2007 6:41:10 PM | Attr = ]
httpfsys.dll -> %CommonProgramFiles%\Real\Plugins\httpfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.3032 | Size = 176128 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
hxsdp.dll -> %CommonProgramFiles%\Real\Plugins\hxsdp.dll -> RealNetworks, Inc. [Ver = 10.0.0.513 | Size = 40960 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
hxxml.dll -> %CommonProgramFiles%\Real\Plugins\hxxml.dll -> [Ver = | Size = 86016 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
imgrender.dll -> %CommonProgramFiles%\Real\Plugins\imgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1269 | Size = 532480 bytes | Modified Date = 1/26/2007 6:40:48 PM | Attr = ]
memfsys.dll -> %CommonProgramFiles%\Real\Plugins\memfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.1219 | Size = 77824 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
mp3fformat.dll -> %CommonProgramFiles%\Real\Plugins\mp3fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.3223 | Size = 45056 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
mp3metaff.dll -> %CommonProgramFiles%\Real\Plugins\mp3metaff.dll -> RealNetworks, Inc. [Ver = 10.0.0.1219 | Size = 65536 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
mp3render.dll -> %CommonProgramFiles%\Real\Plugins\mp3render.dll -> RealNetworks, Inc. [Ver = 10.0.0.1252 | Size = 151552 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
mp4arender.dll -> %CommonProgramFiles%\Real\Plugins\mp4arender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1055 | Size = 126976 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
mp4fformat.dll -> %CommonProgramFiles%\Real\Plugins\mp4fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2953 | Size = 73728 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
mp4wrtr.dll -> %CommonProgramFiles%\Real\Plugins\mp4wrtr.dll -> [Ver = | Size = 98304 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
mpgfformat.dll -> %CommonProgramFiles%\Real\Plugins\mpgfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1428 | Size = 69632 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
mpgrender.dll -> %CommonProgramFiles%\Real\Plugins\mpgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1231 | Size = 172032 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
ntlmauth.dll -> %CommonProgramFiles%\Real\Plugins\ntlmauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1232 | Size = 45056 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
pacplin.dll -> %CommonProgramFiles%\Real\Plugins\pacplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 360448 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
pdgenxferfsys.dll -> %CommonProgramFiles%\Real\Plugins\pdgenxferfsys.dll -> RealNetworks, Inc. [Ver = 6.0.12.1680 | Size = 73728 bytes | Modified Date = 1/26/2007 6:41:10 PM | Attr = ]
plusplin.dll -> %CommonProgramFiles%\Real\Plugins\plusplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 57344 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
pxcb3210.dll -> %CommonProgramFiles%\Real\Plugins\pxcb3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.4244 | Size = 40960 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
ramfformat.dll -> %CommonProgramFiles%\Real\Plugins\ramfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2477 | Size = 45056 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
ramrender.dll -> %CommonProgramFiles%\Real\Plugins\ramrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.2164 | Size = 57344 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
rarender.dll -> %CommonProgramFiles%\Real\Plugins\rarender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1260 | Size = 151552 bytes | Modified Date = 1/26/2007 6:40:44 PM | Attr = ]
recf3260.dll -> %CommonProgramFiles%\Real\Plugins\recf3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.3113 | Size = 36864 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
rmfformat.dll -> %CommonProgramFiles%\Real\Plugins\rmfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1475 | Size = 176128 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
rmwrtr.dll -> %CommonProgramFiles%\Real\Plugins\rmwrtr.dll -> RealNetworks, Inc. [Ver = 6.0.2.1155 | Size = 282624 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
rmxfpln.dll -> %CommonProgramFiles%\Real\Plugins\rmxfpln.dll -> RealNetworks, Inc. [Ver = 1.0.3.2527 | Size = 65536 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
rmxrend.dll -> %CommonProgramFiles%\Real\Plugins\rmxrend.dll -> RealNetworks, Inc. [Ver = 1.0.3.2580 | Size = 106496 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
rn5auth.dll -> %CommonProgramFiles%\Real\Plugins\rn5auth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1455 | Size = 45056 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
rtfformat.dll -> %CommonProgramFiles%\Real\Plugins\rtfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1457 | Size = 110592 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
rtrender.dll -> %CommonProgramFiles%\Real\Plugins\rtrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1250 | Size = 122880 bytes | Modified Date = 1/26/2007 6:40:48 PM | Attr = ]
rvrender.dll -> %CommonProgramFiles%\Real\Plugins\rvrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1644 | Size = 172032 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
sdpplin.dll -> %CommonProgramFiles%\Real\Plugins\sdpplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.373 | Size = 45056 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
security.dll -> %CommonProgramFiles%\Real\Plugins\security.dll -> RealNetworks, Inc. [Ver = 1.0.3.2518 | Size = 45056 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
smlfformat.dll -> %CommonProgramFiles%\Real\Plugins\smlfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2112 | Size = 61440 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
smlrender.dll -> %CommonProgramFiles%\Real\Plugins\smlrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1728 | Size = 532480 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
smmrender.dll -> %CommonProgramFiles%\Real\Plugins\smmrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1250 | Size = 57344 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
smplfsys.dll -> %CommonProgramFiles%\Real\Plugins\smplfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.2020 | Size = 69632 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
stubdrm.dll -> %CommonProgramFiles%\Real\Plugins\stubdrm.dll -> RealNetworks, Inc. [Ver = 10.0.0.1655 | Size = 32768 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
swfformat.dll -> %CommonProgramFiles%\Real\Plugins\swfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1460 | Size = 94208 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
swfrender.dll -> %CommonProgramFiles%\Real\Plugins\swfrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 614400 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
tfilesys.dll -> %CommonProgramFiles%\Real\Plugins\tfilesys.dll -> RealNetworks, Inc. [Ver = 1.0.3.2488 | Size = 57344 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
vidplin.dll -> %CommonProgramFiles%\Real\Plugins\vidplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1269 | Size = 167936 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
vidsite.dll -> %CommonProgramFiles%\Real\Plugins\vidsite.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 376832 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
vsrcplin.dll -> %CommonProgramFiles%\Real\Plugins\vsrcplin.dll -> RealNetworks, Inc. [Ver = 10.1.0.1180 | Size = 135168 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
vsrlocal.dll -> %CommonProgramFiles%\Real\Plugins\vsrlocal.dll -> RealNetworks, Inc. [Ver = 10.1.0.1180 | Size = 94208 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
wm9fformat.dll -> %CommonProgramFiles%\Real\Plugins\wm9fformat.dll -> RealNetworks, Inc. [Ver = 1.0.0.1338 | Size = 176128 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
wm9writer.dll -> %CommonProgramFiles%\Real\Plugins\wm9writer.dll -> RealNetworks, Inc. [Ver = 1.0.0.1322 | Size = 28672 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
wmsechnd.dll -> %CommonProgramFiles%\Real\Plugins\wmsechnd.dll -> RealNetworks, Inc. [Ver = 1.0.0.657 | Size = 180224 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
zipf3260.dll -> %CommonProgramFiles%\Real\Plugins\zipf3260.dll -> RealNetworks, Inc. [Ver = 6.0.8.2799 | Size = 172032 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
gct23201.dll -> %CommonProgramFiles%\Real\RCAPlugins\gct23201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6575 | Size = 155648 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
gema3201.dll -> %CommonProgramFiles%\Real\RCAPlugins\gema3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.4066 | Size = 90112 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
gemx3201.dll -> %CommonProgramFiles%\Real\RCAPlugins\gemx3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6120 | Size = 450560 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
locd3210.dll -> %CommonProgramFiles%\Real\RCAPlugins\locd3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2382 | Size = 102400 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
rpcontrols1.dll -> %CommonProgramFiles%\Real\RCAPlugins\rpcontrols1.dll -> RealNetworks, Inc. [Ver = 6.0.1.2485 | Size = 757760 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
rpcontrols2.dll -> %CommonProgramFiles%\Real\RCAPlugins\rpcontrols2.dll -> RealNetworks [Ver = 6.0.1.2485 | Size = 692224 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
sonr3210.dll -> %CommonProgramFiles%\Real\RCAPlugins\sonr3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2580 | Size = 196608 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
uisy3201.dll -> %CommonProgramFiles%\Real\RCAPlugins\uisy3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.4083 | Size = 446464 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
xmlc3201.dll -> %CommonProgramFiles%\Real\RCAPlugins\xmlc3201.dll -> RealNetworks, Inc. [Ver = 0.1.1.2490 | Size = 53248 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
theweatherchannel_stubreal.exe -> %CommonProgramFiles%\Real\TWC\theweatherchannel_stubreal.exe -> The Weather Channel Interactive [Ver = 3, 0, 4, 0 | Size = 285808 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
TWCControl.dll -> %CommonProgramFiles%\Real\TWC\TWCControl.dll -> RealNetworks, Inc. [Ver = 1.0.0.3 | Size = 90112 bytes | Modified Date = 1/26/2007 6:40:58 PM | Attr = ]
faus3270.dll -> %CommonProgramFiles%\Real\Update_OB\faus3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3457 | Size = 389120 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
nprfxins.dll -> %CommonProgramFiles%\Real\Update_OB\nprfxins.dll -> RichFX Inc. [Ver = 3.31.0659 | Size = 569397 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
pnmi3270.dll -> %CommonProgramFiles%\Real\Update_OB\pnmi3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.2157 | Size = 36864 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
r1puninst.exe -> %CommonProgramFiles%\Real\Update_OB\r1puninst.exe -> RealNetworks, Inc. [Ver = 7.0.0.4246 | Size = 188416 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
RealOneMessageCenter.exe -> %CommonProgramFiles%\Real\Update_OB\RealOneMessageCenter.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 69632 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
rnad3201.dll -> %CommonProgramFiles%\Real\Update_OB\rnad3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 98304 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
rnms3270.dll -> %CommonProgramFiles%\Real\Update_OB\rnms3270.dll -> RealNetworks, Inc. [Ver = 7.0.1.3584 | Size = 335872 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
rnqu3270.dll -> %CommonProgramFiles%\Real\Update_OB\rnqu3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.4153 | Size = 311296 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
rnup3270.dll -> %CommonProgramFiles%\Real\Update_OB\rnup3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3334 | Size = 172032 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
rnxproc.exe -> %CommonProgramFiles%\Real\Update_OB\rnxproc.exe -> RealNetworks, Inc. [Ver = 7.0.0.3105 | Size = 58912 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
setu3270.dll -> %CommonProgramFiles%\Real\Update_OB\setu3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.4619 | Size = 307200 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
upgr3270.dll -> %CommonProgramFiles%\Real\Update_OB\upgr3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3985 | Size = 344064 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
upgrdhlp.exe -> %CommonProgramFiles%\Real\Update_OB\upgrdhlp.exe -> RealNetworks, Inc. [Ver = 7.0.0.3800 | Size = 126976 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
Annabelle.rpv -> %CommonProgramFiles%\Real\Visualizations\Annabelle.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 43008 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
CosmicBelt.rpv -> %CommonProgramFiles%\Real\Visualizations\CosmicBelt.rpv -> [Ver = | Size = 80384 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
Fire.rpv -> %CommonProgramFiles%\Real\Visualizations\Fire.rpv -> RealNetworks, Inc. [Ver = 1.0.0.1 | Size = 7168 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
FreqBands.rpv -> %CommonProgramFiles%\Real\Visualizations\FreqBands.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 7680 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
Nebula.rpv -> %CommonProgramFiles%\Real\Visualizations\Nebula.rpv -> [Ver = | Size = 69632 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
xmencmp3.dll -> %CommonProgramFiles%\xing shared\mpeg encode\xmencmp3.dll -> RealNetworks, Inc. [Ver = 1, 0, 0, 17 | Size = 352256 bytes | Modified Date = 1/26/2007 6:41:04 PM | Attr = ]
coreres.xrs -> %CommonProgramFiles%\Real\Plugins\ExtResources\coreres.xrs -> RealNetworks, Inc. [Ver = 10.0.0.4432 | Size = 65536 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
ath.vs -> %CommonProgramFiles%\Real\Update_OB\UI\ath.vs -> [Ver = | Size = 32395 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
default.png -> %CommonProgramFiles%\Real\Update_OB\UI\default.png -> [Ver = | Size = 7484 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
default.smi -> %CommonProgramFiles%\Real\Update_OB\UI\default.smi -> [Ver = | Size = 436 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
mirak.vs -> %CommonProgramFiles%\Real\Update_OB\UI\mirak.vs -> [Ver = | Size = 9101 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
msgoff.htm -> %CommonProgramFiles%\Real\Update_OB\UI\msgoff.htm -> [Ver = | Size = 3215 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
msgui.vs -> %CommonProgramFiles%\Real\Update_OB\UI\msgui.vs -> [Ver = | Size = 55012 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
rnupgui.vs -> %CommonProgramFiles%\Real\Update_OB\UI\rnupgui.vs -> [Ver = | Size = 43572 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
real_logo_93x44.gif -> %CommonProgramFiles%\Real\Update_OB\UI\Images\real_logo_93x44.gif -> [Ver = | Size = 741 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
msgdata.js -> %CommonProgramFiles%\Real\Update_OB\UI\loc\msgdata.js -> [Ver = | Size = 1039 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
msgStyle.css -> %CommonProgramFiles%\Real\Update_OB\UI\loc\msgStyle.css -> [Ver = | Size = 991 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
setup.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\0701\Intel32\setup.dll -> InstallShield Software Corporation [Ver = 7, 01, 100, 1280 | Size = 282756 bytes | Modified Date = 1/15/2007 12:19:26 PM | Attr = ]
iGdi.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 188548 bytes | Modified Date = 1/6/2007 8:12:28 AM | Attr = ]
setup.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 311428 bytes | Modified Date = 1/6/2007 8:12:28 AM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 2/3/2007 10:07:50 PM | Attr = S]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 2/3/2007 12:20:58 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 2/3/2007 12:20:58 PM | Attr = H ]
SIERRA.INI -> %SystemRoot%\SIERRA.INI -> [Ver = | Size = 459 bytes | Modified Date = 1/21/2007 4:27:30 PM | Attr = ]
smdat32a.sys -> %SystemRoot%\smdat32a.sys -> [Ver = | Size = 0 bytes | Modified Date = 1/15/2007 12:41:58 PM | Attr = ]
smdat32m.sys -> %SystemRoot%\smdat32m.sys -> [Ver = | Size = 10 bytes | Modified Date = 1/16/2007 1:06:14 AM | Attr = ]
netstat.com -> %System32%\netstat.com -> [Ver = | Size = 2 bytes | Modified Date = 2/1/2007 9:50:36 PM | Attr = HS]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 88566 bytes | Modified Date = 2/3/2007 10:08:10 PM | Attr = ]
pndx5016.dll -> %System32%\pndx5016.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 6656 bytes | Modified Date = 1/26/2007 6:40:36 PM | Attr = ]
pndx5032.dll -> %System32%\pndx5032.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 5632 bytes | Modified Date = 1/26/2007 6:40:36 PM | Attr = ]
rmoc3260.dll -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
svchosts.exe -> %System32%\svchosts.exe -> [Ver = | Size = 36864 bytes | Modified Date = 2/3/2007 10:13:40 PM | Attr = ]
taskkill.com -> %System32%\taskkill.com -> [Ver = | Size = 2 bytes | Modified Date = 2/1/2007 9:50:36 PM | Attr = HS]
unsvchosts.exe -> %System32%\unsvchosts.exe -> [Ver = | Size = 2560 bytes | Modified Date = 2/3/2007 10:13:40 PM | Attr = ]
dump_wmimmc.sys -> %System32%\drivers\dump_wmimmc.sys -> [Ver = | Size = 134878 bytes | Modified Date = 2/3/2007 7:51:04 PM | Attr = ]

[File String Scan - Non-Microsoft Only]
Thawte Consulting , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\core3.zip -> [Ver = | Size = 3290841 bytes | Modified Date = 10/12/2006 3:41:56 AM | Attr = ]
USERTRUST , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_09.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4490872 bytes | Modified Date = 10/12/2006 3:41:58 AM | Attr = ]
USERTRUST , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_10.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4650616 bytes | Modified Date = 11/9/2006 3:38:38 PM | Attr = ]
PEC2 , PECompact2 , -> %CommonProgramFiles%\Real\GToolbar\GDSSetup.exe -> [Ver = | Size = 746600 bytes | Modified Date = 1/26/2007 6:40:58 PM | Attr = ]
PEC2 , PECompact2 , -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller.exe -> Google [Ver = 3, 0, 131, 0 | Size = 583696 bytes | Modified Date = 1/26/2007 6:40:54 PM | Attr = ]
Thawte Consulting , -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
Thawte Consulting , -> %CommonProgramFiles%\Real\Update_OB\rnxproc.exe -> RealNetworks, Inc. [Ver = 7.0.0.3105 | Size = 58912 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
PEC2 , WSUD , -> %CommonProgramFiles%\SpeechEngines\Microsoft\SR61\1033\AF031033.AM -> [Ver = | Size = 7048576 bytes | Modified Date = 11/22/2002 1:27:36 AM | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
Thawte Consulting , -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
UPX! , FSG! , PEC2 , aspack , -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.429 | Size = 816672 bytes | Modified Date = 11/26/2006 10:24:14 PM | Attr = ]
Thawte Consulting , -> %System32%\drivers\hamachi.sys -> Applied Networking Inc. [Ver = 5.9.9.8 | Size = 15440 bytes | Modified Date = 11/30/2006 1:30:48 PM | Attr = ]

< End of report >

#5 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:04:03 AM

Posted 03 February 2007 - 05:51 PM

Hi Ruidiance. Quite an infection we have here. It is probably due to the fact that this machine is woefully out of date. Once we remove the infection we will need to update the operating system to Service Pack 2.

Ok, let's get started. First, please print these directions so they will be available to you (we will be rebooting into Safe Mode during the fix).

Next, Please follow the steps below in order:

Step #1

Download ATF Cleaner
  • Double-click ATF-Cleaner.exe to run the program.
  • Click Select All found at the bottom of the list.
  • Click the Empty Selected button.
If you use Firefox browser, do this also:
  • Click Firefox at the top and choose Select All from the list.
  • Click the Empty Selected button.
  • NOTE : If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser, do this also:
  • Click Opera at the top and choose Select All from the list.
  • Click the Empty Selected button.
  • NOTE : If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Step #2

Download AVG anti-spyware from HERE and save that file to your desktop.
  • Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need to run AVG Anti-Spyware and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen, under "How to act" select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.

Step #3

Now start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Kill Explorer]
[Processes - Non-Microsoft Only]
YY -> winlogon.exe -> %System32%\xsqivvjmv\winlogon.exe
[Win32 Services - Non-Microsoft Only]
YY -> (Client IP-IPX) Client IP-IPX [Win32_Own | Auto | Stopped] -> %System32%\svchosts.exe
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> DrvListnr -> %ProgramFiles%\Analog Devices\SoundMAX\DrvListnr.exe
YN -> winlogon ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> BitTorrent -> %ProgramFiles%\BitTorrent\bittorrent.exe
YN -> winlogon ->
< Windows NT\\Load [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\load
YY -> C:\WINDOWS\System32\xsqivvjmv\winlogon.exe -> %System32%\xsqivvjmv\winlogon.exe
< Windows NT\\Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\run
YY -> C:\WINDOWS\System32\xsqivvjmv\winlogon.exe -> %System32%\xsqivvjmv\winlogon.exe
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 1
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoAdminPage -> 1
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
YN -> 1.1.1.1 f-secure.com ->
YN -> 1.1.1.1 www.f-secure.com ->
YN -> 1.1.1.1 ftp.f-secure.com ->
YN -> 1.1.1.1 ftp.sophos.com ->
YN -> 1.1.1.1 liveupdate.symantec.com ->
YN -> 1.1.1.1 customer.symantec.com ->
YN -> 1.1.1.1 dispatch.mcafee.com ->
YN -> 1.1.1.1 download.mcafee.com ->
YN -> 1.1.1.1 rads.mcafee.com ->
YN -> 1.1.1.1 mast.mcafee.com ->
YN -> 1.1.1.1 my-etrust.com ->
YN -> 1.1.1.1 www.my-etrust.com ->
YN -> 1.1.1.1 nai.com ->
YN -> 1.1.1.1 www.nai.com ->
YN -> 1.1.1.1 networkassociates.com ->
YN -> 1.1.1.1 service1.symantec.com ->
YN -> 1.1.1.1 sophos.com ->
YN -> 1.1.1.1 www.sophos.com ->
YN -> 1.1.1.1 support.microsoft.com ->
YN -> 1.1.1.1 symantec.com ->
YN -> 1.1.1.1 www.symantec.com ->
YN -> 1.1.1.1 update.symantec.com ->
YN -> 1.1.1.1 updates.symantec.com ->
YN -> 1.1.1.1 us.mcafee.com ->
YN -> 1.1.1.1 vil.nai.com ->
YN -> 1.1.1.1 viruslist.com ->
YN -> 1.1.1.1 www.viruslist.com ->
YN -> 1.1.1.1 grisoft.com ->
YN -> 1.1.1.1 www.grisoft.com ->
YN -> 1.1.1.1 free.grisoft.com ->
YN -> 1.1.1.1 trendmicro.com ->
YN -> 1.1.1.1 housecall.trendmicro.com ->
YN -> 1.1.1.1 www.trendmicro.com ->
YN -> 1.1.1.1 pandasoftware.com ->
YN -> 1.1.1.1 www.pandasoftware.com ->
YN -> 1.1.1.1 usa.kaspersky.com ->
YN -> 1.1.1.1 ewido.net ->
YN -> 1.1.1.1 www.ewido.net ->
YN -> 1.1.1.1 zonelabs.com ->
YN -> 1.1.1.1 www.zonelabs.com ->
YN -> 1.1.1.1 bitdefender.com ->
YN -> 1.1.1.1 www.bitdefender.com ->
YN -> 1.1.1.1 download.bitdefender.com ->
YN -> 1.1.1.1 upgrade.bitdefender.com ->
YN -> 1.1.1.1 spywareinfo.com ->
YN -> 1.1.1.1 www.spywareinfo.com ->
YN -> 1.1.1.1 merijn.org ->
YN -> 1.1.1.1 www.merijn.org ->
YN -> 1.1.1.1 sysinternals.com ->
YN -> 1.1.1.1 www.sysinternals.com ->
YN -> 1.1.1.1 onguardonline.gov ->
YN -> 1.1.1.1 www.onguardonline.gov ->
YN -> 1.1.1.1 avast.com ->
YN -> 1.1.1.1 www.avast.com ->
YN -> 1.1.1.1 safety.live.com ->
YN -> 1.1.1.1 www.paretologic.com ->
YN -> 1.1.1.1 paretologic.com ->
YN -> 1.1.1.1 virusscan.jotti.org ->
YN -> 1.1.1.1 services.google.com ->
< Internet Explorer Settings > ->
YN -> HKCU: Start Page -> http://www.virushelpzone.com/
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
YN -> &Search -> http:\kl.bar.need2find.com\KL\menusearch.htm
YN -> E&xport to Microsoft Excel ->
YN -> Open in new background tab ->
YN -> Open in new foreground tab ->
[Files - Created Within 30 days]
NY -> system.dll -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\system.dll
NY -> smdat32a.sys -> %SystemRoot%\smdat32a.sys
NY -> smdat32m.sys -> %SystemRoot%\smdat32m.sys
NY -> netstat.com -> %System32%\netstat.com
NY -> svchosts.exe -> %System32%\svchosts.exe
NY -> taskkill.com -> %System32%\taskkill.com
NY -> unsvchosts.exe -> %System32%\unsvchosts.exe
[Files - Modified Within 30 days]
NY -> system.dll -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\system.dll
NY -> smdat32a.sys -> %SystemRoot%\smdat32a.sys
NY -> smdat32m.sys -> %SystemRoot%\smdat32m.sys
NY -> netstat.com -> %System32%\netstat.com
NY -> svchosts.exe -> %System32%\svchosts.exe
NY -> taskkill.com -> %System32%\taskkill.com
NY -> unsvchosts.exe -> %System32%\unsvchosts.exe
NY -> dump_wmimmc.sys -> %System32%\drivers\dump_wmimmc.sys
[ Extra Files ]
c:\program files\Common Files%\{883A0E0B-07CF-1033-0920-021102000001}\
[Reboot]


The fix should only take a very short time You will be asked to reboot when it is complete so choose Yes and reboot into Safe Mode as shown below.

Reboot into Safe Mode by doing the following:
  • As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.
  • Use the arrow keys to select the Safe Mode menu item.
  • Press the Enter key.
Step #4

Launch AVG Anti-Spyware by double-clicking the icon on your desktop.

IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
    • IMake sure that Set all elements to: shows Quarantine, if not click on the link and choose Quarantine from the popup menu.
    • At the bottom of the window click on the "Apply all actions" button
    Note: Don't save the report before you hit the Apply action button.
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.
Step #5

Post the following back here:
  • a new WinPFind3U report
  • the AVG Anti-Spyware report
  • the latest .log file from the WinPFind3u folder (it will be a .log file and have a date_time name in the format mmddyyyy_hhmmss.log)
I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#6 Ruidiance

Ruidiance
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 03 February 2007 - 08:09 PM

I've done as you said, but I'm stuck at the part where I'm supposed to run the fix. An error message appears, telling me "Cannot create file C:\WINDOWS\System32\drivers\etc\hosts." Anyway, thanks for the effort, OT.

#7 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:04:03 AM

Posted 03 February 2007 - 09:17 PM

Hi Ruidiance. Your hosts file might be locked. Try this:

Download HostsXpert.zip and unzip it to your desktop.

Start HostsXpert and click on the Restore Microsoft's Hosts File button. Now, close HostsXpert and follow all of the steps above.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#8 Ruidiance

Ruidiance
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 04 February 2007 - 12:06 AM

AVG Report:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:21:37 PM 2/4/2007

+ Scan result:



D:\System Volume Information\_restore{12B5D0B3-41F4-458F-8857-33B47EB2F8D1}\RP81\A0027525.dll -> Adware.Comet : Cleaned with backup (quarantined).
:mozilla.367:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.414:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.506:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.508:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.694:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.698:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.699:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.700:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.727:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.737:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.739:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.361:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
D:\Documents and Settings\Sebastian Fook\Cookies\sebastian fook@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
D:\Documents and Settings\Sebastian Fook\Cookies\sebastian fook@ad.adnet[2].txt -> TrackingCookie.Adnet : Cleaned.
:mozilla.128:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.129:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.220:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.582:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.597:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.644:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.673:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.690:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.570:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.534:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.588:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.80:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
D:\Documents and Settings\Sebastian Fook\Cookies\sebastian fook@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
D:\Documents and Settings\Sebastian Fook\Cookies\sebastian fook@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.620:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.621:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.622:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.623:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.632:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.666:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
D:\Documents and Settings\Sebastian Fook\Cookies\sebastian fook@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
D:\Documents and Settings\Sebastian Fook\Cookies\sebastian fook@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
D:\Documents and Settings\Sebastian Fook\Cookies\sebastian fook@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.503:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.619:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Com : Cleaned.
D:\Documents and Settings\Sebastian Fook\Cookies\sebastian fook@com[1].txt -> TrackingCookie.Com : Cleaned.
:mozilla.586:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.579:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.681:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.682:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.683:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.684:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.685:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.686:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.687:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.447:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.448:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.451:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.740:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.320:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.324:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.532:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.535:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.536:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.663:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.692:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.491:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.492:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.174:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.722:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.723:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.729:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.731:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.479:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
D:\Documents and Settings\Sebastian Fook\Cookies\sebastian fook@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.383:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.235:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.263:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.446:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.397:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned.
:mozilla.715:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.716:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.717:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.719:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.329:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.330:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.331:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.215:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.218:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.227:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.228:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.229:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.291:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.574:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.575:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.266:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.268:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.269:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.272:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.581:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.531:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.537:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.538:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.539:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.540:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.541:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.543:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.544:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.545:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.548:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.549:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.550:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.554:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.555:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.563:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.564:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.565:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.567:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.573:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.580:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.205:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.223:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.226:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.238:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.292:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.295:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.296:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.297:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.298:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.302:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.310:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.184:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.547:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.190:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.355:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.356:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.66:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
D:\Documents and Settings\Sebastian Fook\Cookies\sebastian fook@h.starware[2].txt -> TrackingCookie.Starware : Cleaned.
D:\Documents and Settings\Sebastian Fook\Cookies\sebastian fook@try.starware[1].txt -> TrackingCookie.Starware : Cleaned.
:mozilla.260:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.267:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.270:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.271:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.275:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.276:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.279:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.280:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.281:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.282:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.164:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.165:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.166:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
D:\Documents and Settings\Sebastian Fook\Cookies\sebastian fook@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.317:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.303:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.304:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.305:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.306:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.307:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.311:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.183:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.193:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.695:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.696:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.721:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.726:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.733:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
D:\Documents and Settings\Sebastian Fook\Cookies\sebastian fook@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.50:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.51:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.52:D:\Documents and Settings\Sebastian Fook\Application Data\Mozilla\Firefox\Profiles\i9771nfr.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.


::Report end

#9 Ruidiance

Ruidiance
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 04 February 2007 - 12:12 AM

Latest .log file:

Explorer killed successfully
[Processes - Non-Microsoft Only]
Unable to kill process winlogon.exe .
File C:\WINDOWS\SYSTEM32\xsqivvjmv\winlogon.exe not found!
[Win32 Services - Non-Microsoft Only]
Unable to stop service Client IP-IPX .
Unable to delete service Client IP-IPX .
File C:\WINDOWS\SYSTEM32\svchosts.exe not found!
[Registry - Non-Microsoft Only]
Registry value deletion failed for HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DrvListnr .
Registry value deletion failed for HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\winlogon .
Registry value deletion failed for HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\BitTorrent .
Registry value deletion failed for HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\winlogon .
Registry value deletion failed for HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\C:\WINDOWS\System32\xsqivvjmv\winlogon.exe .
File C:\WINDOWS\SYSTEM32\xsqivvjmv\winlogon.exe not found!
Registry value deletion failed for HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\C:\WINDOWS\System32\xsqivvjmv\winlogon.exe .
File C:\WINDOWS\SYSTEM32\xsqivvjmv\winlogon.exe not found!
Registry value deletion failed for HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools .
Registry value deletion failed for HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoAdminPage .
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Open in new background tab deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Open in new foreground tab deleted successfully.
[Files - Created Within 30 days]
C:\Program Files\Common Files\{883A0E0B-07CF-1033-0920-021102000001}\system.dll moved successfully.
C:\WINDOWS\smdat32a.sys moved successfully.
C:\WINDOWS\smdat32m.sys moved successfully.
C:\WINDOWS\SYSTEM32\netstat.com moved successfully.
File C:\WINDOWS\SYSTEM32\svchosts.exe not found!
C:\WINDOWS\SYSTEM32\taskkill.com moved successfully.
C:\WINDOWS\SYSTEM32\unsvchosts.exe moved successfully.
[Files - Modified Within 30 days]
File C:\Program Files\Common Files\{883A0E0B-07CF-1033-0920-021102000001}\system.dll not found!
File C:\WINDOWS\smdat32a.sys not found!
File C:\WINDOWS\smdat32m.sys not found!
File C:\WINDOWS\SYSTEM32\netstat.com not found!
File C:\WINDOWS\SYSTEM32\svchosts.exe not found!
File C:\WINDOWS\SYSTEM32\taskkill.com not found!
File C:\WINDOWS\SYSTEM32\unsvchosts.exe not found!
C:\WINDOWS\SYSTEM32\drivers\dump_wmimmc.sys moved successfully.
[ Extra Files ]
Unable to move folder c:\program files\Common Files%\{883A0E0B-07CF-1033-0920-021102000001}\ .
< End of log >
Created on 02/04/2007 11:40:01

#10 Ruidiance

Ruidiance
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 04 February 2007 - 12:16 AM

New WinPFind3U report:

WinPFind3 logfile created on: 2/4/2007 1:03:27 PM
WinPFind3U by OldTimer - Version 1.0.11 Folder = C:\Documents and Settings\User1\My Documents\My Downloads\WinPFind3u\
Microsoft Windows XP (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2600.0000)

523056 Kb Total Physical Memory | 323124 Kb Available Physical Memory | 61.78% Memory free
1279908 Kb Paging File | 1028608 Kb Available in Paging File | 80.37% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80413325 Kb Total Space | 65589735 Kb Free Space | 81.57% Space Free
Drive D: | 21808204 Kb Total Space | 14964012 Kb Free Space | 68.62% Space Free
Drive E: | 308122 Kb Total Space | 0 Kb Free Space | 0.00% Space Free
F: Drive not present or media not loaded


[Processes - Non-Microsoft Only]
avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 8:20:00 PM | Attr = ]
em_exec.exe -> %ProgramFiles%\Logitech\MouseWare\system\EM_EXEC.EXE -> Logitech Inc. [Ver = 9.75.302 | Size = 37888 bytes | Modified Date = 11/21/2002 9:50:00 AM | Attr = ]
googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 908, 5008 | Size = 163576 bytes | Modified Date = 11/28/2006 1:48:46 AM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 10:13:20 PM | Attr = ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
itouch.exe -> %ProgramFiles%\Logitech\iTouch\iTouch.exe -> Logitech Inc. [Ver = 2.15.264 | Size = 631362 bytes | Modified Date = 11/23/2002 2:15:00 AM | Attr = ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 11/9/2006 3:07:30 PM | Attr = ]
logitechdesktopmessenger.exe -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> Logitech [Ver = 2.30.04 | Size = 36864 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
smtray.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMTray.exe -> Analog Devices, Inc. [Ver = 3, 0, 205, 0 | Size = 81920 bytes | Modified Date = 1/30/2002 6:01:54 PM | Attr = ]
tppaldr.exe -> %SystemRoot%\TPPALDR.EXE -> [File Corrupted - Detail Data unreadable]
update.exe -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\Update.exe -> [Ver = | Size = 13312 bytes | Modified Date = 2/4/2007 12:29:16 PM | Attr = ]
winlogon.exe -> %System32%\ubtrruclhn\winlogon.exe -> [Ver = | Size = 74752 bytes | Modified Date = 2/1/2007 9:50:04 PM | Attr = RHS]
winpfind3u.exe -> %UserDocuments%\My Downloads\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.11.0 | Size = 306176 bytes | Modified Date = 1/18/2007 6:01:14 PM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 10:13:20 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.0.503.0 | Size = 204800 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 10/30/2006 9:36:32 AM | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
(Client IP-IPX) Client IP-IPX [Win32_Own | Auto | Stopped] -> %System32%\svchosts.exe -> [Ver = | Size = 36864 bytes | Modified Date = 2/4/2007 12:29:16 PM | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 8:20:00 PM | Attr = ]
IpWins -> %ProgramFiles%\Ipwindows\ipwins.exe -> File not found
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
KernelFaultCheck -> -> File not found
Logitech Utility -> %SystemRoot%\LOGI_MWX.EXE -> Logitech Inc. [Ver = 9.75.294 | Size = 19968 bytes | Modified Date = 11/8/2002 5:50:00 PM | Attr = ]
NeroCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 7/9/2001 5:50:42 PM | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 86016 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
nwiz -> %System32%\nwiz.exe -> [Ver = | Size = 1622016 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 6:58:18 PM | Attr = ]
Smapp -> %ProgramFiles%\Analog Devices\SoundMAX\SMTray.exe -> Analog Devices, Inc. [Ver = 3, 0, 205, 0 | Size = 81920 bytes | Modified Date = 1/30/2002 6:01:54 PM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 11/9/2006 3:07:30 PM | Attr = ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
TPP Auto Loader -> %SystemRoot%\TPPALDR.EXE -> [File Corrupted - Detail Data unreadable]
winlogon -> -> File not found
zBrowser Launcher -> %ProgramFiles%\Logitech\iTouch\iTouch.exe -> Logitech Inc. [Ver = 2.15.264 | Size = 631362 bytes | Modified Date = 11/23/2002 2:15:00 AM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
LDM -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> Logitech [Ver = 2.30.04 | Size = 36864 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 908, 5008 | Size = 163576 bytes | Modified Date = 11/28/2006 1:48:46 AM | Attr = ]
winlogon -> -> File not found
< Windows NT\\Load [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\load
C:\WINDOWS\System32\ubtrruclhn\winlogon.exe -> %System32%\ubtrruclhn\winlogon.exe -> [Ver = | Size = 74752 bytes | Modified Date = 2/1/2007 9:50:04 PM | Attr = RHS]
< Windows NT\\Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\run
C:\WINDOWS\System32\ubtrruclhn\winlogon.exe -> %System32%\ubtrruclhn\winlogon.exe -> [Ver = | Size = 74752 bytes | Modified Date = 2/1/2007 9:50:04 PM | Attr = RHS]
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup
%AllUsersStartup%\Logitech Desktop Messenger.lnk -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe -> Logitech [Ver = 2.30.04 | Size = 196608 bytes | Modified Date = 12/3/2006 8:10:34 PM | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 9/28/2006 10:13:28 PM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoAdminPage -> 1 ->
-> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = My Current Home Page ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
1.1.1.1 liveupdate. -> ->
-> ->
-> ->
1.1.1.1 f-secure.com -> ->
1.1.1.1 www.f-secure.com -> ->
1.1.1.1 ftp.f-secure.com -> ->
1.1.1.1 ftp.sophos.com -> ->
1.1.1.1 liveupdate.symantec.com -> ->
1.1.1.1 customer.symantec.com -> ->
1.1.1.1 dispatch.mcafee.com -> ->
1.1.1.1 download.mcafee.com -> ->
1.1.1.1 rads.mcafee.com -> ->
1.1.1.1 mast.mcafee.com -> ->
1.1.1.1 my-etrust.com -> ->
1.1.1.1 www.my-etrust.com -> ->
1.1.1.1 nai.com -> ->
1.1.1.1 www.nai.com -> ->
1.1.1.1 networkassociates.com -> ->
1.1.1.1 secure.nai.com -> ->
1.1.1.1 securityresponse.symantec.com -> ->
1.1.1.1 service1.symantec.com -> ->
1.1.1.1 sophos.com -> ->
1.1.1.1 www.sophos.com -> ->
1.1.1.1 support.microsoft.com -> ->
1.1.1.1 symantec.com -> ->
1.1.1.1 www.symantec.com -> ->
1.1.1.1 update.symantec.com -> ->
1.1.1.1 updates.symantec.com -> ->
1.1.1.1 us.mcafee.com -> ->
1.1.1.1 vil.nai.com -> ->
1.1.1.1 viruslist.com -> ->
1.1.1.1 www.viruslist.com -> ->
1.1.1.1 grisoft.com -> ->
1.1.1.1 www.grisoft.com -> ->
1.1.1.1 free.grisoft.com -> ->
1.1.1.1 trendmicro.com -> ->
1.1.1.1 housecall.trendmicro.com -> ->
1.1.1.1 www.trendmicro.com -> ->
1.1.1.1 pandasoftware.com -> ->
1.1.1.1 www.pandasoftware.com -> ->
1.1.1.1 usa.kaspersky.com -> ->
1.1.1.1 ewido.net -> ->
-> ->
1.1.1.1 zonelabs.com -> ->
1.1.1.1 www.zonelabs.com -> ->
1.1.1.1 bitdefender.com -> ->
1.1.1.1 www.bitdefender.com -> ->
1.1.1.1 download.bitdefender.com -> ->
1.1.1.1 upgrade.bitdefender.com -> ->
1.1.1.1 spywareinfo.com -> ->
1.1.1.1 www.spywareinfo.com -> ->
1.1.1.1 merijn.org -> ->
1.1.1.1 www.merijn.org -> ->
1.1.1.1 sysinternals.com -> ->
1.1.1.1 www.sysinternals.com -> ->
1.1.1.1 onguardonline.gov -> ->
1.1.1.1 www.onguardonline.gov -> ->
1.1.1.1 avast.com -> ->
1.1.1.1 www.avast.com -> ->
1.1.1.1 safety.live.com -> ->
1.1.1.1 www.paretologic.com -> ->
1.1.1.1 paretologic.com -> ->
1.1.1.1 virusscan.jotti.org -> ->
1.1.1.1 services.google.com -> ->
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->
HKLM: Main\\Default_Search_URL -> http://www.google.com/ie ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL -> http://www.google.com/ie ->
HKLM: SearchAssistant -> http://www.google.com/ie ->
HKCU: Local Page -> C:\WINDOWS\System32\blank.htm ->
HKCU: Search Bar -> http://www.google.com/ie ->
HKCU: Search Page -> http://www.google.com ->
HKCU: Start Page -> http://www.messengersite.net/forum/portal.htm ->
HKCU: SearchAssistant -> http://www.google.com/ie ->
HKCU: ProxyEnable -> 0 ->
HKCU: ProxyOverride -> localhost ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat Reader 5\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 3/2/2001 12:02:04 PM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 11/9/2006 3:21:52 PM | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 3054 | Size = 2120768 bytes | Modified Date = 10/17/2006 3:04:08 PM | Attr = R ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 3054 | Size = 2120768 bytes | Modified Date = 10/17/2006 3:04:08 PM | Attr = R ]
{8E718888-423F-11D2-876E-00A0C9082467} [HKLM] -> %System32%\msdxm.ocx [&Radio] -> [Ver = | Size = 843804 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 3054 | Size = 2120768 bytes | Modified Date = 10/17/2006 3:04:08 PM | Attr = R ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 3054 | Size = 2120768 bytes | Modified Date = 10/17/2006 3:04:08 PM | Attr = R ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8194 - Sun Java Console ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8193 - Reg Data - Value does not exist ->
NextId -> 8195 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\npjpi150_10.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 75528 bytes | Modified Date = 11/9/2006 3:21:54 PM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 11/9/2006 3:21:52 PM | Attr = ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
&Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll\search.htm -> File not found
< Internet Explorer Plugins [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\
.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Data - Value does not exist] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 | Size = 225280 bytes | Modified Date = 1/30/2001 1:56:24 PM | Attr = ]
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Taskbar and Start Menu] -> File not found
{1CDB2949-8F65-4355-8456-263E7C208A5D} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer] -> [Ver = | Size = 466944 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer Menu] -> [Ver = | Size = 466944 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [nView Desktop Context Menu] -> [Ver = | Size = 466944 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Display Panning CPL Extension] -> File not found
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Shell extensions for file compression] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [User Accounts] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Encryption Context Menu] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [HyperTerminal Icon Ext] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
{A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCpl DesktopContext Class] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] -> [Ver = | Size = 126464 bytes | Modified Date = 9/14/2006 12:20:24 AM | Attr = ]
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} [HKLM] -> %ProgramFiles%\iTunes\iTunesMiniPlayer.dll [iTunes] -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 132672 bytes | Modified Date = 10/30/2006 9:36:36 AM | Attr = ]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealOne Player\rpshell.dll [Shell Extensions for RealOne Player] -> RealNetworks, Inc. [Ver = 1.0.1.2488 | Size = 54848 bytes | Modified Date = 1/26/2007 6:40:40 PM | Attr = ]
{FFB699E0-306A-11d3-8BD1-00104B6F7516} [HKLM] -> %System32%\nvcpl.dll [Play on my TV helper] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 10/6/2006 7:40:48 PM | Attr = ]
{C8CA0A66-AF32-4D5E-879E-F0809ACEDC55} [HKLM] -> %ProgramFiles%\MP3 Player Utilities 3.68\AMVTools\AmvTransform.dll [VIDEOTRANS] -> [Ver = 1, 0, 0, 1 | Size = 32768 bytes | Modified Date = 7/22/2005 8:21:46 AM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 9/14/2006 12:20:24 AM | Attr = ]
< ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 10/6/2006 7:40:48 PM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 9/14/2006 12:20:24 AM | Attr = ]
< ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [00nView] -> [Ver = | Size = 466944 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCplDesktopContext] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 9/14/2006 12:20:24 AM | Attr = ]
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{1781B5BF-A82B-478A-A8AD-AB1C14AC9CC6} -> () ->
{2B6D1054-0510-47FB-AD4E-410745630A9F} -> (Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4)) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
bw+0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw+0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw-0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw00 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw00s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw-0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw10 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw10s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw20 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw20s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw30 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw30s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw40 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw40s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw50 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw50s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw60 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw60s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw70 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw70s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw80 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw80s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw90 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bw90s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwa0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwa0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwb0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwb0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwc0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwc0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwd0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwd0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwe0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwe0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwf0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwf0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwfile-8876480 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwg0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwg0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwh0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwh0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwi0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwi0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwj0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwj0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwk0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwk0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwl0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwl0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwm0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwm0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwn0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwn0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwo0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwo0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwp0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwp0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwq0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwq0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwr0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwr0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bws0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bws0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwt0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwt0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwu0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwu0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwv0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwv0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bww0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bww0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwx0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwx0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwy0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwy0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwz0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
bwz0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
offline-8876480 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 12/3/2006 9:01:28 PM | Attr = ]
vnd.ms.radio -> %System32%\msdxm.ocx -> [Ver = | Size = 843804 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
< Protocol Filters [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\
text/html -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{0000000A-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/8/B...42/wmsp9dmo.cab ->
{00000055-9980-0010-8000-00AA00389B71} -> - CodeBase = http://codecs.microsoft.com/codecs/i386/fhg.CAB ->
{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} -> Office Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=67633 ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.macromedia.com/pub/shock...director/sw.cab ->
{3334504D-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/0/C...C4D/mp43dmo.CAB ->
{33564D57-0000-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB ->
{33564D57-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/D/0...D0C/wmv9dmo.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload.macromedia.com/get/flash...ent/swflash.cab ->


[Files - Created Within 30 days]
Thumbs.db -> %SystemDrive%\Thumbs.db -> [Ver = | Size = 25088 bytes | Created Date = 1/7/2007 11:30:36 AM | Attr = HS]
system.dll -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\system.dll -> [Ver = | Size = 6144 bytes | Created Date = 2/4/2007 12:29:15 PM | Attr = ]
Update.exe -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\Update.exe -> [Ver = | Size = 13312 bytes | Created Date = 2/4/2007 12:29:15 PM | Attr = ]
atrc.dll -> %CommonProgramFiles%\Real\Codecs\atrc.dll -> RealNetworks, Inc. [Ver = 10.0.0.3083 | Size = 77824 bytes | Created Date = 1/26/2007 6:40:43 PM | Attr = ]
cook.dll -> %CommonProgramFiles%\Real\Codecs\cook.dll -> RealNetworks, Inc. [Ver = 10.0.0.2389 | Size = 65536 bytes | Created Date = 1/26/2007 6:40:43 PM | Attr = ]
drv1.dll -> %CommonProgramFiles%\Real\Codecs\drv1.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 102400 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
drv2.dll -> %CommonProgramFiles%\Real\Codecs\drv2.dll -> RealNetworks, Inc. [Ver = 10.0.0.2373 | Size = 176128 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
drvc.dll -> %CommonProgramFiles%\Real\Codecs\drvc.dll -> RealNetworks, Inc. [Ver = 10.0.0.1740 | Size = 266240 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
hxltcolor.dll -> %CommonProgramFiles%\Real\Codecs\hxltcolor.dll -> RealNetworks, Inc. [Ver = 10.0.0.1110 | Size = 241664 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
raac.dll -> %CommonProgramFiles%\Real\Codecs\raac.dll -> RealNetworks, Inc. [Ver = 10.0.0.1066 | Size = 552960 bytes | Created Date = 1/26/2007 6:40:43 PM | Attr = ]
rv10.dll -> %CommonProgramFiles%\Real\Codecs\rv10.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 49152 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
rv20.dll -> %CommonProgramFiles%\Real\Codecs\rv20.dll -> RealNetworks, Inc. [Ver = 10.0.0.2373 | Size = 57344 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
rv30.dll -> %CommonProgramFiles%\Real\Codecs\rv30.dll -> RealNetworks, Inc. [Ver = 10.0.0.1740 | Size = 49152 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
rv40.dll -> %CommonProgramFiles%\Real\Codecs\rv40.dll -> RealNetworks, Inc. [Ver = 10.0.0.1740 | Size = 49152 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
sipr.dll -> %CommonProgramFiles%\Real\Codecs\sipr.dll -> RealNetworks, Inc. [Ver = 10.0.0.3080 | Size = 106496 bytes | Created Date = 1/26/2007 6:40:43 PM | Attr = ]
devices.ini -> %CommonProgramFiles%\Real\Common\devices.ini -> [Ver = | Size = 2534 bytes | Created Date = 1/26/2007 6:41:09 PM | Attr = ]
twebbrowse.dll -> %CommonProgramFiles%\Real\Common\twebbrowse.dll -> RealNetworks, Inc. [Ver = 1.0.2.1844 | Size = 81920 bytes | Created Date = 1/26/2007 6:40:39 PM | Attr = ]
BarControl.dll -> %CommonProgramFiles%\Real\GToolbar\BarControl.dll -> Google, Inc [Ver = 2.0.0.8 | Size = 110592 bytes | Created Date = 1/26/2007 6:40:52 PM | Attr = ]
gdsapi.dll -> %CommonProgramFiles%\Real\GToolbar\gdsapi.dll -> [Ver = | Size = 4096 bytes | Created Date = 1/26/2007 6:40:55 PM | Attr = ]
GDSSetup.exe -> %CommonProgramFiles%\Real\GToolbar\GDSSetup.exe -> [Ver = | Size = 746600 bytes | Created Date = 1/26/2007 6:40:55 PM | Attr = ]
GoogleToolbarInstaller.exe -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller.exe -> Google [Ver = 3, 0, 131, 0 | Size = 583696 bytes | Created Date = 1/26/2007 6:40:52 PM | Attr = ]
GoogleToolbarInstaller98.exe -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller98.exe -> Google [Ver = 3, 0, 131, 0 | Size = 733712 bytes | Created Date = 1/26/2007 6:40:55 PM | Attr = ]
aacff.dll -> %CommonProgramFiles%\Real\Plugins\aacff.dll -> RealNetworks, Inc. [Ver = 10.0.0.1029 | Size = 69632 bytes | Created Date = 1/26/2007 6:40:58 PM | Attr = ]
audplin.dll -> %CommonProgramFiles%\Real\Plugins\audplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1483 | Size = 86016 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
authmgr.dll -> %CommonProgramFiles%\Real\Plugins\authmgr.dll -> RealNetworks, Inc. [Ver = 10.0.0.1687 | Size = 53248 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
cdda3260.dll -> %CommonProgramFiles%\Real\Plugins\cdda3260.dll -> RealNetworks, Inc. [Ver = 6.0.3.2509 | Size = 36864 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
clbascauth.dll -> %CommonProgramFiles%\Real\Plugins\clbascauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1254 | Size = 40960 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
clntxres.dll -> %CommonProgramFiles%\Real\Plugins\clntxres.dll -> RealNetworks, Inc. [Ver = 10.0.0.4181 | Size = 53248 bytes | Created Date = 1/26/2007 6:40:31 PM | Attr = ]
cont3260.dll -> %CommonProgramFiles%\Real\Plugins\cont3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.2148 | Size = 65536 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
fpsechnd.dll -> %CommonProgramFiles%\Real\Plugins\fpsechnd.dll -> RealNetworks, Inc. [Ver = 6.0.9.32 | Size = 233472 bytes | Created Date = 1/26/2007 6:41:08 PM | Attr = ]
httpfsys.dll -> %CommonProgramFiles%\Real\Plugins\httpfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.3032 | Size = 176128 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
hxsdp.dll -> %CommonProgramFiles%\Real\Plugins\hxsdp.dll -> RealNetworks, Inc. [Ver = 10.0.0.513 | Size = 40960 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
hxxml.dll -> %CommonProgramFiles%\Real\Plugins\hxxml.dll -> [Ver = | Size = 86016 bytes | Created Date = 1/26/2007 6:40:51 PM | Attr = ]
imgrender.dll -> %CommonProgramFiles%\Real\Plugins\imgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1269 | Size = 532480 bytes | Created Date = 1/26/2007 6:40:46 PM | Attr = ]
memfsys.dll -> %CommonProgramFiles%\Real\Plugins\memfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.1219 | Size = 77824 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
mp3fformat.dll -> %CommonProgramFiles%\Real\Plugins\mp3fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.3223 | Size = 45056 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
mp3metaff.dll -> %CommonProgramFiles%\Real\Plugins\mp3metaff.dll -> RealNetworks, Inc. [Ver = 10.0.0.1219 | Size = 65536 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
mp3render.dll -> %CommonProgramFiles%\Real\Plugins\mp3render.dll -> RealNetworks, Inc. [Ver = 10.0.0.1252 | Size = 151552 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
mp4arender.dll -> %CommonProgramFiles%\Real\Plugins\mp4arender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1055 | Size = 126976 bytes | Created Date = 1/26/2007 6:40:58 PM | Attr = ]
mp4fformat.dll -> %CommonProgramFiles%\Real\Plugins\mp4fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2953 | Size = 73728 bytes | Created Date = 1/26/2007 6:40:58 PM | Attr = ]
mp4wrtr.dll -> %CommonProgramFiles%\Real\Plugins\mp4wrtr.dll -> [Ver = | Size = 98304 bytes | Created Date = 1/26/2007 6:41:04 PM | Attr = ]
mpgfformat.dll -> %CommonProgramFiles%\Real\Plugins\mpgfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1428 | Size = 69632 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
mpgrender.dll -> %CommonProgramFiles%\Real\Plugins\mpgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1231 | Size = 172032 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
ntlmauth.dll -> %CommonProgramFiles%\Real\Plugins\ntlmauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1232 | Size = 45056 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
pacplin.dll -> %CommonProgramFiles%\Real\Plugins\pacplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 360448 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
pdgenxferfsys.dll -> %CommonProgramFiles%\Real\Plugins\pdgenxferfsys.dll -> RealNetworks, Inc. [Ver = 6.0.12.1680 | Size = 73728 bytes | Created Date = 1/26/2007 6:41:09 PM | Attr = ]
plusplin.dll -> %CommonProgramFiles%\Real\Plugins\plusplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 57344 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
ramfformat.dll -> %CommonProgramFiles%\Real\Plugins\ramfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2477 | Size = 45056 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
ramrender.dll -> %CommonProgramFiles%\Real\Plugins\ramrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.2164 | Size = 57344 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
rarender.dll -> %CommonProgramFiles%\Real\Plugins\rarender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1260 | Size = 151552 bytes | Created Date = 1/26/2007 6:40:43 PM | Attr = ]
recf3260.dll -> %CommonProgramFiles%\Real\Plugins\recf3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.3113 | Size = 36864 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
rmfformat.dll -> %CommonProgramFiles%\Real\Plugins\rmfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1475 | Size = 176128 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
rmwrtr.dll -> %CommonProgramFiles%\Real\Plugins\rmwrtr.dll -> RealNetworks, Inc. [Ver = 6.0.2.1155 | Size = 282624 bytes | Created Date = 1/26/2007 6:41:04 PM | Attr = ]
rn5auth.dll -> %CommonProgramFiles%\Real\Plugins\rn5auth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1455 | Size = 45056 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
rtfformat.dll -> %CommonProgramFiles%\Real\Plugins\rtfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1457 | Size = 110592 bytes | Created Date = 1/26/2007 6:40:45 PM | Attr = ]
rtrender.dll -> %CommonProgramFiles%\Real\Plugins\rtrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1250 | Size = 122880 bytes | Created Date = 1/26/2007 6:40:46 PM | Attr = ]
rvrender.dll -> %CommonProgramFiles%\Real\Plugins\rvrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1644 | Size = 172032 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
sdpplin.dll -> %CommonProgramFiles%\Real\Plugins\sdpplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.373 | Size = 45056 bytes | Created Date = 1/26/2007 6:40:48 PM | Attr = ]
smlfformat.dll -> %CommonProgramFiles%\Real\Plugins\smlfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2112 | Size = 61440 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
smlrender.dll -> %CommonProgramFiles%\Real\Plugins\smlrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1728 | Size = 532480 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
smmrender.dll -> %CommonProgramFiles%\Real\Plugins\smmrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1250 | Size = 57344 bytes | Created Date = 1/26/2007 6:40:30 PM | Attr = ]
smplfsys.dll -> %CommonProgramFiles%\Real\Plugins\smplfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.2020 | Size = 69632 bytes | Created Date = 1/26/2007 6:40:31 PM | Attr = ]
stubdrm.dll -> %CommonProgramFiles%\Real\Plugins\stubdrm.dll -> RealNetworks, Inc. [Ver = 10.0.0.1655 | Size = 32768 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
swfformat.dll -> %CommonProgramFiles%\Real\Plugins\swfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1460 | Size = 94208 bytes | Created Date = 1/26/2007 6:40:44 PM | Attr = ]
swfrender.dll -> %CommonProgramFiles%\Real\Plugins\swfrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 614400 bytes | Created Date = 1/26/2007 6:40:45 PM | Attr = ]
vidplin.dll -> %CommonProgramFiles%\Real\

#11 Ruidiance

Ruidiance
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 04 February 2007 - 12:21 AM

vidplin.dll -> %CommonProgramFiles%\Real\Plugins\vidplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1269 | Size = 167936 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
vidsite.dll -> %CommonProgramFiles%\Real\Plugins\vidsite.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 376832 bytes | Created Date = 1/26/2007 6:40:31 PM | Attr = ]
vsrcplin.dll -> %CommonProgramFiles%\Real\Plugins\vsrcplin.dll -> RealNetworks, Inc. [Ver = 10.1.0.1180 | Size = 135168 bytes | Created Date = 1/26/2007 6:40:31 PM | Attr = ]
vsrlocal.dll -> %CommonProgramFiles%\Real\Plugins\vsrlocal.dll -> RealNetworks, Inc. [Ver = 10.1.0.1180 | Size = 94208 bytes | Created Date = 1/26/2007 6:40:31 PM | Attr = ]
wm9fformat.dll -> %CommonProgramFiles%\Real\Plugins\wm9fformat.dll -> RealNetworks, Inc. [Ver = 1.0.0.1338 | Size = 176128 bytes | Created Date = 1/26/2007 6:40:59 PM | Attr = ]
wm9writer.dll -> %CommonProgramFiles%\Real\Plugins\wm9writer.dll -> RealNetworks, Inc. [Ver = 1.0.0.1322 | Size = 28672 bytes | Created Date = 1/26/2007 6:40:59 PM | Attr = ]
wmsechnd.dll -> %CommonProgramFiles%\Real\Plugins\wmsechnd.dll -> RealNetworks, Inc. [Ver = 1.0.0.657 | Size = 180224 bytes | Created Date = 1/26/2007 6:40:59 PM | Attr = ]
locd3210.dll -> %CommonProgramFiles%\Real\RCAPlugins\locd3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2382 | Size = 102400 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
rpcontrols1.dll -> %CommonProgramFiles%\Real\RCAPlugins\rpcontrols1.dll -> RealNetworks, Inc. [Ver = 6.0.1.2485 | Size = 757760 bytes | Created Date = 1/26/2007 6:40:50 PM | Attr = ]
rpcontrols2.dll -> %CommonProgramFiles%\Real\RCAPlugins\rpcontrols2.dll -> RealNetworks [Ver = 6.0.1.2485 | Size = 692224 bytes | Created Date = 1/26/2007 6:40:50 PM | Attr = ]
sonr3210.dll -> %CommonProgramFiles%\Real\RCAPlugins\sonr3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2580 | Size = 196608 bytes | Created Date = 1/26/2007 6:41:00 PM | Attr = ]
theweatherchannel_stubreal.exe -> %CommonProgramFiles%\Real\TWC\theweatherchannel_stubreal.exe -> The Weather Channel Interactive [Ver = 3, 0, 4, 0 | Size = 285808 bytes | Created Date = 1/26/2007 6:40:58 PM | Attr = ]
TWCControl.dll -> %CommonProgramFiles%\Real\TWC\TWCControl.dll -> RealNetworks, Inc. [Ver = 1.0.0.3 | Size = 90112 bytes | Created Date = 1/26/2007 6:40:57 PM | Attr = ]
nprfxins.dll -> %CommonProgramFiles%\Real\Update_OB\nprfxins.dll -> RichFX Inc. [Ver = 3.31.0659 | Size = 569397 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
pnmi3270.dll -> %CommonProgramFiles%\Real\Update_OB\pnmi3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.2157 | Size = 36864 bytes | Created Date = 1/26/2007 6:40:28 PM | Attr = ]
r1puninst.exe -> %CommonProgramFiles%\Real\Update_OB\r1puninst.exe -> RealNetworks, Inc. [Ver = 7.0.0.4246 | Size = 188416 bytes | Created Date = 1/26/2007 6:40:26 PM | Attr = ]
RealOneMessageCenter.exe -> %CommonProgramFiles%\Real\Update_OB\RealOneMessageCenter.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 69632 bytes | Created Date = 1/26/2007 6:40:27 PM | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Created Date = 1/26/2007 6:40:27 PM | Attr = ]
Annabelle.rpv -> %CommonProgramFiles%\Real\Visualizations\Annabelle.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 43008 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
CosmicBelt.rpv -> %CommonProgramFiles%\Real\Visualizations\CosmicBelt.rpv -> [Ver = | Size = 80384 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
Fire.rpv -> %CommonProgramFiles%\Real\Visualizations\Fire.rpv -> RealNetworks, Inc. [Ver = 1.0.0.1 | Size = 7168 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
FreqBands.rpv -> %CommonProgramFiles%\Real\Visualizations\FreqBands.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 7680 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
Nebula.rpv -> %CommonProgramFiles%\Real\Visualizations\Nebula.rpv -> [Ver = | Size = 69632 bytes | Created Date = 1/26/2007 6:40:49 PM | Attr = ]
xmencmp3.dll -> %CommonProgramFiles%\xing shared\mpeg encode\xmencmp3.dll -> RealNetworks, Inc. [Ver = 1, 0, 0, 17 | Size = 352256 bytes | Created Date = 1/26/2007 6:41:02 PM | Attr = ]
coreres.xrs -> %CommonProgramFiles%\Real\Plugins\ExtResources\coreres.xrs -> RealNetworks, Inc. [Ver = 10.0.0.4432 | Size = 65536 bytes | Created Date = 1/26/2007 6:40:31 PM | Attr = ]
msgoff.htm -> %CommonProgramFiles%\Real\Update_OB\UI\msgoff.htm -> [Ver = | Size = 3215 bytes | Created Date = 1/26/2007 6:40:28 PM | Attr = ]
real_logo_93x44.gif -> %CommonProgramFiles%\Real\Update_OB\UI\Images\real_logo_93x44.gif -> [Ver = | Size = 741 bytes | Created Date = 1/26/2007 6:40:28 PM | Attr = ]
msgdata.js -> %CommonProgramFiles%\Real\Update_OB\UI\loc\msgdata.js -> [Ver = | Size = 1039 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
msgStyle.css -> %CommonProgramFiles%\Real\Update_OB\UI\loc\msgStyle.css -> [Ver = | Size = 991 bytes | Created Date = 1/26/2007 6:40:29 PM | Attr = ]
ctor.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 69715 bytes | Created Date = 1/6/2007 8:12:33 AM | Attr = ]
DotNetInstaller.exe -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe -> InstallShield Software Corporation [Ver = 9.1.0.429 | Size = 5632 bytes | Created Date = 1/6/2007 8:12:33 AM | Attr = ]
iGdi.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 188548 bytes | Created Date = 1/6/2007 8:12:27 AM | Attr = ]
iKernel.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 729088 bytes | Created Date = 1/6/2007 8:12:33 AM | Attr = ]
iscript.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 266240 bytes | Created Date = 1/6/2007 8:12:33 AM | Attr = ]
iuser.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 192512 bytes | Created Date = 1/6/2007 8:12:33 AM | Attr = ]
setup.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 311428 bytes | Created Date = 1/6/2007 8:12:26 AM | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 2/3/2007 12:20:57 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 2/3/2007 12:20:57 PM | Attr = H ]
SIERRA.INI -> %SystemRoot%\SIERRA.INI -> [Ver = | Size = 459 bytes | Created Date = 1/21/2007 4:23:12 PM | Attr = ]
unvise32.exe -> %SystemRoot%\unvise32.exe -> MindVision Software [Ver = 3.1.1 | Size = 86016 bytes | Created Date = 1/21/2007 4:33:46 PM | Attr = ]
libmySQL.dll -> %System32%\libmySQL.dll -> [Ver = | Size = 217088 bytes | Created Date = 1/21/2007 4:32:19 PM | Attr = ]
netstat.com -> %System32%\netstat.com -> [Ver = | Size = 2 bytes | Created Date = 2/4/2007 12:24:06 PM | Attr = HS]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 88566 bytes | Created Date = 1/6/2007 8:12:59 AM | Attr = ]
nvdisp.nvu -> %System32%\nvdisp.nvu -> [Ver = | Size = 17056 bytes | Created Date = 1/6/2007 8:12:58 AM | Attr = ]
nvudisp.exe -> %System32%\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 55 | Size = 208896 bytes | Created Date = 1/6/2007 8:12:58 AM | Attr = ]
NVUNINST.EXE -> %System32%\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 55 | Size = 208896 bytes | Created Date = 1/6/2007 8:12:35 AM | Attr = ]
SierraNW.dll -> %System32%\SierraNW.dll -> Cendant Software [Ver = 4, 0, 2, 4 | Size = 1022976 bytes | Created Date = 1/21/2007 4:23:32 PM | Attr = ]
SNWValid.dll -> %System32%\SNWValid.dll -> Cendant Software [Ver = 4, 0, 2, 4 | Size = 231936 bytes | Created Date = 1/21/2007 4:23:32 PM | Attr = ]
svchosts.exe -> %System32%\svchosts.exe -> [Ver = | Size = 36864 bytes | Created Date = 2/4/2007 12:29:15 PM | Attr = ]
taskkill.com -> %System32%\taskkill.com -> [Ver = | Size = 2 bytes | Created Date = 2/4/2007 12:24:06 PM | Attr = HS]
TrackerNET.dll -> %System32%\TrackerNET.dll -> [Ver = | Size = 102400 bytes | Created Date = 1/21/2007 4:32:19 PM | Attr = ]
unsvchosts.exe -> %System32%\unsvchosts.exe -> [Ver = | Size = 2560 bytes | Created Date = 2/4/2007 12:29:15 PM | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 2/4/2007 8:54:12 AM | Attr = ]

[Files - Modified Within 30 days]
sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:00:16 PM | Attr = H ]
sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:00:44 PM | Attr = H ]
sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:00:52 PM | Attr = H ]
sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:01:26 PM | Attr = H ]
sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:01:34 PM | Attr = H ]
sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:01:36 PM | Attr = H ]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:01:50 PM | Attr = H ]
sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:01:52 PM | Attr = H ]
sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:03:42 PM | Attr = H ]
sqmdata09.sqm -> %SystemDrive%\sqmdata09.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/24/2007 2:34:18 PM | Attr = H ]
sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/25/2007 1:31:40 AM | Attr = H ]
sqmdata11.sqm -> %SystemDrive%\sqmdata11.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/25/2007 10:01:16 AM | Attr = H ]
sqmdata12.sqm -> %SystemDrive%\sqmdata12.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/25/2007 1:26:26 PM | Attr = H ]
sqmdata13.sqm -> %SystemDrive%\sqmdata13.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/25/2007 9:32:26 PM | Attr = H ]
sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/26/2007 2:55:34 AM | Attr = H ]
sqmdata15.sqm -> %SystemDrive%\sqmdata15.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/27/2007 1:04:28 AM | Attr = H ]
sqmdata16.sqm -> %SystemDrive%\sqmdata16.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/27/2007 9:06:38 AM | Attr = H ]
sqmdata17.sqm -> %SystemDrive%\sqmdata17.sqm -> [Ver = | Size = 232 bytes | Modified Date = 1/27/2007 10:12:42 PM | Attr = H ]
sqmdata18.sqm -> %SystemDrive%\sqmdata18.sqm -> [Ver = | Size = 268 bytes | Modified Date = 1/28/2007 8:33:02 AM | Attr = H ]
sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm -> [Ver = | Size = 232 bytes | Modified Date = 2/3/2007 12:00:10 PM | Attr = H ]
sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:00:16 PM | Attr = H ]
sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:00:44 PM | Attr = H ]
sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:00:52 PM | Attr = H ]
sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:01:26 PM | Attr = H ]
sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:01:34 PM | Attr = H ]
sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:01:36 PM | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:01:50 PM | Attr = H ]
sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:01:52 PM | Attr = H ]
sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:03:42 PM | Attr = H ]
sqmnoopt09.sqm -> %SystemDrive%\sqmnoopt09.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/24/2007 2:34:18 PM | Attr = H ]
sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/25/2007 1:31:40 AM | Attr = H ]
sqmnoopt11.sqm -> %SystemDrive%\sqmnoopt11.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/25/2007 10:01:16 AM | Attr = H ]
sqmnoopt12.sqm -> %SystemDrive%\sqmnoopt12.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/25/2007 1:26:26 PM | Attr = H ]
sqmnoopt13.sqm -> %SystemDrive%\sqmnoopt13.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/25/2007 9:32:26 PM | Attr = H ]
sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/26/2007 2:55:34 AM | Attr = H ]
sqmnoopt15.sqm -> %SystemDrive%\sqmnoopt15.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/27/2007 1:04:28 AM | Attr = H ]
sqmnoopt16.sqm -> %SystemDrive%\sqmnoopt16.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/27/2007 9:06:38 AM | Attr = H ]
sqmnoopt17.sqm -> %SystemDrive%\sqmnoopt17.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/27/2007 10:12:42 PM | Attr = H ]
sqmnoopt18.sqm -> %SystemDrive%\sqmnoopt18.sqm -> [Ver = | Size = 244 bytes | Modified Date = 1/28/2007 8:33:02 AM | Attr = H ]
sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/3/2007 12:00:10 PM | Attr = H ]
Thumbs.db -> %SystemDrive%\Thumbs.db -> [Ver = | Size = 25088 bytes | Modified Date = 1/11/2007 9:59:20 AM | Attr = HS]
system.dll -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\system.dll -> [Ver = | Size = 6144 bytes | Modified Date = 2/4/2007 12:29:16 PM | Attr = ]
Update.exe -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\Update.exe -> [Ver = | Size = 13312 bytes | Modified Date = 2/4/2007 12:29:16 PM | Attr = ]
AdobeFnt.lst -> %CommonProgramFiles%\Adobe\TypeSpt\AdobeFnt.lst -> [Ver = | Size = 94974 bytes | Modified Date = 1/10/2007 9:27:16 AM | Attr = ]
atrc.dll -> %CommonProgramFiles%\Real\Codecs\atrc.dll -> RealNetworks, Inc. [Ver = 10.0.0.3083 | Size = 77824 bytes | Modified Date = 1/26/2007 6:40:44 PM | Attr = ]
cook.dll -> %CommonProgramFiles%\Real\Codecs\cook.dll -> RealNetworks, Inc. [Ver = 10.0.0.2389 | Size = 65536 bytes | Modified Date = 1/26/2007 6:40:44 PM | Attr = ]
drv1.dll -> %CommonProgramFiles%\Real\Codecs\drv1.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 102400 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
drv2.dll -> %CommonProgramFiles%\Real\Codecs\drv2.dll -> RealNetworks, Inc. [Ver = 10.0.0.2373 | Size = 176128 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
drvc.dll -> %CommonProgramFiles%\Real\Codecs\drvc.dll -> RealNetworks, Inc. [Ver = 10.0.0.1740 | Size = 266240 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
hxltcolor.dll -> %CommonProgramFiles%\Real\Codecs\hxltcolor.dll -> RealNetworks, Inc. [Ver = 10.0.0.1110 | Size = 241664 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
raac.dll -> %CommonProgramFiles%\Real\Codecs\raac.dll -> RealNetworks, Inc. [Ver = 10.0.0.1066 | Size = 552960 bytes | Modified Date = 1/26/2007 6:40:44 PM | Attr = ]
rv10.dll -> %CommonProgramFiles%\Real\Codecs\rv10.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 49152 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
rv20.dll -> %CommonProgramFiles%\Real\Codecs\rv20.dll -> RealNetworks, Inc. [Ver = 10.0.0.2373 | Size = 57344 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
rv30.dll -> %CommonProgramFiles%\Real\Codecs\rv30.dll -> RealNetworks, Inc. [Ver = 10.0.0.1740 | Size = 49152 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
rv40.dll -> %CommonProgramFiles%\Real\Codecs\rv40.dll -> RealNetworks, Inc. [Ver = 10.0.0.1740 | Size = 49152 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
sipr.dll -> %CommonProgramFiles%\Real\Codecs\sipr.dll -> RealNetworks, Inc. [Ver = 10.0.0.3080 | Size = 106496 bytes | Modified Date = 1/26/2007 6:40:44 PM | Attr = ]
devices.ini -> %CommonProgramFiles%\Real\Common\devices.ini -> [Ver = | Size = 2534 bytes | Modified Date = 1/26/2007 6:41:12 PM | Attr = ]
objb3201.dll -> %CommonProgramFiles%\Real\Common\objb3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6726 | Size = 172032 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
pnen3260.dll -> %CommonProgramFiles%\Real\Common\pnen3260.dll -> RealNetworks, Inc. [Ver = 10.0.0.1283 | Size = 1310720 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
pngu3267.dll -> %CommonProgramFiles%\Real\Common\pngu3267.dll -> RealNetworks, Inc. [Ver = 6.7.0.2962 | Size = 421888 bytes | Modified Date = 1/26/2007 6:40:34 PM | Attr = ]
pnrs3260.dll -> %CommonProgramFiles%\Real\Common\pnrs3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.4317 | Size = 28672 bytes | Modified Date = 1/26/2007 6:40:34 PM | Attr = ]
rjbviz.dll -> %CommonProgramFiles%\Real\Common\rjbviz.dll -> RealNetworks, Inc. [Ver = 1.0.2.4142 | Size = 147456 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
rppr3260.dll -> %CommonProgramFiles%\Real\Common\rppr3260.dll -> RealNetworks, Inc. [Ver = 6.0.10.2490 | Size = 28672 bytes | Modified Date = 1/26/2007 6:40:36 PM | Attr = ]
rpun3260.dll -> %CommonProgramFiles%\Real\Common\rpun3260.dll -> RealNetworks, Inc. [Ver = 6.0.10.2489 | Size = 36864 bytes | Modified Date = 1/26/2007 6:41:12 PM | Attr = ]
security.dll -> %CommonProgramFiles%\Real\Common\security.dll -> RealNetworks, Inc. [Ver = 1.0.3.2518 | Size = 45056 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
twebbrowse.dll -> %CommonProgramFiles%\Real\Common\twebbrowse.dll -> RealNetworks, Inc. [Ver = 1.0.2.1844 | Size = 81920 bytes | Modified Date = 1/26/2007 6:40:40 PM | Attr = ]
BarControl.dll -> %CommonProgramFiles%\Real\GToolbar\BarControl.dll -> Google, Inc [Ver = 2.0.0.8 | Size = 110592 bytes | Modified Date = 1/26/2007 6:40:54 PM | Attr = ]
gdsapi.dll -> %CommonProgramFiles%\Real\GToolbar\gdsapi.dll -> [Ver = | Size = 4096 bytes | Modified Date = 1/26/2007 6:40:56 PM | Attr = ]
GDSSetup.exe -> %CommonProgramFiles%\Real\GToolbar\GDSSetup.exe -> [Ver = | Size = 746600 bytes | Modified Date = 1/26/2007 6:40:58 PM | Attr = ]
GoogleToolbarInstaller.exe -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller.exe -> Google [Ver = 3, 0, 131, 0 | Size = 583696 bytes | Modified Date = 1/26/2007 6:40:54 PM | Attr = ]
GoogleToolbarInstaller98.exe -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller98.exe -> Google [Ver = 3, 0, 131, 0 | Size = 733712 bytes | Modified Date = 1/26/2007 6:40:56 PM | Attr = ]
aacff.dll -> %CommonProgramFiles%\Real\Plugins\aacff.dll -> RealNetworks, Inc. [Ver = 10.0.0.1029 | Size = 69632 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
audplin.dll -> %CommonProgramFiles%\Real\Plugins\audplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1483 | Size = 86016 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
authmgr.dll -> %CommonProgramFiles%\Real\Plugins\authmgr.dll -> RealNetworks, Inc. [Ver = 10.0.0.1687 | Size = 53248 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
cdda3260.dll -> %CommonProgramFiles%\Real\Plugins\cdda3260.dll -> RealNetworks, Inc. [Ver = 6.0.3.2509 | Size = 36864 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
clbascauth.dll -> %CommonProgramFiles%\Real\Plugins\clbascauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1254 | Size = 40960 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
clntxres.dll -> %CommonProgramFiles%\Real\Plugins\clntxres.dll -> RealNetworks, Inc. [Ver = 10.0.0.4181 | Size = 53248 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
cont3260.dll -> %CommonProgramFiles%\Real\Plugins\cont3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.2148 | Size = 65536 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
fpsechnd.dll -> %CommonProgramFiles%\Real\Plugins\fpsechnd.dll -> RealNetworks, Inc. [Ver = 6.0.9.32 | Size = 233472 bytes | Modified Date = 1/26/2007 6:41:10 PM | Attr = ]
httpfsys.dll -> %CommonProgramFiles%\Real\Plugins\httpfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.3032 | Size = 176128 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
hxsdp.dll -> %CommonProgramFiles%\Real\Plugins\hxsdp.dll -> RealNetworks, Inc. [Ver = 10.0.0.513 | Size = 40960 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
hxxml.dll -> %CommonProgramFiles%\Real\Plugins\hxxml.dll -> [Ver = | Size = 86016 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
imgrender.dll -> %CommonProgramFiles%\Real\Plugins\imgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1269 | Size = 532480 bytes | Modified Date = 1/26/2007 6:40:48 PM | Attr = ]
memfsys.dll -> %CommonProgramFiles%\Real\Plugins\memfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.1219 | Size = 77824 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
mp3fformat.dll -> %CommonProgramFiles%\Real\Plugins\mp3fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.3223 | Size = 45056 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
mp3metaff.dll -> %CommonProgramFiles%\Real\Plugins\mp3metaff.dll -> RealNetworks, Inc. [Ver = 10.0.0.1219 | Size = 65536 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
mp3render.dll -> %CommonProgramFiles%\Real\Plugins\mp3render.dll -> RealNetworks, Inc. [Ver = 10.0.0.1252 | Size = 151552 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
mp4arender.dll -> %CommonProgramFiles%\Real\Plugins\mp4arender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1055 | Size = 126976 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
mp4fformat.dll -> %CommonProgramFiles%\Real\Plugins\mp4fformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2953 | Size = 73728 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
mp4wrtr.dll -> %CommonProgramFiles%\Real\Plugins\mp4wrtr.dll -> [Ver = | Size = 98304 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
mpgfformat.dll -> %CommonProgramFiles%\Real\Plugins\mpgfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1428 | Size = 69632 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
mpgrender.dll -> %CommonProgramFiles%\Real\Plugins\mpgrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1231 | Size = 172032 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
ntlmauth.dll -> %CommonProgramFiles%\Real\Plugins\ntlmauth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1232 | Size = 45056 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
pacplin.dll -> %CommonProgramFiles%\Real\Plugins\pacplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 360448 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
pdgenxferfsys.dll -> %CommonProgramFiles%\Real\Plugins\pdgenxferfsys.dll -> RealNetworks, Inc. [Ver = 6.0.12.1680 | Size = 73728 bytes | Modified Date = 1/26/2007 6:41:10 PM | Attr = ]
plusplin.dll -> %CommonProgramFiles%\Real\Plugins\plusplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 57344 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
pxcb3210.dll -> %CommonProgramFiles%\Real\Plugins\pxcb3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.4244 | Size = 40960 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
ramfformat.dll -> %CommonProgramFiles%\Real\Plugins\ramfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2477 | Size = 45056 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
ramrender.dll -> %CommonProgramFiles%\Real\Plugins\ramrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.2164 | Size = 57344 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
rarender.dll -> %CommonProgramFiles%\Real\Plugins\rarender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1260 | Size = 151552 bytes | Modified Date = 1/26/2007 6:40:44 PM | Attr = ]
recf3260.dll -> %CommonProgramFiles%\Real\Plugins\recf3260.dll -> RealNetworks, Inc. [Ver = 6.0.0.3113 | Size = 36864 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
rmfformat.dll -> %CommonProgramFiles%\Real\Plugins\rmfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1475 | Size = 176128 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
rmwrtr.dll -> %CommonProgramFiles%\Real\Plugins\rmwrtr.dll -> RealNetworks, Inc. [Ver = 6.0.2.1155 | Size = 282624 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
rmxfpln.dll -> %CommonProgramFiles%\Real\Plugins\rmxfpln.dll -> RealNetworks, Inc. [Ver = 1.0.3.2527 | Size = 65536 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
rmxrend.dll -> %CommonProgramFiles%\Real\Plugins\rmxrend.dll -> RealNetworks, Inc. [Ver = 1.0.3.2580 | Size = 106496 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
rn5auth.dll -> %CommonProgramFiles%\Real\Plugins\rn5auth.dll -> RealNetworks, Inc. [Ver = 10.0.0.1455 | Size = 45056 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
rtfformat.dll -> %CommonProgramFiles%\Real\Plugins\rtfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1457 | Size = 110592 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
rtrender.dll -> %CommonProgramFiles%\Real\Plugins\rtrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1250 | Size = 122880 bytes | Modified Date = 1/26/2007 6:40:48 PM | Attr = ]
rvrender.dll -> %CommonProgramFiles%\Real\Plugins\rvrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1644 | Size = 172032 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
sdpplin.dll -> %CommonProgramFiles%\Real\Plugins\sdpplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.373 | Size = 45056 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
security.dll -> %CommonProgramFiles%\Real\Plugins\security.dll -> RealNetworks, Inc. [Ver = 1.0.3.2518 | Size = 45056 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
smlfformat.dll -> %CommonProgramFiles%\Real\Plugins\smlfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.2112 | Size = 61440 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
smlrender.dll -> %CommonProgramFiles%\Real\Plugins\smlrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1728 | Size = 532480 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
smmrender.dll -> %CommonProgramFiles%\Real\Plugins\smmrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1250 | Size = 57344 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
smplfsys.dll -> %CommonProgramFiles%\Real\Plugins\smplfsys.dll -> RealNetworks, Inc. [Ver = 10.0.0.2020 | Size = 69632 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
stubdrm.dll -> %CommonProgramFiles%\Real\Plugins\stubdrm.dll -> RealNetworks, Inc. [Ver = 10.0.0.1655 | Size = 32768 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
swfformat.dll -> %CommonProgramFiles%\Real\Plugins\swfformat.dll -> RealNetworks, Inc. [Ver = 10.0.0.1460 | Size = 94208 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
swfrender.dll -> %CommonProgramFiles%\Real\Plugins\swfrender.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 614400 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
tfilesys.dll -> %CommonProgramFiles%\Real\Plugins\tfilesys.dll -> RealNetworks, Inc. [Ver = 1.0.3.2488 | Size = 57344 bytes | Modified Date = 1/26/2007 6:41:06 PM | Attr = ]
vidplin.dll -> %CommonProgramFiles%\Real\Plugins\vidplin.dll -> RealNetworks, Inc. [Ver = 10.0.0.1269 | Size = 167936 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
vidsite.dll -> %CommonProgramFiles%\Real\Plugins\vidsite.dll -> RealNetworks, Inc. [Ver = 10.0.0.1253 | Size = 376832 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
vsrcplin.dll -> %CommonProgramFiles%\Real\Plugins\vsrcplin.dll -> RealNetworks, Inc. [Ver = 10.1.0.1180 | Size = 135168 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
vsrlocal.dll -> %CommonProgramFiles%\Real\Plugins\vsrlocal.dll -> RealNetworks, Inc. [Ver = 10.1.0.1180 | Size = 94208 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
wm9fformat.dll -> %CommonProgramFiles%\Real\Plugins\wm9fformat.dll -> RealNetworks, Inc. [Ver = 1.0.0.1338 | Size = 176128 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
wm9writer.dll -> %CommonProgramFiles%\Real\Plugins\wm9writer.dll -> RealNetworks, Inc. [Ver = 1.0.0.1322 | Size = 28672 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
wmsechnd.dll -> %CommonProgramFiles%\Real\Plugins\wmsechnd.dll -> RealNetworks, Inc. [Ver = 1.0.0.657 | Size = 180224 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
zipf3260.dll -> %CommonProgramFiles%\Real\Plugins\zipf3260.dll -> RealNetworks, Inc. [Ver = 6.0.8.2799 | Size = 172032 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
gct23201.dll -> %CommonProgramFiles%\Real\RCAPlugins\gct23201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6575 | Size = 155648 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
gema3201.dll -> %CommonProgramFiles%\Real\RCAPlugins\gema3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.4066 | Size = 90112 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
gemx3201.dll -> %CommonProgramFiles%\Real\RCAPlugins\gemx3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.6120 | Size = 450560 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
locd3210.dll -> %CommonProgramFiles%\Real\RCAPlugins\locd3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2382 | Size = 102400 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
rpcontrols1.dll -> %CommonProgramFiles%\Real\RCAPlugins\rpcontrols1.dll -> RealNetworks, Inc. [Ver = 6.0.1.2485 | Size = 757760 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
rpcontrols2.dll -> %CommonProgramFiles%\Real\RCAPlugins\rpcontrols2.dll -> RealNetworks [Ver = 6.0.1.2485 | Size = 692224 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
sonr3210.dll -> %CommonProgramFiles%\Real\RCAPlugins\sonr3210.dll -> RealNetworks, Inc. [Ver = 1.0.0.2580 | Size = 196608 bytes | Modified Date = 1/26/2007 6:41:02 PM | Attr = ]
uisy3201.dll -> %CommonProgramFiles%\Real\RCAPlugins\uisy3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.4083 | Size = 446464 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
xmlc3201.dll -> %CommonProgramFiles%\Real\RCAPlugins\xmlc3201.dll -> RealNetworks, Inc. [Ver = 0.1.1.2490 | Size = 53248 bytes | Modified Date = 1/26/2007 6:40:52 PM | Attr = ]
theweatherchannel_stubreal.exe -> %CommonProgramFiles%\Real\TWC\theweatherchannel_stubreal.exe -> The Weather Channel Interactive [Ver = 3, 0, 4, 0 | Size = 285808 bytes | Modified Date = 1/26/2007 6:41:00 PM | Attr = ]
TWCControl.dll -> %CommonProgramFiles%\Real\TWC\TWCControl.dll -> RealNetworks, Inc. [Ver = 1.0.0.3 | Size = 90112 bytes | Modified Date = 1/26/2007 6:40:58 PM | Attr = ]
faus3270.dll -> %CommonProgramFiles%\Real\Update_OB\faus3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3457 | Size = 389120 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
nprfxins.dll -> %CommonProgramFiles%\Real\Update_OB\nprfxins.dll -> RichFX Inc. [Ver = 3.31.0659 | Size = 569397 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
pnmi3270.dll -> %CommonProgramFiles%\Real\Update_OB\pnmi3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.2157 | Size = 36864 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
r1puninst.exe -> %CommonProgramFiles%\Real\Update_OB\r1puninst.exe -> RealNetworks, Inc. [Ver = 7.0.0.4246 | Size = 188416 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
RealOneMessageCenter.exe -> %CommonProgramFiles%\Real\Update_OB\RealOneMessageCenter.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 69632 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
rnad3201.dll -> %CommonProgramFiles%\Real\Update_OB\rnad3201.dll -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 98304 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
rnms3270.dll -> %CommonProgramFiles%\Real\Update_OB\rnms3270.dll -> RealNetworks, Inc. [Ver = 7.0.1.3584 | Size = 335872 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
rnqu3270.dll -> %CommonProgramFiles%\Real\Update_OB\rnqu3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.4153 | Size = 311296 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
rnup3270.dll -> %CommonProgramFiles%\Real\Update_OB\rnup3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3334 | Size = 172032 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
rnxproc.exe -> %CommonProgramFiles%\Real\Update_OB\rnxproc.exe -> RealNetworks, Inc. [Ver = 7.0.0.3105 | Size = 58912 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
setu3270.dll -> %CommonProgramFiles%\Real\Update_OB\setu3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.4619 | Size = 307200 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
upgr3270.dll -> %CommonProgramFiles%\Real\Update_OB\upgr3270.dll -> RealNetworks, Inc. [Ver = 7.0.0.3985 | Size = 344064 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
upgrdhlp.exe -> %CommonProgramFiles%\Real\Update_OB\upgrdhlp.exe -> RealNetworks, Inc. [Ver = 7.0.0.3800 | Size = 126976 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
Annabelle.rpv -> %CommonProgramFiles%\Real\Visualizations\Annabelle.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 43008 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
CosmicBelt.rpv -> %CommonProgramFiles%\Real\Visualizations\CosmicBelt.rpv -> [Ver = | Size = 80384 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
Fire.rpv -> %CommonProgramFiles%\Real\Visualizations\Fire.rpv -> RealNetworks, Inc. [Ver = 1.0.0.1 | Size = 7168 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
FreqBands.rpv -> %CommonProgramFiles%\Real\Visualizations\FreqBands.rpv -> RealNetworks, Inc. [Ver = 1.0.0.2 | Size = 7680 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
Nebula.rpv -> %CommonProgramFiles%\Real\Visualizations\Nebula.rpv -> [Ver = | Size = 69632 bytes | Modified Date = 1/26/2007 6:40:50 PM | Attr = ]
xmencmp3.dll -> %CommonProgramFiles%\xing shared\mpeg encode\xmencmp3.dll -> RealNetworks, Inc. [Ver = 1, 0, 0, 17 | Size = 352256 bytes | Modified Date = 1/26/2007 6:41:04 PM | Attr = ]
coreres.xrs -> %CommonProgramFiles%\Real\Plugins\ExtResources\coreres.xrs -> RealNetworks, Inc. [Ver = 10.0.0.4432 | Size = 65536 bytes | Modified Date = 1/26/2007 6:40:32 PM | Attr = ]
ath.vs -> %CommonProgramFiles%\Real\Update_OB\UI\ath.vs -> [Ver = | Size = 32395 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
default.png -> %CommonProgramFiles%\Real\Update_OB\UI\default.png -> [Ver = | Size = 7484 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
default.smi -> %CommonProgramFiles%\Real\Update_OB\UI\default.smi -> [Ver = | Size = 436 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
mirak.vs -> %CommonProgramFiles%\Real\Update_OB\UI\mirak.vs -> [Ver = | Size = 9101 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
msgoff.htm -> %CommonProgramFiles%\Real\Update_OB\UI\msgoff.htm -> [Ver = | Size = 3215 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
msgui.vs -> %CommonProgramFiles%\Real\Update_OB\UI\msgui.vs -> [Ver = | Size = 55012 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
rnupgui.vs -> %CommonProgramFiles%\Real\Update_OB\UI\rnupgui.vs -> [Ver = | Size = 43572 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
real_logo_93x44.gif -> %CommonProgramFiles%\Real\Update_OB\UI\Images\real_logo_93x44.gif -> [Ver = | Size = 741 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
msgdata.js -> %CommonProgramFiles%\Real\Update_OB\UI\loc\msgdata.js -> [Ver = | Size = 1039 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
msgStyle.css -> %CommonProgramFiles%\Real\Update_OB\UI\loc\msgStyle.css -> [Ver = | Size = 991 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
setup.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\0701\Intel32\setup.dll -> InstallShield Software Corporation [Ver = 7, 01, 100, 1280 | Size = 282756 bytes | Modified Date = 1/15/2007 12:19:26 PM | Attr = ]
iGdi.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 188548 bytes | Modified Date = 1/6/2007 8:12:28 AM | Attr = ]
setup.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 311428 bytes | Modified Date = 1/6/2007 8:12:28 AM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 2/4/2007 12:23:14 PM | Attr = S]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 2/3/2007 12:20:58 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 2/3/2007 12:20:58 PM | Attr = H ]
SIERRA.INI -> %SystemRoot%\SIERRA.INI -> [Ver = | Size = 459 bytes | Modified Date = 1/21/2007 4:27:30 PM | Attr = ]
netstat.com -> %System32%\netstat.com -> [Ver = | Size = 2 bytes | Modified Date = 2/4/2007 12:24:08 PM | Attr = HS]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 88566 bytes | Modified Date = 2/4/2007 12:23:42 PM | Attr = ]
pndx5016.dll -> %System32%\pndx5016.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 6656 bytes | Modified Date = 1/26/2007 6:40:36 PM | Attr = ]
pndx5032.dll -> %System32%\pndx5032.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 5632 bytes | Modified Date = 1/26/2007 6:40:36 PM | Attr = ]
rmoc3260.dll -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
svchosts.exe -> %System32%\svchosts.exe -> [Ver = | Size = 36864 bytes | Modified Date = 2/4/2007 12:29:16 PM | Attr = ]
taskkill.com -> %System32%\taskkill.com -> [Ver = | Size = 2 bytes | Modified Date = 2/4/2007 12:24:08 PM | Attr = HS]
unsvchosts.exe -> %System32%\unsvchosts.exe -> [Ver = | Size = 2560 bytes | Modified Date = 2/4/2007 12:29:16 PM | Attr = ]

[File String Scan - Non-Microsoft Only]
Thawte Consulting , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\core3.zip -> [Ver = | Size = 3290841 bytes | Modified Date = 10/12/2006 3:41:56 AM | Attr = ]
USERTRUST , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_09.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4490872 bytes | Modified Date = 10/12/2006 3:41:58 AM | Attr = ]
USERTRUST , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_10.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4650616 bytes | Modified Date = 11/9/2006 3:38:38 PM | Attr = ]
PEC2 , PECompact2 , -> %CommonProgramFiles%\Real\GToolbar\GDSSetup.exe -> [Ver = | Size = 746600 bytes | Modified Date = 1/26/2007 6:40:58 PM | Attr = ]
PEC2 , PECompact2 , -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller.exe -> Google [Ver = 3, 0, 131, 0 | Size = 583696 bytes | Modified Date = 1/26/2007 6:40:54 PM | Attr = ]
Thawte Consulting , -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Modified Date = 1/26/2007 6:40:28 PM | Attr = ]
Thawte Consulting , -> %CommonProgramFiles%\Real\Update_OB\rnxproc.exe -> RealNetworks, Inc. [Ver = 7.0.0.3105 | Size = 58912 bytes | Modified Date = 1/26/2007 6:40:30 PM | Attr = ]
PEC2 , WSUD , -> %CommonProgramFiles%\SpeechEngines\Microsoft\SR61\1033\AF031033.AM -> [Ver = | Size = 7048576 bytes | Modified Date = 11/22/2002 1:27:36 AM | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
Thawte Consulting , -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 1/26/2007 6:40:46 PM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
Thawte Consulting , -> %System32%\drivers\hamachi.sys -> Applied Networking Inc. [Ver = 5.9.9.8 | Size = 15440 bytes | Modified Date = 11/30/2006 1:30:48 PM | Attr = ]

< End of report >

#12 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:04:03 AM

Posted 04 February 2007 - 09:16 PM

Hi Ruidiance. Many of the items that were removed are back again. We might have to update this system to Service Pack 1. It is so far out of date that it is a security sieve just waiting to be attacked.

Let's try this first.

Open Notepad and copy/paste the information in the quotebox below into the new document. Save it on your desktop as fix.txt

Now, reboot into Safe Mode by doing the following:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.
  • Use the arrow keys to select the Safe Mode menu item.
  • Press the Enter key.
Start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Processes - Non-Microsoft Only]
YY -> update.exe -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\Update.exe
YY -> winlogon.exe -> %System32%\ubtrruclhn\winlogon.exe
[Win32 Services - Non-Microsoft Only]
YY -> (Client IP-IPX) Client IP-IPX [Win32_Own | Auto | Stopped] -> %System32%\svchosts.exe
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> IpWins -> %ProgramFiles%\Ipwindows\ipwins.exe
YN -> winlogon ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> winlogon ->
< Windows NT\\Load [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\load
YY -> C:\WINDOWS\System32\ubtrruclhn\winlogon.exe -> %System32%\ubtrruclhn\winlogon.exe
< Windows NT\\Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\run
YY -> C:\WINDOWS\System32\ubtrruclhn\winlogon.exe -> %System32%\ubtrruclhn\winlogon.exe
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 1
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoAdminPage -> 1
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
YN -> 1.1.1.1 liveupdate. ->
NY -> ->
NY -> ->
YN -> 1.1.1.1 f-secure.com ->
YN -> 1.1.1.1 www.f-secure.com ->
YN -> 1.1.1.1 ftp.f-secure.com ->
YN -> 1.1.1.1 ftp.sophos.com ->
YN -> 1.1.1.1 liveupdate.symantec.com ->
YN -> 1.1.1.1 customer.symantec.com ->
YN -> 1.1.1.1 dispatch.mcafee.com ->
YN -> 1.1.1.1 download.mcafee.com ->
YN -> 1.1.1.1 rads.mcafee.com ->
YN -> 1.1.1.1 mast.mcafee.com ->
YN -> 1.1.1.1 my-etrust.com ->
YN -> 1.1.1.1 www.my-etrust.com ->
YN -> 1.1.1.1 nai.com ->
YN -> 1.1.1.1 www.nai.com ->
YN -> 1.1.1.1 networkassociates.com ->
YN -> 1.1.1.1 secure.nai.com ->
YN -> 1.1.1.1 securityresponse.symantec.com ->
YN -> 1.1.1.1 service1.symantec.com ->
YN -> 1.1.1.1 sophos.com ->
YN -> 1.1.1.1 www.sophos.com ->
YN -> 1.1.1.1 support.microsoft.com ->
YN -> 1.1.1.1 symantec.com ->
YN -> 1.1.1.1 www.symantec.com ->
YN -> 1.1.1.1 update.symantec.com ->
YN -> 1.1.1.1 updates.symantec.com ->
YN -> 1.1.1.1 us.mcafee.com ->
YN -> 1.1.1.1 vil.nai.com ->
YN -> 1.1.1.1 viruslist.com ->
YN -> 1.1.1.1 www.viruslist.com ->
YN -> 1.1.1.1 grisoft.com ->
YN -> 1.1.1.1 www.grisoft.com ->
YN -> 1.1.1.1 free.grisoft.com ->
YN -> 1.1.1.1 trendmicro.com ->
YN -> 1.1.1.1 housecall.trendmicro.com ->
YN -> 1.1.1.1 www.trendmicro.com ->
YN -> 1.1.1.1 pandasoftware.com ->
YN -> 1.1.1.1 www.pandasoftware.com ->
YN -> 1.1.1.1 usa.kaspersky.com ->
YN -> 1.1.1.1 ewido.net ->
NY -> ->
YN -> 1.1.1.1 zonelabs.com ->
YN -> 1.1.1.1 www.zonelabs.com ->
YN -> 1.1.1.1 bitdefender.com ->
YN -> 1.1.1.1 www.bitdefender.com ->
YN -> 1.1.1.1 download.bitdefender.com ->
YN -> 1.1.1.1 upgrade.bitdefender.com ->
YN -> 1.1.1.1 spywareinfo.com ->
YN -> 1.1.1.1 www.spywareinfo.com ->
YN -> 1.1.1.1 merijn.org ->
YN -> 1.1.1.1 www.merijn.org ->
YN -> 1.1.1.1 sysinternals.com ->
YN -> 1.1.1.1 www.sysinternals.com ->
YN -> 1.1.1.1 onguardonline.gov ->
YN -> 1.1.1.1 www.onguardonline.gov ->
YN -> 1.1.1.1 avast.com ->
YN -> 1.1.1.1 www.avast.com ->
YN -> 1.1.1.1 safety.live.com ->
YN -> 1.1.1.1 www.paretologic.com ->
YN -> 1.1.1.1 paretologic.com ->
YN -> 1.1.1.1 virusscan.jotti.org ->
YN -> 1.1.1.1 services.google.com ->
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
YY -> &Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll\search.htm
< Protocol Filters [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\
YN -> text/html -> Reg Data - Key not found
[Files - Created Within 30 days]
NY -> system.dll -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\system.dll
NY -> Update.exe -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\Update.exe
NY -> netstat.com -> %System32%\netstat.com
NY -> svchosts.exe -> %System32%\svchosts.exe
NY -> taskkill.com -> %System32%\taskkill.com
NY -> unsvchosts.exe -> %System32%\unsvchosts.exe
[Files - Modified Within 30 days]
NY -> system.dll -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\system.dll
NY -> Update.exe -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\Update.exe
NY -> netstat.com -> %System32%\netstat.com
NY -> nvapps.xml -> %System32%\nvapps.xml
NY -> svchosts.exe -> %System32%\svchosts.exe
NY -> taskkill.com -> %System32%\taskkill.com
NY -> unsvchosts.exe -> %System32%\unsvchosts.exe
[ Extra Files ]
c:\program files\Common Files%\{883A0E0B-07CF-1033-0920-021102000001}\
c:\windows\System32\ubtrruclhn\
c:\Program Files\Ipwindows\


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. CLick the Ok button and Notepad will open with a log of actions taken during the fix. Write down the name of the file and then close Notepad.

Reboot he computer normally and post the log file from the fix along with a new WinPFind3u log file back here. I will review the information when it comes back in.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#13 Ruidiance

Ruidiance
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 05 February 2007 - 05:24 AM

Everything was going fine until the WinPFind3U program suddenly halted and went into the "Not Responding" state. I did it in Safe Mode, just to clarify. Here's where it stopped:

[Files - Created Within 30 days]
NY -> system.dll -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\system.dll
NY -> Update.exe -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\Update.exe
NY -> netstat.com -> %System32%\netstat.com
NY -> svchosts.exe -> %System32%\svchosts.exe
NY -> taskkill.com -> %System32%\taskkill.com
NY -> unsvchosts.exe -> %System32%\unsvchosts.exe
[Files - Modified Within 30 days]
NY -> system.dll -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\system.dll
NY -> Update.exe -> %CommonProgramFiles%\{883A0E0B-07CF-1033-0920-021102000001}\Update.exe
NY -> netstat.com -> %System32%\netstat.com
NY -> nvapps.xml -> %System32%\nvapps.xml
NY -> svchosts.exe -> %System32%\svchosts.exe
NY -> taskkill.com -> %System32%\taskkill.com
NY -> unsvchosts.exe -> %System32%\unsvchosts.exe
[ Extra Files ]
c:\program files\Common Files%\{883A0E0B-07CF-1033-0920-021102000001}\
c:\windows\System32\ubtrruclhn\
c:\Program Files\Ipwindows\

#14 Ruidiance

Ruidiance
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 05 February 2007 - 05:28 AM

Also, the same virus was seen in a different folder today: C:\Program Files\Common Files\{883A0E0B-07D0-1033-0920-021102000001}\Update.exe (Note the difference in that long string of numbers and letters)

Could this have caused the stop in the WinPFind3U program?

Edited by Ruidiance, 05 February 2007 - 05:31 AM.


#15 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:04:03 AM

Posted 05 February 2007 - 05:22 PM

Hi Ruidiance. Ok, do this:

Your operating system is extremely out of date. By not keeping the OS updated the computer is vulnerable to every infection on the net and in emails today and trying to repair an unpatched system is virtually impossible. For update purposes, Microsoft has even stopped supporting a system that is this far out of date. Go to the Microsoft Windows XP Service Pack 1.a site and install Service Pack 1a.

Once that is done, go back to the Windows Update site and install all available Critical Updates but do not install SP2 at this time. This will patch the system with the most current security fixes and plug all the known holes which are present on this system. If you are not on a broadband connection the Service Pack can be obtained from Microsoft for a nominal shipping fee.

After all of the updates have been performed post a new WinPFind3u log back here using the Add Reply button and I will review it when it comes in.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users