WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93085 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

[Resolved] Cyberlog_X and Spywin32@mx

Started by Cindy Kaye , Jun 06 2008 07:41 AM

This topic is locked

10 replies to this topic

#1 Cindy Kaye

New Member

New Member
5 posts

Posted 06 June 2008 - 07:41 AM

HELP PLEASE..........My PC was pretty jacked up with spyware, adware, trojans and viruses. I couldn't get to my normal desktop or on Internet, it wouldn't let me do anything unless I was in Safe Mode. I managed to get rid of most of them after running several different anti virus software such as Super Antivirus, Spyware Terminator, Windows Defender, The Sheild, SmitfraudFix, and SDFix. I also went into the registry and deleted several on my own. But it appears by the SDFix and HiJackThis report that I still have a few things that just don't want to go away. Any help you could offer would be greatly appreciated.
I have included my SDFix log as well as my HiJackThis log.

SDFix: Version 1.188
Run by Administrator on Thu 06/05/2008 at 06:10 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting

Checking Files :

Trojan Files Found:

C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt - Deleted
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt - Deleted
C:\Temp\1cb\syscheck.log - Deleted
C:\Temp\vtmp2\ktnv33.log - Deleted
C:\Program Files\ISM\ism.exe - Deleted
C:\Program Files\ISM\Uninstall.exe - Deleted
C:\WINDOWS\system32\000060.exe - Deleted
C:\WINDOWS\system32\000090.exe - Deleted
C:\WINDOWS\megavid.cdt - Deleted
C:\WINDOWS\muotr.so - Deleted
C:\WINDOWS\rundll32.vbe - Deleted
C:\WINDOWS\system32\hljwugsf.bin - Deleted
C:\WINDOWS\system32\pac.txt - Deleted
C:\WINDOWS\system32\spywarewarning.mht - Deleted
C:\WINDOWS\system32\spywarewarning2.mht - Deleted

Could Not Remove C:\WINDOWS\system32\WinCtrl32.dll

Folder C:\Program Files\ISM - Removed
Folder C:\Program Files\Spcron - Removed
Folder C:\Documents and Settings\LocalService\Application Data\NetMon - Removed
Folder C:\Temp\1cb - Removed
Folder C:\Temp\tn3 - Removed
Folder C:\Temp\vtmp2 - Removed
Folder C:\WINDOWS\system32\vntiho06 - Removed

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-05 18:25:20
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\MUILanguages\RCV2\clb.dll]
"0"=hex:00,00,28,0a,01,00,05,00
"1"=hex:b6,00,b6,eb,2f,6b,03,cb,5a,e8,c3,ac,b9,40,38,e1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\MUILanguages\RCV2\clbcatex.dll]
"0"=hex:2a,00,3e,11,0c,00,d1,07
"1"=hex:cf,24,2a,85,a4,d7,fe,3c,03,76,96,fe,18,b6,ec,d3
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\MUILanguages\RCV2\clbcatq.dll]
"0"=hex:2a,00,3e,11,0c,00,d1,07
"1"=hex:6a,b7,9d,1d,7d,d8,1d,46,23,79,12,2a,da,6a,19,42
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\clbdriver.sys]
@="driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\clbdriver.sys]
@="driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\clbdriver]
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=str(2):"\??\globalroot\systemroot\system32\drivers\clbdriver.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Nls\MUILanguages\RCV2\clb.dll]
"0"=hex:00,00,28,0a,01,00,05,00
"1"=hex:b6,00,b6,eb,2f,6b,03,cb,5a,e8,c3,ac,b9,40,38,e1
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Nls\MUILanguages\RCV2\clbcatex.dll]
"0"=hex:2a,00,3e,11,0c,00,d1,07
"1"=hex:cf,24,2a,85,a4,d7,fe,3c,03,76,96,fe,18,b6,ec,d3
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Nls\MUILanguages\RCV2\clbcatq.dll]
"0"=hex:2a,00,3e,11,0c,00,d1,07
"1"=hex:6a,b7,9d,1d,7d,d8,1d,46,23,79,12,2a,da,6a,19,42
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\clbdriver.sys]
@="driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\clbdriver.sys]
@="driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\clbdriver]
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=str(2):"\??\globalroot\systemroot\system32\drivers\clbdriver.sys"

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k310bus_A7E7CA83705624064EC7AB2AF4997EAE5F6BDBC5]
"creation"=hex:32,89,16,24,4d,58,c7,01
"type"=dword:00000006
"INF"="k310bus.inf"
"Services"=str(7):"k310bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k310mdm2_040BEC4076C920183FDD509043CA7CB366A05062]
"creation"=hex:42,14,a7,25,4d,58,c7,01
"type"=dword:00000006
"INF"="k310mdm2.inf"
"Services"=str(7):"k310mdm\0k310mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k310mdmv_040BEC4076C920183FDD509043CA7CB366A05062]
"creation"=hex:ac,d4,08,26,4d,58,c7,01
"type"=dword:00000006
"INF"="k310mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k310mdmw_040BEC4076C920183FDD509043CA7CB366A05062]
"creation"=hex:0e,e6,3a,26,4d,58,c7,01
"type"=dword:00000006
"INF"="k310mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k310obx2_986FD48FB05FB1DEDD10FF8AAA2210A4FAA8114B]
"creation"=hex:5c,58,8e,26,4d,58,c7,01
"type"=dword:00000006
"INF"="k310obx2.inf"
"Services"=str(7):"k310obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k310obxv_986FD48FB05FB1DEDD10FF8AAA2210A4FAA8114B]
"creation"=hex:42,41,d8,26,4d,58,c7,01
"type"=dword:00000006
"INF"="k310obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k310obxw_986FD48FB05FB1DEDD10FF8AAA2210A4FAA8114B]
"creation"=hex:b2,79,11,27,4d,58,c7,01
"type"=dword:00000006
"INF"="k310obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k310sdm2_16763C31792717082576D39B8BFF51C1711F86AE]
"creation"=hex:4c,27,60,27,4d,58,c7,01
"type"=dword:00000006
"INF"="k310sdm2.inf"
"Services"=str(7):"k310mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k310sdmv_16763C31792717082576D39B8BFF51C1711F86AE]
"creation"=hex:24,e9,a2,27,4d,58,c7,01
"type"=dword:00000006
"INF"="k310sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k310sdmw_16763C31792717082576D39B8BFF51C1711F86AE]
"creation"=hex:3a,bf,d9,27,4d,58,c7,01
"type"=dword:00000006
"INF"="k310sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k510bus_592164D5F16E51E4C644FCD48917085CBB6C223C]
"creation"=hex:88,31,2d,28,4d,58,c7,01
"type"=dword:00000006
"INF"="k510bus.inf"
"Services"=str(7):"k510bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k510mdm2_29F37670BF5839E457B807D5FE931F9681E5E5B7]
"creation"=hex:e4,ca,87,28,4d,58,c7,01
"type"=dword:00000006
"INF"="k510mdm2.inf"
"Services"=str(7):"k510mdm\0k510mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k510mdmv_29F37670BF5839E457B807D5FE931F9681E5E5B7]
"creation"=hex:d6,d0,b1,29,4d,58,c7,01
"type"=dword:00000006
"INF"="k510mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k510mdmw_29F37670BF5839E457B807D5FE931F9681E5E5B7]
"creation"=hex:46,09,eb,29,4d,58,c7,01
"type"=dword:00000006
"INF"="k510mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k510obx2_4290C8169FD5F3F64A2AEC2B8BD140F90144791F]
"creation"=hex:18,53,56,2a,4d,58,c7,01
"type"=dword:00000006
"INF"="k510obx2.inf"
"Services"=str(7):"k510obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k510obxv_4290C8169FD5F3F64A2AEC2B8BD140F90144791F]
"creation"=hex:a4,d9,9d,2a,4d,58,c7,01
"type"=dword:00000006
"INF"="k510obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k510obxw_4290C8169FD5F3F64A2AEC2B8BD140F90144791F]
"creation"=hex:d6,fd,e2,2a,4d,58,c7,01
"type"=dword:00000006
"INF"="k510obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k510sdm2_DFCDE6D624A21CCA1B1FE424267B306D87EC5280]
"creation"=hex:8c,f9,3f,2b,4d,58,c7,01
"type"=dword:00000006
"INF"="k510sdm2.inf"
"Services"=str(7):"k510mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k510sdmv_DFCDE6D624A21CCA1B1FE424267B306D87EC5280]
"creation"=hex:26,a7,8e,2b,4d,58,c7,01
"type"=dword:00000006
"INF"="k510sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k510sdmw_DFCDE6D624A21CCA1B1FE424267B306D87EC5280]
"creation"=hex:a4,06,cf,2b,4d,58,c7,01
"type"=dword:00000006
"INF"="k510sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k600bus_6781026C271771CB74A43AA206185BFD42CABCAB]
"creation"=hex:fa,27,52,2c,4d,58,c7,01
"type"=dword:00000006
"INF"="k600bus.inf"
"Services"=str(7):"k600bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k600mdm2_E19DBF1C141E9F53D336190C0BAC2017D09527CC]
"creation"=hex:4a,d1,fd,2c,4d,58,c7,01
"type"=dword:00000006
"INF"="k600mdm2.inf"
"Services"=str(7):"k600mdm\0k600mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k600mdmv_E19DBF1C141E9F53D336190C0BAC2017D09527CC]
"creation"=hex:00,cd,5a,2d,4d,58,c7,01
"type"=dword:00000006
"INF"="k600mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k600mdmw_E19DBF1C141E9F53D336190C0BAC2017D09527CC]
"creation"=hex:62,de,8c,2d,4d,58,c7,01
"type"=dword:00000006
"INF"="k600mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k600obx2_544957CEA92FFABD68A9120A8C0ACCF37E342AB0]
"creation"=hex:34,28,f8,2d,4d,58,c7,01
"type"=dword:00000006
"INF"="k600obx2.inf"
"Services"=str(7):"k600obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k600obxv_544957CEA92FFABD68A9120A8C0ACCF37E342AB0]
"creation"=hex:0c,ea,3a,2e,4d,58,c7,01
"type"=dword:00000006
"INF"="k600obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k600obxw_544957CEA92FFABD68A9120A8C0ACCF37E342AB0]
"creation"=hex:8a,49,7b,2e,4d,58,c7,01
"type"=dword:00000006
"INF"="k600obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k600sdm2_675FCD620F5C308ECAD6C1B697D236C2FA9B79D2]
"creation"=hex:ca,94,c7,2e,4d,58,c7,01
"type"=dword:00000006
"INF"="k600sdm2.inf"
"Services"=str(7):"k600mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k600sdmv_675FCD620F5C308ECAD6C1B697D236C2FA9B79D2]
"creation"=hex:da,f2,26,2f,4d,58,c7,01
"type"=dword:00000006
"INF"="k600sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k600sdmw_675FCD620F5C308ECAD6C1B697D236C2FA9B79D2]
"creation"=hex:a4,8d,62,2f,4d,58,c7,01
"type"=dword:00000006
"INF"="k600sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k750bus_3D28D8AF3B052A3C8EF7B37A8D13DC7635619447]
"creation"=hex:88,6c,85,30,4d,58,c7,01
"type"=dword:00000006
"INF"="k750bus.inf"
"Services"=str(7):"k750bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k750mdm2_A686F4B37CC7E33AF27A91972F84F609BA2B1C73]
"creation"=hex:c6,07,0d,34,4d,58,c7,01
"type"=dword:00000006
"INF"="k750mdm2.inf"
"Services"=str(7):"k750mdm\0k750mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k750mdmv_A686F4B37CC7E33AF27A91972F84F609BA2B1C73]
"creation"=hex:44,94,7e,35,4d,58,c7,01
"type"=dword:00000006
"INF"="k750mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k750mdmw_A686F4B37CC7E33AF27A91972F84F609BA2B1C73]
"creation"=hex:b4,cc,b7,35,4d,58,c7,01
"type"=dword:00000006
"INF"="k750mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k750obx2_B6529B5B8F8B3D0B523C1B59F562515BCC9A301A]
"creation"=hex:72,77,44,36,4d,58,c7,01
"type"=dword:00000006
"INF"="k750obx2.inf"
"Services"=str(7):"k750obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k750obxv_B6529B5B8F8B3D0B523C1B59F562515BCC9A301A]
"creation"=hex:44,c1,af,36,4d,58,c7,01
"type"=dword:00000006
"INF"="k750obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k750obxw_B6529B5B8F8B3D0B523C1B59F562515BCC9A301A]
"creation"=hex:00,35,e4,36,4d,58,c7,01
"type"=dword:00000006
"INF"="k750obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k750sdm2_4956777425E371D02E5BB7F92E7041DC2AFA371C]
"creation"=hex:4e,a7,37,37,4d,58,c7,01
"type"=dword:00000006
"INF"="k750sdm2.inf"
"Services"=str(7):"k750mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k750sdmv_4956777425E371D02E5BB7F92E7041DC2AFA371C]
"creation"=hex:9c,19,8b,37,4d,58,c7,01
"type"=dword:00000006
"INF"="k750sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\k750sdmw_4956777425E371D02E5BB7F92E7041DC2AFA371C]
"creation"=hex:ce,3d,d0,37,4d,58,c7,01
"type"=dword:00000006
"INF"="k750sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\sem600i_ir_546D3BA4CC7EB36C331FC119D38B3FD30C825291]
"creation"=hex:38,fe,31,38,4d,58,c7,01
"type"=dword:00000006
"INF"="sem600i_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\sem750_ird_50799BBE11F88974139D554049516ADA2D4038C7]
"creation"=hex:1e,e7,7b,38,4d,58,c7,01
"type"=dword:00000006
"INF"="sem750_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\semk310_ir_73B2B9606FA06AB5D0FA327722DE92281C15F688]
"creation"=hex:9c,46,bc,38,4d,58,c7,01
"type"=dword:00000006
"INF"="semk310_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\semk510_ir_1E3D86293C91A0BED3422B683BDFA44BC8A68CF2]
"creation"=hex:28,cd,03,39,4d,58,c7,01
"type"=dword:00000006
"INF"="semk510_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\semw300_ir_DD9FDDE44151BF32816B50D49E1BC2A281AED45B]
"creation"=hex:e4,40,38,39,4d,58,c7,01
"type"=dword:00000006
"INF"="semw300_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\semw550_ir_9625490CBD2BE55CB3AC1503901A1B3783D35EE6]
"creation"=hex:08,3e,76,39,4d,58,c7,01
"type"=dword:00000006
"INF"="semw550_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\semw600_ir_4B49C11FEF76751440AB14809FF11D8A1654871E]
"creation"=hex:78,76,af,39,4d,58,c7,01
"type"=dword:00000006
"INF"="semw600_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\semw700_ir_CB7648A9A35E0D91BBD92D4607B0D9A533398580]
"creation"=hex:aa,9a,f4,39,4d,58,c7,01
"type"=dword:00000006
"INF"="semw700_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\semw800_ir_68EC6DF95DCA07028DFDAF2F747F81CE95E368B2]
"creation"=hex:36,21,3c,3a,4d,58,c7,01
"type"=dword:00000006
"INF"="semw800_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\semw810_ir_CA996D23EBE3A560C73D54BD1C64555428845572]
"creation"=hex:76,6c,88,3a,4d,58,c7,01
"type"=dword:00000006
"INF"="semw810_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\semw900_ir_AFBF64FB4CE24AD05FD98A430F802690395E607E]
"creation"=hex:02,f3,cf,3a,4d,58,c7,01
"type"=dword:00000006
"INF"="semw900_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\semz520_ir_E0D11CEE56D6ECEBEB0A9F4AA741BD36F175334B]
"creation"=hex:da,b4,12,3b,4d,58,c7,01
"type"=dword:00000006
"INF"="semz520_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\semz525_ir_96598186D0686A25978ED2C890A59768E18CF271]
"creation"=hex:74,62,61,3b,4d,58,c7,01
"type"=dword:00000006
"INF"="semz525_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\semz530_ir_B28E2586F1C3C0D646AE5D27B53D132A91190F06]
"creation"=hex:98,5f,9f,3b,4d,58,c7,01
"type"=dword:00000006
"INF"="semz530_irda_nt.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\v800bus_33B03B0AA7FEFB0F117AE2032FB4F746ECD1C031]
"creation"=hex:62,fa,da,3b,4d,58,c7,01
"type"=dword:00000006
"INF"="v800bus.inf"
"Services"=str(7):"v800bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\v800mdm2_52A3E02F2481F993B94A72741E829D1504831FCD]
"creation"=hex:0a,cf,30,3c,4d,58,c7,01
"type"=dword:00000006
"INF"="v800mdm2.inf"
"Services"=str(7):"v800mdm\0v800mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\v800mdmv_52A3E02F2481F993B94A72741E829D1504831FCD]
"creation"=hex:4e,88,2d,3d,4d,58,c7,01
"type"=dword:00000006
"INF"="v800mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\v800mdmw_52A3E02F2481F993B94A72741E829D1504831FCD]
"creation"=hex:36,a8,cf,3d,4d,58,c7,01
"type"=dword:00000006
"INF"="v800mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\v800obx2_B386C4D0894F0D6A3516A67ADA767B8BA223AC67]
"creation"=hex:58,9b,e6,3e,4d,58,c7,01
"type"=dword:00000006
"INF"="v800obx2.inf"
"Services"=str(7):"v800obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\v800obxv_B386C4D0894F0D6A3516A67ADA767B8BA223AC67]
"creation"=hex:a8,44,92,3f,4d,58,c7,01
"type"=dword:00000006
"INF"="v800obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\v800obxw_B386C4D0894F0D6A3516A67ADA767B8BA223AC67]
"creation"=hex:da,68,d7,3f,4d,58,c7,01
"type"=dword:00000006
"INF"="v800obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\v800sdm2_8CB6E7B15043FB4A8976B61DE7881DF27517EF24]
"creation"=hex:f8,ed,3d,40,4d,58,c7,01
"type"=dword:00000006
"INF"="v800sdm2.inf"
"Services"=str(7):"v800mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\v800sdmv_8CB6E7B15043FB4A8976B61DE7881DF27517EF24]
"creation"=hex:62,ae,9f,40,4d,58,c7,01
"type"=dword:00000006
"INF"="v800sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\v800sdmw_8CB6E7B15043FB4A8976B61DE7881DF27517EF24]
"creation"=hex:0a,83,f5,40,4d,58,c7,01
"type"=dword:00000006
"INF"="v800sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w300bus_0209B92A82130E008316A3F7066232412A4B9753]
"creation"=hex:74,43,57,41,4d,58,c7,01
"type"=dword:00000006
"INF"="w300bus.inf"
"Services"=str(7):"w300bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w300mdm2_60E51EE07A9E04D1D83759A9D06CAE72B00454DD]
"creation"=hex:1c,18,ad,41,4d,58,c7,01
"type"=dword:00000006
"INF"="w300mdm2.inf"
"Services"=str(7):"w300mdm\0w300mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w300mdmv_60E51EE07A9E04D1D83759A9D06CAE72B00454DD]
"creation"=hex:c4,ec,02,42,4d,58,c7,01
"type"=dword:00000006
"INF"="w300mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w300mdmw_60E51EE07A9E04D1D83759A9D06CAE72B00454DD]
"creation"=hex:50,73,4a,42,4d,58,c7,01
"type"=dword:00000006
"INF"="w300mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w300obx2_149D5B5D34D476CC633D3C86DFD222063A148067]
"creation"=hex:ac,0c,a5,42,4d,58,c7,01
"type"=dword:00000006
"INF"="w300obx2.inf"
"Services"=str(7):"w300obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w300obxv_149D5B5D34D476CC633D3C86DFD222063A148067]
"creation"=hex:38,93,ec,42,4d,58,c7,01
"type"=dword:00000006
"INF"="w300obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w300obxw_149D5B5D34D476CC633D3C86DFD222063A148067]
"creation"=hex:1e,7c,36,43,4d,58,c7,01
"type"=dword:00000006
"INF"="w300obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w300sdm2_3A0F080277F2673B82DFC57B12ADB4CE26D50B98]
"creation"=hex:28,62,be,43,4d,58,c7,01
"type"=dword:00000006
"INF"="w300sdm2.inf"
"Services"=str(7):"w300mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w300sdmv_3A0F080277F2673B82DFC57B12ADB4CE26D50B98]
"creation"=hex:38,c0,1d,44,4d,58,c7,01
"type"=dword:00000006
"INF"="w300sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w300sdmw_3A0F080277F2673B82DFC57B12ADB4CE26D50B98]
"creation"=hex:86,32,71,44,4d,58,c7,01
"type"=dword:00000006
"INF"="w300sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w550bus_82010EE0CEA5C27E6905DC671BF25CB399D33F7C]
"creation"=hex:58,7c,dc,44,4d,58,c7,01
"type"=dword:00000006
"INF"="w550bus.inf"
"Services"=str(7):"w550bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w550mdm2_155482E7E55DF597206A7D0B4BD43BD62684E5DD]
"creation"=hex:a6,ee,2f,45,4d,58,c7,01
"type"=dword:00000006
"INF"="w550mdm2.inf"
"Services"=str(7):"w550mdm\0w550mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w550mdmv_155482E7E55DF597206A7D0B4BD43BD62684E5DD]
"creation"=hex:6a,11,94,45,4d,58,c7,01
"type"=dword:00000006
"INF"="w550mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w550mdmw_155482E7E55DF597206A7D0B4BD43BD62684E5DD]
"creation"=hex:b8,83,e7,45,4d,58,c7,01
"type"=dword:00000006
"INF"="w550mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w550obx2_3D569D1C1C374205CA2571AD99CA641F5DFC06E1]
"creation"=hex:c8,e1,46,46,4d,58,c7,01
"type"=dword:00000006
"INF"="w550obx2.inf"
"Services"=str(7):"w550obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w550obxv_3D569D1C1C374205CA2571AD99CA641F5DFC06E1]
"creation"=hex:08,2d,93,46,4d,58,c7,01
"type"=dword:00000006
"INF"="w550obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w550obxw_3D569D1C1C374205CA2571AD99CA641F5DFC06E1]
"creation"=hex:48,78,df,46,4d,58,c7,01
"type"=dword:00000006
"INF"="w550obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w550sdm2_DE27AE400CE18E280257E9C601D025775BC38881]
"creation"=hex:58,d6,3e,47,4d,58,c7,01
"type"=dword:00000006
"INF"="w550sdm2.inf"
"Services"=str(7):"w550mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w550sdmv_DE27AE400CE18E280257E9C601D025775BC38881]
"creation"=hex:08,5a,c4,47,4d,58,c7,01
"type"=dword:00000006
"INF"="w550sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w550sdmw_DE27AE400CE18E280257E9C601D025775BC38881]
"creation"=hex:20,67,53,48,4d,58,c7,01
"type"=dword:00000006
"INF"="w550sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w600bus_851AAF9CDC14A20EDD3877074ED40BF8671686F2]
"creation"=hex:92,d6,e4,48,4d,58,c7,01
"type"=dword:00000006
"INF"="w600bus.inf"
"Services"=str(7):"w600bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w600mdm2_1C3C30107DF53EAE54B74686A6E8F4E5AED3E443]
"creation"=hex:a2,34,44,49,4d,58,c7,01
"type"=dword:00000006
"INF"="w600mdm2.inf"
"Services"=str(7):"w600mdm\0w600mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w600mdmv_1C3C30107DF53EAE54B74686A6E8F4E5AED3E443]
"creation"=hex:82,a5,b6,49,4d,58,c7,01
"type"=dword:00000006
"INF"="w600mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w600mdmw_1C3C30107DF53EAE54B74686A6E8F4E5AED3E443]
"creation"=hex:c2,f0,02,4a,4d,58,c7,01
"type"=dword:00000006
"INF"="w600mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w600obx2_DAE8B60384B37320C14D6F72F1238DE037A97039]
"creation"=hex:86,13,67,4a,4d,58,c7,01
"type"=dword:00000006
"INF"="w600obx2.inf"
"Services"=str(7):"w600obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w600obxv_DAE8B60384B37320C14D6F72F1238DE037A97039]
"creation"=hex:88,4a,bf,4a,4d,58,c7,01
"type"=dword:00000006
"INF"="w600obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w600obxw_DAE8B60384B37320C14D6F72F1238DE037A97039]
"creation"=hex:ba,6e,04,4b,4d,58,c7,01
"type"=dword:00000006
"INF"="w600obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w600sdm2_51A9B9F3944C484E42554AF86C82CCD03D9A7F56]
"creation"=hex:62,43,5a,4b,4d,58,c7,01
"type"=dword:00000006
"INF"="w600sdm2.inf"
"Services"=str(7):"w600mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w600sdmv_51A9B9F3944C484E42554AF86C82CCD03D9A7F56]
"creation"=hex:0a,18,b0,4b,4d,58,c7,01
"type"=dword:00000006
"INF"="w600sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w600sdmw_51A9B9F3944C484E42554AF86C82CCD03D9A7F56]
"creation"=hex:b2,ec,05,4c,4d,58,c7,01
"type"=dword:00000006
"INF"="w600sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w700bus_9B69DEFA54AD9B8DEC9E960BA187E92A254FB265]
"creation"=hex:4c,9a,54,4c,4d,58,c7,01
"type"=dword:00000006
"INF"="w700bus.inf"
"Services"=str(7):"W700bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w700mdm2_4FBEE709CDA3DC6AE7E6EE25A896AE6975137264]
"creation"=hex:c4,81,bd,4c,4d,58,c7,01
"type"=dword:00000006
"INF"="w700mdm2.inf"
"Services"=str(7):"W700mdm\0W700mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w700mdmv_4FBEE709CDA3DC6AE7E6EE25A896AE6975137264]
"creation"=hex:66,de,3b,4d,4d,58,c7,01
"type"=dword:00000006
"INF"="w700mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w700mdmw_4FBEE709CDA3DC6AE7E6EE25A896AE6975137264]
"creation"=hex:b4,50,8f,4d,4d,58,c7,01
"type"=dword:00000006
"INF"="w700mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w700obx2_D39D6E0D0896387B611933687DF988F0E0E96358]
"creation"=hex:48,86,06,4e,4d,58,c7,01
"type"=dword:00000006
"INF"="w700obx2.inf"
"Services"=str(7):"W700obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w700obxv_D39D6E0D0896387B611933687DF988F0E0E96358]
"creation"=hex:66,0b,6d,4e,4d,58,c7,01
"type"=dword:00000006
"INF"="w700obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w700obxw_D39D6E0D0896387B611933687DF988F0E0E96358]
"creation"=hex:1c,07,ca,4e,4d,58,c7,01
"type"=dword:00000006
"INF"="w700obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w700sdm2_FC685B295AA7CA47EF46A4A08C077A96AE0FE91B]
"creation"=hex:2c,65,29,4f,4d,58,c7,01
"type"=dword:00000006
"INF"="w700sdm2.inf"
"Services"=str(7):"W700mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w700sdmv_FC685B295AA7CA47EF46A4A08C077A96AE0FE91B]
"creation"=hex:96,25,8b,4f,4d,58,c7,01
"type"=dword:00000006
"INF"="w700sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w700sdmw_FC685B295AA7CA47EF46A4A08C077A96AE0FE91B]
"creation"=hex:e4,97,de,4f,4d,58,c7,01
"type"=dword:00000006
"INF"="w700sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w800bus_69B11FC87B31548BA1B6F6DF548027A745FB48C7]
"creation"=hex:10,44,4c,50,4d,58,c7,01
"type"=dword:00000006
"INF"="w800bus.inf"
"Services"=str(7):"w800bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w800mdm2_0DA26FC493941513A4C768EAC92AA00B306E2590]
"creation"=hex:3c,f0,b9,50,4d,58,c7,01
"type"=dword:00000006
"INF"="w800mdm2.inf"
"Services"=str(7):"w800mdm\0w800mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w800mdmv_0DA26FC493941513A4C768EAC92AA00B306E2590]
"creation"=hex:46,d6,41,51,4d,58,c7,01
"type"=dword:00000006
"INF"="w800mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w800mdmw_0DA26FC493941513A4C768EAC92AA00B306E2590]
"creation"=hex:d2,5c,89,51,4d,58,c7,01
"type"=dword:00000006
"INF"="w800mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w800obx2_014D3A30070F317DF47D02CDEF6732BFE11C2247]
"creation"=hex:1a,57,05,52,4d,58,c7,01
"type"=dword:00000006
"INF"="w800obx2.inf"
"Services"=str(7):"w800obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w800obxv_014D3A30070F317DF47D02CDEF6732BFE11C2247]
"creation"=hex:84,17,67,52,4d,58,c7,01
"type"=dword:00000006
"INF"="w800obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w800obxw_014D3A30070F317DF47D02CDEF6732BFE11C2247]
"creation"=hex:c4,62,b3,52,4d,58,c7,01
"type"=dword:00000006
"INF"="w800obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w800sdm2_52ACC6D2C254F74020549727BF34BB7941E0C0B6]
"creation"=hex:4a,71,23,53,4d,58,c7,01
"type"=dword:00000006
"INF"="w800sdm2.inf"
"Services"=str(7):"w800mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w800sdmv_52ACC6D2C254F74020549727BF34BB7941E0C0B6]
"creation"=hex:b4,31,85,53,4d,58,c7,01
"type"=dword:00000006
"INF"="w800sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w800sdmw_52ACC6D2C254F74020549727BF34BB7941E0C0B6]
"creation"=hex:5c,06,db,53,4d,58,c7,01
"type"=dword:00000006
"INF"="w800sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w810bus_19818AD353804A5BD8813328571E90C7C25F3308]
"creation"=hex:b2,27,5e,54,4d,58,c7,01
"type"=dword:00000006
"INF"="w810bus.inf"
"Services"=str(7):"w810bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w810mdm2_0BFD58F44BE28989A9FB32BF6B064CED549D04B5]
"creation"=hex:14,39,90,54,4d,58,c7,01
"type"=dword:00000006
"INF"="w810mdm2.inf"
"Services"=str(7):"w810mdm\0w810mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w810mdmv_0BFD58F44BE28989A9FB32BF6B064CED549D04B5]
"creation"=hex:46,5d,d5,54,4d,58,c7,01
"type"=dword:00000006
"INF"="w810mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w810mdmw_0BFD58F44BE28989A9FB32BF6B064CED549D04B5]
"creation"=hex:72,09,43,55,4d,58,c7,01
"type"=dword:00000006
"INF"="w810mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w810obx2_D045EC4F539AF2BD3AC1262B67E2FF4D18A63D99]
"creation"=hex:ac,dc,b7,55,4d,58,c7,01
"type"=dword:00000006
"INF"="w810obx2.inf"
"Services"=str(7):"w810obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w810obxv_D045EC4F539AF2BD3AC1262B67E2FF4D18A63D99]
"creation"=hex:d8,88,25,56,4d,58,c7,01
"type"=dword:00000006
"INF"="w810obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w810obxw_D045EC4F539AF2BD3AC1262B67E2FF4D18A63D99]
"creation"=hex:da,bf,7d,56,4d,58,c7,01
"type"=dword:00000006
"INF"="w810obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w810sdm2_4FBD832A66FA44975E6A1999A17F07E15CA668BB]
"creation"=hex:52,a7,e6,56,4d,58,c7,01
"type"=dword:00000006
"INF"="w810sdm2.inf"
"Services"=str(7):"w810mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w810sdmv_4FBD832A66FA44975E6A1999A17F07E15CA668BB]
"creation"=hex:bc,67,48,57,4d,58,c7,01
"type"=dword:00000006
"INF"="w810sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w810sdmw_4FBD832A66FA44975E6A1999A17F07E15CA668BB]
"creation"=hex:da,ec,ae,57,4d,58,c7,01
"type"=dword:00000006
"INF"="w810sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w900bus_A13D909859C3DD3A4D2024E90C5667A0715A2654]
"creation"=hex:ba,5d,21,58,4d,58,c7,01
"type"=dword:00000006
"INF"="w900bus.inf"
"Services"=str(7):"w900bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w900mdm2_90932CB2543B32CBED4E0BC2C3770ED450157BF7]
"creation"=hex:8c,a7,8c,58,4d,58,c7,01
"type"=dword:00000006
"INF"="w900mdm2.inf"
"Services"=str(7):"w900mdm\0w900mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w900mdmv_90932CB2543B32CBED4E0BC2C3770ED450157BF7]
"creation"=hex:fe,16,1e,59,4d,58,c7,01
"type"=dword:00000006
"INF"="w900mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w900mdmw_90932CB2543B32CBED4E0BC2C3770ED450157BF7]
"creation"=hex:c2,39,82,59,4d,58,c7,01
"type"=dword:00000006
"INF"="w900mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w900obx2_0E4C0E31D6475770EDFD1870908B5C4C7A27F6CD]
"creation"=hex:72,bd,07,5a,4d,58,c7,01
"type"=dword:00000006
"INF"="w900obx2.inf"
"Services"=str(7):"w900obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w900obxv_0E4C0E31D6475770EDFD1870908B5C4C7A27F6CD]
"creation"=hex:82,1b,67,5a,4d,58,c7,01
"type"=dword:00000006
"INF"="w900obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w900obxw_0E4C0E31D6475770EDFD1870908B5C4C7A27F6CD]
"creation"=hex:de,b4,c1,5a,4d,58,c7,01
"type"=dword:00000006
"INF"="w900obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w900sdm2_29A2E5B331F007667257BC3A492448AA5412B7FE]
"creation"=hex:0a,61,2f,5b,4d,58,c7,01
"type"=dword:00000006
"INF"="w900sdm2.inf"
"Services"=str(7):"w900mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w900sdmv_29A2E5B331F007667257BC3A492448AA5412B7FE]
"creation"=hex:52,5b,ab,5b,4d,58,c7,01
"type"=dword:00000006
"INF"="w900sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\w900sdmw_29A2E5B331F007667257BC3A492448AA5412B7FE]
"creation"=hex:24,a5,16,5c,4d,58,c7,01
"type"=dword:00000006
"INF"="w900sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z520bus_9A02E2C69777D5FE8B0AFED25A3954B87E40B176]
"creation"=hex:6c,9f,92,5c,4d,58,c7,01
"type"=dword:00000006
"INF"="z520bus.inf"
"Services"=str(7):"z520bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z520mdm2_E7C347162E16943CCB9FD999DD13C9386BFAC43D]
"creation"=hex:68,5e,13,5d,4d,58,c7,01
"type"=dword:00000006
"INF"="z520mdm2.inf"
"Services"=str(7):"z520mdm\0z520mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z520mdmv_E7C347162E16943CCB9FD999DD13C9386BFAC43D]
"creation"=hex:0a,bb,91,5d,4d,58,c7,01
"type"=dword:00000006
"INF"="z520mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z520mdmw_E7C347162E16943CCB9FD999DD13C9386BFAC43D]
"creation"=hex:82,a2,fa,5d,4d,58,c7,01
"type"=dword:00000006
"INF"="z520mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z520obx2_1775DF8AB6F50291DB10A5E8971E87950BA0EB0C]
"creation"=hex:08,b1,6a,5e,4d,58,c7,01
"type"=dword:00000006
"INF"="z520obx2.inf"
"Services"=str(7):"z520obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z520obxv_1775DF8AB6F50291DB10A5E8971E87950BA0EB0C]
"creation"=hex:8e,bf,da,5e,4d,58,c7,01
"type"=dword:00000006
"INF"="z520obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z520obxw_1775DF8AB6F50291DB10A5E8971E87950BA0EB0C]
"creation"=hex:f8,7f,3c,5f,4d,58,c7,01
"type"=dword:00000006
"INF"="z520obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z520sdm2_00D3F40169DE920AC43D88AA6EF98245DBB4F4A1]
"creation"=hex:ca,c9,a7,5f,4d,58,c7,01
"type"=dword:00000006
"INF"="z520sdm2.inf"
"Services"=str(7):"z520mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z520sdmv_00D3F40169DE920AC43D88AA6EF98245DBB4F4A1]
"creation"=hex:f6,75,15,60,4d,58,c7,01
"type"=dword:00000006
"INF"="z520sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z520sdmw_00D3F40169DE920AC43D88AA6EF98245DBB4F4A1]
"creation"=hex:ba,98,79,60,4d,58,c7,01
"type"=dword:00000006
"INF"="z520sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z525bus_3C7F5F79E689172B34A461EC0A6F4BFC389B600F]
"creation"=hex:f4,6b,ee,60,4d,58,c7,01
"type"=dword:00000006
"INF"="z525bus.inf"
"Services"=str(7):"z525bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z525mdm2_BCF80DF43817A6E2FF54119C6253B27FE7DCAD13]
"creation"=hex:e2,03,68,61,4d,58,c7,01
"type"=dword:00000006
"INF"="z525mdm2.inf"
"Services"=str(7):"z525mdm\0z525mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z525mdmv_BCF80DF43817A6E2FF54119C6253B27FE7DCAD13]
"creation"=hex:76,39,df,61,4d,58,c7,01
"type"=dword:00000006
"INF"="z525mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z525mdmw_BCF80DF43817A6E2FF54119C6253B27FE7DCAD13]
"creation"=hex:1e,0e,35,62,4d,58,c7,01
"type"=dword:00000006
"INF"="z525mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z525obx2_28BEEEF3E5E976D190C8B7611E2A302AF561302E]
"creation"=hex:dc,b8,c1,62,4d,58,c7,01
"type"=dword:00000006
"INF"="z525obx2.inf"
"Services"=str(7):"z525obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z525obxv_28BEEEF3E5E976D190C8B7611E2A302AF561302E]
"creation"=hex:58,0e,db,63,4d,58,c7,01
"type"=dword:00000006
"INF"="z525obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z525obxw_28BEEEF3E5E976D190C8B7611E2A302AF561302E]
"creation"=hex:0e,37,69,65,4d,58,c7,01
"type"=dword:00000006
"INF"="z525obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z525sdm2_4739E4159E316047F5F452CB07B092EFE246CEEA]
"creation"=hex:68,c6,9c,66,4d,58,c7,01
"type"=dword:00000006
"INF"="z525sdm2.inf"
"Services"=str(7):"z525mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z525sdmv_4739E4159E316047F5F452CB07B092EFE246CEEA]
"creation"=hex:64,85,1d,67,4d,58,c7,01
"type"=dword:00000006
"INF"="z525sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z525sdmw_4739E4159E316047F5F452CB07B092EFE246CEEA]
"creation"=hex:ac,7f,99,67,4d,58,c7,01
"type"=dword:00000006
"INF"="z525sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z530bus_711F5B1543E0E2E75095437AAD113BA7EC90C151]
"creation"=hex:9a,17,13,68,4d,58,c7,01
"type"=dword:00000006
"INF"="z530bus.inf"
"Services"=str(7):"z530bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z530mdm2_ED2CD1341CD36120CE066D4CA433D5D6E86BD7CF]
"creation"=hex:96,d6,93,68,4d,58,c7,01
"type"=dword:00000006
"INF"="z530mdm2.inf"
"Services"=str(7):"z530mdm\0z530mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z530mdmv_ED2CD1341CD36120CE066D4CA433D5D6E86BD7CF]
"creation"=hex:16,6d,2c,69,4d,58,c7,01
"type"=dword:00000006
"INF"="z530mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z530mdmw_ED2CD1341CD36120CE066D4CA433D5D6E86BD7CF]
"creation"=hex:8e,54,95,69,4d,58,c7,01
"type"=dword:00000006
"INF"="z530mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z530obx2_FD421C2424AE65A119ABC16012CA2153897D4825]
"creation"=hex:5a,26,29,6a,4d,58,c7,01
"type"=dword:00000006
"INF"="z530obx2.inf"
"Services"=str(7):"z530obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z530obxv_FD421C2424AE65A119ABC16012CA2153897D4825]
"creation"=hex:ee,5b,a0,6a,4d,58,c7,01
"type"=dword:00000006
"INF"="z530obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z530obxw_FD421C2424AE65A119ABC16012CA2153897D4825]
"creation"=hex:0c,e1,06,6b,4d,58,c7,01
"type"=dword:00000006
"INF"="z530obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z530sdm2_7CE664B8B6F578872DC59E086511B18A66B49CA3]
"creation"=hex:5c,8a,b2,6b,4d,58,c7,01
"type"=dword:00000006
"INF"="z530sdm2.inf"
"Services"=str(7):"z530mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z530sdmv_7CE664B8B6F578872DC59E086511B18A66B49CA3]
"creation"=hex:0c,0e,38,6c,4d,58,c7,01
"type"=dword:00000006
"INF"="z530sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z530sdmw_7CE664B8B6F578872DC59E086511B18A66B49CA3]
"creation"=hex:2a,93,9e,6c,4d,58,c7,01
"type"=dword:00000006
"INF"="z530sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z550bus_23BA2C85B1427198EB2F84794612301D31A2B517]
"creation"=hex:5e,ee,3b,6d,4d,58,c7,01
"type"=dword:00000006
"INF"="z550bus.inf"
"Services"=str(7):"Z550bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z550mdm2_9A77265F85F930344BFDF62F6EDEA9E21D13D5AB]
"creation"=hex:a6,e8,b7,6d,4d,58,c7,01
"type"=dword:00000006
"INF"="z550mdm2.inf"
"Services"=str(7):"Z550mdm\0Z550mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z550mdmv_9A77265F85F930344BFDF62F6EDEA9E21D13D5AB]
"creation"=hex:80,e1,52,6e,4d,58,c7,01
"type"=dword:00000006
"INF"="z550mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z550mdmw_9A77265F85F930344BFDF62F6EDEA9E21D13D5AB]
"creation"=hex:f8,c8,bb,6e,4d,58,c7,01
"type"=dword:00000006
"INF"="z550mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z550obx2_3CDD265B0595A0D8DFEAD7B6E194EB810CC396BE]
"creation"=hex:9a,25,3a,6f,4d,58,c7,01
"type"=dword:00000006
"INF"="z550obx2.inf"
"Services"=str(7):"Z550obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z550obxv_3CDD265B0595A0D8DFEAD7B6E194EB810CC396BE]
"creation"=hex:d4,f8,ae,6f,4d,58,c7,01
"type"=dword:00000006
"INF"="z550obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z550obxw_3CDD265B0595A0D8DFEAD7B6E194EB810CC396BE]
"creation"=hex:e4,56,0e,70,4d,58,c7,01
"type"=dword:00000006
"INF"="z550obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z550sdm2_6381084063DC92D8EA69071ABC9237F2EE5CF158]
"creation"=hex:3a,78,91,70,4d,58,c7,01
"type"=dword:00000006
"INF"="z550sdm2.inf"
"Services"=str(7):"Z550mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z550sdmv_6381084063DC92D8EA69071ABC9237F2EE5CF158]
"creation"=hex:74,4b,06,71,4d,58,c7,01
"type"=dword:00000006
"INF"="z550sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z550sdmw_6381084063DC92D8EA69071ABC9237F2EE5CF158]
"creation"=hex:38,6e,6a,71,4d,58,c7,01
"type"=dword:00000006
"INF"="z550sdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z800bus_E33A4370F20B35A0E769D6A0C506521060CE196E]
"creation"=hex:aa,dd,fb,71,4d,58,c7,01
"type"=dword:00000006
"INF"="z800bus.inf"
"Services"=str(7):"z800bus\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z800mdm2_EE30AC0900ED0BA0341D8C8CBF48308C879E73F4]
"creation"=hex:8a,4e,6e,72,4d,58,c7,01
"type"=dword:00000006
"INF"="z800mdm2.inf"
"Services"=str(7):"z800mdm\0z800mdfl\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z800mdmv_EE30AC0900ED0BA0341D8C8CBF48308C879E73F4]
"creation"=hex:56,20,02,73,4d,58,c7,01
"type"=dword:00000006
"INF"="z800mdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z800mdmw_EE30AC0900ED0BA0341D8C8CBF48308C879E73F4]
"creation"=hex:b2,b9,5c,73,4d,58,c7,01
"type"=dword:00000006
"INF"="z800mdmw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z800obx2_2998C412471A915CA1E2DCFDC9608F2F40454CAF]
"creation"=hex:ae,78,dd,73,4d,58,c7,01
"type"=dword:00000006
"INF"="z800obx2.inf"
"Services"=str(7):"z800obex\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z800obxv_2998C412471A915CA1E2DCFDC9608F2F40454CAF]
"creation"=hex:20,e8,6e,74,4d,58,c7,01
"type"=dword:00000006
"INF"="z800obxv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z800obxw_2998C412471A915CA1E2DCFDC9608F2F40454CAF]
"creation"=hex:d0,6b,f4,74,4d,58,c7,01
"type"=dword:00000006
"INF"="z800obxw.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z800sdm2_86D3CFB34D4DBD0843C8BCB4E05BB71B9A4FC200]
"creation"=hex:8e,16,81,75,4d,58,c7,01
"type"=dword:00000006
"INF"="z800sdm2.inf"
"Services"=str(7):"z800mgmt\0"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\z800sdmv_86D3CFB34D4DBD0843C8BCB4E05BB71B9A4FC200]
"creation"=hex:c8,e9,f5,75,4d,58,c7,01
"type"=dword:00000006
"INF"="z800sdmv.inf"
"ProductName"="Unknown Product"
"ManufacturerName"="Unknown Manufacturer"
"DisplayName"="Unknown Display Name"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL]
".Owner"="Unknown Owner"
"{17492023-C23A-453E-A040-C7C580BBF700}"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/wuweb.dll]
".Owner"="Unknown Owner"
"{6414512B-B978-451D-A0D8-FCFDF33E833C}"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"IEUpdate"="C:\WINDOWS\system32\acledits.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\StillImage]
"WIADevicePresent"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\StillImage\Registered Applications]
"eMPIA AMCAP"="C:\WINDOWS\etAMCAP.exe /StiDevice:%1 /StiEvent:%2"
"ET2700 PC CAM Application"="C:\WINDOWS\etCAP.exe /StiDevice:%1 /StiEvent:%2"
"Ulead Photo Express My Scrapbook 2.0"="C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\IPE.EXE /StiDevice:%1 /StiEvent:%2"
"Ulead COOL 360"="C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\Ulead COOL 360\UPANO.EXE /StiDevice:%1 /StiEvent:%2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Unimodem\DeviceSpecific]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Unimodem\DeviceSpecific\Agere Systems HDA Modem::Agere::Agere]
"RefCount"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Unimodem\DeviceSpecific\Agere Systems HDA Modem::Agere::Agere\Responses]
"<cr>"=hex:01,00,00,00,00,00,00,00,00,00
"<lf>"=hex:01,00,00,00,00,00,00,00,00,00
"0<cr>"=hex:00,00,00,00,00,00,00,00,00,00
"1<cr>"=hex:02,00,00,00,00,00,00,00,00,00
"2<cr>"=hex:08,00,00,00,00,00,00,00,00,00
"3<cr>"=hex:04,00,00,00,00,00,00,00,00,00
"4<cr>"=hex:03,00,00,00,00,00,00,00,00,00
"5<cr>"=hex:02,00,b0,04,00,00,00,00,00,00
"6<cr>"=hex:05,00,00,00,00,00,00,00,00,00
"7<cr>"=hex:06,00,00,00,00,00,00,00,00,00
"8<cr>"=hex:07,00,00,00,00,00,00,00,00,00
"<cr><lf>OK<cr><lf>"=hex:00,00,00,00,00,00,00,00,00,00
"<cr><lf>RING<cr><lf>"=hex:08,00,00,00,00,00,00,00,00,00
"<cr><lf>ERROR<cr><lf>"=hex:03,00,00,00,00,00,00,00,00,00
"<cr><lf>NO DIALTONE<cr><lf>"=hex:05,00,00,00,00,00,00,00,00,00
"<cr><lf>NO DIAL TONE<cr><lf>"=hex:05,00,00,00,00,00,00,00,00,00
"<cr><lf>BUSY<cr><lf>"=hex:06,00,00,00,00,00,00,00,00,00
"<cr><lf>NO CARRIER<cr><lf>"=hex:04,00,00,00,00,00,00,00,00,00
"<cr><lf>NO ANSWER<cr><lf>"=hex:07,00,00,00,00,00,00,00,00,00
"<cr><lf>FAX<cr><lf>"=hex:03,00,00,00,00,00,00,00,00,00
"<cr><lf>DATA<cr><lf>"=hex:03,00,00,00,00,00,00,00,00,00
"<cr><lf>VOICE<cr><lf>"=hex:03,00,00,00,00,00,00,00,00,00
"<cr><lf>DELAYED<cr><lf>"=hex:03,00,00,00,00,00,00,00,00,00
"<cr><lf>BLACKLISTED<cr><lf>"=hex:03,00,00,00,00,00,00,00,00,00
"<cr><lf>+FCERROR<cr><lf>"=hex:03,00,00,00,00,00,00,00,00,00
"<cr><lf>CONNECT<cr><lf>"=hex:02,00,00,00,00,00,00,00,00,00
"<cr><lf>CONNECT 300<cr><lf>"=hex:02,00,2c,01,00,00,00,00,00,00
"<cr><lf>CONNECT 300 NoEC<cr><lf>"=hex:02,00,2c,01,00,00,00,00,00,00
"<cr><lf>CONNECT 300 MNP4<cr><lf>"=hex:02,02,2c,01,00,00,00,00,00,00
"<cr><lf>CONNECT 300 MNP5<cr><lf>"=hex:02,03,2c,01,00,00,00,00,00,00
"<cr><lf>CONNECT 300 V42<cr><lf>"=hex:02,02,2c,01,00,00,00,00,00,00
"<cr><lf>CONNECT 300 V42bis<cr><lf>"=hex:02,03,2c,01,00,00,00,00,00,00
"<cr><lf>CONNECT 600<cr><lf>"=hex:02,00,58,02,00,00,00,00,00,00
"<cr><lf>CONNECT 600 NoEC<cr><lf>"=hex:02,00,58,02,00,00,00,00,00,00
"<cr><lf>CONNECT 600 MNP4<cr><lf>"=hex:02,02,58,02,00,00,00,00,00,00
"<cr><lf>CONNECT 600 MNP5<cr><lf>"=hex:02,03,58,02,00,00,00,00,00,00
"<cr><lf>CONNECT 600 V42<cr><lf>"=hex:02,02,58,02,00,00,00,00,00,00
"<cr><lf>CONNECT 600 V42bis<cr><lf>"=hex:02,03,58,02,00,00,00,00,00,00
"<cr><lf>CONNECT 1200<cr><lf>"=hex:02,00,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200 NoEC<cr><lf>"=hex:02,00,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200 MNP4<cr><lf>"=hex:02,02,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200 MNP5<cr><lf>"=hex:02,03,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200 V42<cr><lf>"=hex:02,02,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200 V42bis<cr><lf>"=hex:02,03,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200/75<cr><lf>"=hex:02,00,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200/75 NoEC<cr><lf>"=hex:02,00,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200/75 MNP4<cr><lf>"=hex:02,02,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200/75 MNP5<cr><lf>"=hex:02,03,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200/75 V42<cr><lf>"=hex:02,02,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200/75 V42bis<cr><lf>"=hex:02,03,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200TX/75RX<cr><lf>"=hex:02,00,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200TX/75RX NoEC<cr><lf>"=hex:02,00,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200TX/75RX MNP4<cr><lf>"=hex:02,02,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200TX/75RX MNP5<cr><lf>"=hex:02,03,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200TX/75RX V42<cr><lf>"=hex:02,02,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 1200TX/75RX V42bis<cr><lf>"=hex:02,03,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 75/1200<cr><lf>"=hex:02,00,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 75/1200 NoEC<cr><lf>"=hex:02,00,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 75/1200 MNP4<cr><lf>"=hex:02,02,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 75/1200 MNP5<cr><lf>"=hex:02,03,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 75/1200 V42<cr><lf>"=hex:02,02,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 75/1200 V42bis<cr><lf>"=hex:02,03,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 75TX/1200RX<cr><lf>"=hex:02,00,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 75TX/1200RX NoEC<cr><lf>"=hex:02,00,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 75TX/1200RX MNP4<cr><lf>"=hex:02,02,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 75TX/1200RX MNP5<cr><lf>"=hex:02,03,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 75TX/1200RX V42<cr><lf>"=hex:02,02,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 75TX/1200RX V42bis<cr><lf>"=hex:02,03,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 2400<cr><lf>"=hex:02,00,60,09,00,00,00,00,00,00
"<cr><lf>CONNECT 2400 NoEC<cr><lf>"=hex:02,00,60,09,00,00,00,00,00,00
"<cr><lf>CONNECT 2400 MNP4<cr><lf>"=hex:02,02,60,09,00,00,00,00,00,00
"<cr><lf>CONNECT 2400 MNP5<cr><lf>"=hex:02,03,60,09,00,00,00,00,00,00
"<cr><lf>CONNECT 2400 V42<cr><lf>"=hex:02,02,60,09,00,00,00,00,00,00
"<cr><lf>CONNECT 2400 V42bis<cr><lf>"=hex:02,03,60,09,00,00,00,00,00,00
"<cr><lf>CONNECT 4800<cr><lf>"=hex:02,00,c0,12,00,00,00,00,00,00
"<cr><lf>CONNECT 4800 NoEC<cr><lf>"=hex:02,00,c0,12,00,00,00,00,00,00
"<cr><lf>CONNECT 4800 MNP4<cr><lf>"=hex:02,02,c0,12,00,00,00,00,00,00
"<cr><lf>CONNECT 4800 MNP5<cr><lf>"=hex:02,03,c0,12,00,00,00,00,00,00
"<cr><lf>CONNECT 4800 V42<cr><lf>"=hex:02,02,c0,12,00,00,00,00,00,00
"<cr><lf>CONNECT 4800 V42bis<cr><lf>"=hex:02,03,c0,12,00,00,00,00,00,00
"<cr><lf>CONNECT 4800 V42 DSVD<cr><lf>"=hex:02,02,c0,12,00,00,00,00,00,00
"<cr><lf>CONNECT 4800 V42bis DSVD<cr><lf>"=hex:02,03,c0,12,00,00,00,00,00,00
"<cr><lf>CONNECT 7200<cr><lf>"=hex:02,00,20,1c,00,00,00,00,00,00
"<cr><lf>CONNECT 7200 NoEC<cr><lf>"=hex:02,00,20,1c,00,00,00,00,00,00
"<cr><lf>CONNECT 7200 MNP4<cr><lf>"=hex:02,02,20,1c,00,00,00,00,00,00
"<cr><lf>CONNECT 7200 MNP5<cr><lf>"=hex:02,03,20,1c,00,00,00,00,00,00
"<cr><lf>CONNECT 7200 V42<cr><lf>"=hex:02,02,20,1c,00,00,00,00,00,00
"<cr><lf>CONNECT 7200 V42bis<cr><lf>"=hex:02,03,20,1c,00,00,00,00,00,00
"<cr><lf>CONNECT 7200 V42 DSVD<cr><lf>"=hex:02,02,20,1c,00,00,00,00,00,00
"<cr><lf>CONNECT 7200 V42bis DSVD<cr><lf>"=hex:02,03,20,1c,00,00,00,00,00,00
"<cr><lf>CONNECT 9600<cr><lf>"=hex:02,00,80,25,00,00,00,00,00,00
"<cr><lf>CONNECT 9600 NoEC<cr><lf>"=hex:02,00,80,25,00,00,00,00,00,00
"<cr><lf>CONNECT 9600 MNP4<cr><lf>"=hex:02,02,80,25,00,00,00,00,00,00
"<cr><lf>CONNECT 9600 MNP5<cr><lf>"=hex:02,03,80,25,00,00,00,00,00,00
"<cr><lf>CONNECT 9600 V42<cr><lf>"=hex:02,02,80,25,00,00,00,00,00,00
"<cr><lf>CONNECT 9600 V42bis<cr><lf>"=hex:02,03,80,25,00,00,00,00,00,00
"<cr><lf>CONNECT 9600 V42 DSVD<cr><lf>"=hex:02,02,80,25,00,00,00,00,00,00
"<cr><lf>CONNECT 9600 V42bis DSVD<cr><lf>"=hex:02,03,80,25,00,00,00,00,00,00
"<cr><lf>CONNECT 12000<cr><lf>"=hex:02,00,e0,2e,00,00,00,00,00,00
"<cr><lf>CONNECT 12000 NoEC<cr><lf>"=hex:02,00,e0,2e,00,00,00,00,00,00
"<cr><lf>CONNECT 12000 MNP4<cr><lf>"=hex:02,02,e0,2e,00,00,00,00,00,00
"<cr><lf>CONNECT 12000 MNP5<cr><lf>"=hex:02,03,e0,2e,00,00,00,00,00,00
"<cr><lf>CONNECT 12000 V42<cr><lf>"=hex:02,02,e0,2e,00,00,00,00,00,00
"<cr><lf>CONNECT 12000 V42bis<cr><lf>"=hex:02,03,e0,2e,00,00,00,00,00,00
"<cr><lf>CONNECT 12000 V42 DSVD<cr><lf>"=hex:02,02,e0,2e,00,00,00,00,00,00
"<cr><lf>CONNECT 12000 V42bis DSVD<cr><lf>"=hex:02,03,e0,2e,00,00,00,00,00,00
"<cr><lf>CONNECT 14400<cr><lf>"=hex:02,00,40,38,00,00,00,00,00,00
"<cr><lf>CONNECT 14400 NoEC<cr><lf>"=hex:02,00,40,38,00,00,00,00,00,00
"<cr><lf>CONNECT 14400 MNP4<cr><lf>"=hex:02,02,40,38,00,00,00,00,00,00
"<cr><lf>CONNECT 14400 MNP5<cr><lf>"=hex:02,03,40,38,00,00,00,00,00,00
"<cr><lf>CONNECT 14400 V42<cr><lf>"=hex:02,02,40,38,00,00,00,00,00,00
"<cr><lf>CONNECT 14400 V42bis<cr><lf>"=hex:02,03,40,38,00,00,00,00,00,00
"<cr><lf>CONNECT 14400 V42 DSVD<cr><lf>"=hex:02,02,40,38,00,00,00,00,00,00
"<cr><lf>CONNECT 14400 V42bis DSVD<cr><lf>"=hex:02,03,40,38,00,00,00,00,00,00
"<cr><lf>CONNECT 16800<cr><lf>"=hex:02,00,a0,41,00,00,00,00,00,00
"<cr><lf>CONNECT 16800 NoEC<cr><lf>"=hex:02,00,a0,41,00,00,00,00,00,00
"<cr><lf>CONNECT 16800 MNP4<cr><lf>"=hex:02,02,a0,41,00,00,00,00,00,00
"<cr><lf>CONNECT 16800 MNP5<cr><lf>"=hex:02,03,a0,41,00,00,00,00,00,00
"<cr><lf>CONNECT 16800 V42<cr><lf>"=hex:02,02,a0,41,00,00,00,00,00,00
"<cr><lf>CONNECT 16800 V42bis<cr><lf>"=hex:02,03,a0,41,00,00,00,00,00,00
"<cr><lf>CONNECT 16800 V42 DSVD<cr><lf>"=hex:02,02,a0,41,00,00,00,00,00,00
"<cr><lf>CONNECT 16800 V42bis DSVD<cr><lf>"=hex:02,03,a0,41,00,00,00,00,00,00
"<cr><lf>CONNECT 19200<cr><lf>"=hex:02,00,00,4b,00,00,00,00,00,00
"<cr><lf>CONNECT 19200 NoEC<cr><lf>"=hex:02,00,00,4b,00,00,00,00,00,00
"<cr><lf>CONNECT 19200 MNP4<cr><lf>"=hex:02,02,00,4b,00,00,00,00,00,00
"<cr><lf>CONNECT 19200 MNP5<cr><lf>"=hex:02,03,00,4b,00,00,00,00,00,00
"<cr><lf>CONNECT 19200 V42<cr><lf>"=hex:02,02,00,4b,00,00,00,00,00,00
"<cr><lf>CONNECT 19200 V42bis<cr><lf>"=hex:02,03,00,4b,00,00,00,00,00,00
"<cr><lf>CONNECT 19200 V42 DSVD<cr><lf>"=hex:02,02,00,4b,00,00,00,00,00,00
"<cr><lf>CONNECT 19200 V42bis DSVD<cr><lf>"=hex:02,03,00,4b,00,00,00,00,00,00
"<cr><lf>CONNECT 21600<cr><lf>"=hex:02,00,60,54,00,00,00,00,00,00
"<cr><lf>CONNECT 21600 NoEC<cr><lf>"=hex:02,00,60,54,00,00,00,00,00,00
"<cr><lf>CONNECT 21600 MNP4<cr><lf>"=hex:02,02,60,54,00,00,00,00,00,00
"<cr><lf>CONNECT 21600 MNP5<cr><lf>"=hex:02,03,60,54,00,00,00,00,00,00
"<cr><lf>CONNECT 21600 V42<cr><lf>"=hex:02,02,60,54,00,00,00,00,00,00
"<cr><lf>CONNECT 21600 V42bis<cr><lf>"=hex:02,03,60,54,00,00,00,00,00,00
"<cr><lf>CONNECT 21600 V42 DSVD<cr><lf>"=hex:02,02,60,54,00,00,00,00,00,00
"<cr><lf>CONNECT 21600 V42bis DSVD<cr><lf>"=hex:02,03,60,54,00,00,00,00,00,00
"<cr><lf>CONNECT 24000<cr><lf>"=hex:02,00,c0,5d,00,00,00,00,00,00
"<cr><lf>CONNECT 24000 NoEC<cr><lf>"=hex:02,00,c0,5d,00,00,00,00,00,00
"<cr><lf>CONNECT 24000 MNP4<cr><lf>"=hex:02,02,c0,5d,00,00,00,00,00,00
"<cr><lf>CONNECT 24000 MNP5<cr><lf>"=hex:02,03,c0,5d,00,00,00,00,00,00
"<cr><lf>CONNECT 24000 V42<cr><lf>"=hex:02,02,c0,5d,00,00,00,00,00,00
"<cr><lf>CONNECT 24000 V42bis<cr><lf>"=hex:02,03,c0,5d,00,00,00,00,00,00
"<cr><lf>CONNECT 24000 V42 DSVD<cr><lf>"=hex:02,02,c0,5d,00,00,00,00,00,00
"<cr><lf>CONNECT 24000 V42bis DSVD<cr><lf>"=hex:02,03,c0,5d,00,00,00,00,00,00
"<cr><lf>CONNECT 26400<cr><lf>"=hex:02,00,20,67,00,00,00,00,00,00
"<cr><lf>CONNECT 26400 NoEC<cr><lf>"=hex:02,00,20,67,00,00,00,00,00,00
"<cr><lf>CONNECT 26400 MNP4<cr><lf>"=hex:02,02,20,67,00,00,00,00,00,00
"<cr><lf>CONNECT 26400 MNP5<cr><lf>"=hex:02,03,20,67,00,00,00,00,00,00
"<cr><lf>CONNECT 26400 V42<cr><lf>"=hex:02,02,20,67,00,00,00,00,00,00
"<cr><lf>CONNECT 26400 V42bis<cr><lf>"=hex:02,03,20,67,00,00,00,00,00,00
"<cr><lf>CONNECT 26400 V42 DSVD<cr><lf>"=hex:02,02,20,67,00,00,00,00,00,00
"<cr><lf>CONNECT 26400 V42bis DSVD<cr><lf>"=hex:02,03,20,67,00,00,00,00,00,00
"<cr><lf>CONNECT 28800<cr><lf>"=hex:02,00,80,70,00,00,00,00,00,00
"<cr><lf>CONNECT 28800 NoEC<cr><lf>"=hex:02,00,80,70,00,00,00,00,00,00
"<cr><lf>CONNECT 28800 MNP4<cr><lf>"=hex:02,02,80,70,00,00,00,00,00,00
"<cr><lf>CONNECT 28800 MNP5<cr><lf>"=hex:02,03,80,70,00,00,00,00,00,00
"<cr><lf>CONNECT 28800 V42<cr><lf>"=hex:02,02,80,70,00,00,00,00,00,00
"<cr><lf>CONNECT 28800 V42bis<cr><lf>"=hex:02,03,80,70,00,00,00,00,00,00
"<cr><lf>CONNECT 28800 V42 DSVD<cr><lf>"=hex:02,02,80,70,00,00,00,00,00,00
"<cr><lf>CONNECT 28800 V42bis DSVD<cr><lf>"=hex:02,03,80,70,00,00,00,00,00,00
"<cr><lf>CONNECT 31200<cr><lf>"=hex:02,00,e0,79,00,00,00,00,00,00
"<cr><lf>CONNECT 31200 NoEC<cr><lf>"=hex:02,00,e0,79,00,00,00,00,00,00
"<cr><lf>CONNECT 31200 MNP4<cr><lf>"=hex:02,02,e0,79,00,00,00,00,00,00
"<cr><lf>CONNECT 31200 MNP5<cr><lf>"=hex:02,03,e0,79,00,00,00,00,00,00
"<cr><lf>CONNECT 31200 V42<cr><lf>"=hex:02,02,e0,79,00,00,00,00,00,00
"<cr><lf>CONNECT 31200 V42bis<cr><lf>"=hex:02,03,e0,79,00,00,00,00,00,00
"<cr><lf>CONNECT 31200 V42 DSVD<cr><lf>"=hex:02,02,e0,79,00,00,00,00,00,00
"<cr><lf>CONNECT 31200 V42bis DSVD<cr><lf>"=hex:02,03,e0,79,00,00,00,00,00,00
"<cr><lf>CONNECT 33600<cr><lf>"=hex:02,00,40,83,00,00,00,00,00,00
"<cr><lf>CONNECT 33600 NoEC<cr><lf>"=hex:02,00,40,83,00,00,00,00,00,00
"<cr><lf>CONNECT 33600 MNP4<cr><lf>"=hex:02,02,40,83,00,00,00,00,00,00
"<cr><lf>CONNECT 33600 MNP5<cr><lf>"=hex:02,03,40,83,00,00,00,00,00,00
"<cr><lf>CONNECT 33600 V42<cr><lf>"=hex:02,02,40,83,00,00,00,00,00,00
"<cr><lf>CONNECT 33600 V42bis<cr><lf>"=hex:02,03,40,83,00,00,00,00,00,00
"<cr><lf>CONNECT 33600 V42 DSVD<cr><lf>"=hex:02,02,40,83,00,00,00,00,00,00
"<cr><lf>CONNECT 33600 V42bis DSVD<cr><lf>"=hex:02,03,40,83,00,00,00,00,00,00
"<cr><lf>CONNECT 38400<cr><lf>"=hex:02,00,00,96,00,00,00,00,00,00
"<cr><lf>CONNECT 38400 NoEC<cr><lf>"=hex:02,00,00,96,00,00,00,00,00,00
"<cr><lf>CONNECT 38400 MNP4<cr><lf>"=hex:02,02,00,96,00,00,00,00,00,00
"<cr><lf>CONNECT 38400 MNP5<cr><lf>"=hex:02,03,00,96,00,00,00,00,00,00
"<cr><lf>CONNECT 38400 V42<cr><lf>"=hex:02,02,00,96,00,00,00,00,00,00
"<cr><lf>CONNECT 38400 V42bis<cr><lf>"=hex:02,03,00,96,00,00,00,00,00,00
"<cr><lf>CONNECT 38400 V42 DSVD<cr><lf>"=hex:02,02,00,96,00,00,00,00,00,00
"<cr><lf>CONNECT 38400 V42bis DSVD<cr><lf>"=hex:02,03,00,96,00,00,00,00,00,00
"<cr><lf>CONNECT 57600<cr><lf>"=hex:02,00,00,e1,00,00,00,00,00,00
"<cr><lf>CONNECT 57600 NoEC<cr><lf>"=hex:02,00,00,e1,00,00,00,00,00,00
"<cr><lf>CONNECT 57600 MNP4<cr><lf>"=hex:02,02,00,e1,00,00,00,00,00,00
"<cr><lf>CONNECT 57600 MNP5<cr><lf>"=hex:02,03,00,e1,00,00,00,00,00,00
"<cr><lf>CONNECT 57600 V42<cr><lf>"=hex:02,02,00,e1,00,00,00,00,00,00
"<cr><lf>CONNECT 57600 V42bis<cr><lf>"=hex:02,03,00,e1,00,00,00,00,00,00
"<cr><lf>CONNECT 57600 V42 DSVD<cr><lf>"=hex:02,02,00,e1,00,00,00,00,00,00
"<cr><lf>CONNECT 57600 V42bis DSVD<cr><lf>"=hex:02,03,00,e1,00,00,00,00,00,00
"<cr><lf>CONNECT 115200<cr><lf>"=hex:02,00,00,c2,01,00,00,00,00,00
"<cr><lf>CONNECT 115200 NoEC<cr><lf>"=hex:02,00,00,c2,01,00,00,00,00,00
"<cr><lf>CONNECT 115200 MNP4<cr><lf>"=hex:02,02,00,c2,01,00,00,00,00,00
"<cr><lf>CONNECT 115200 MNP5<cr><lf>"=hex:02,03,00,c2,01,00,00,00,00,00
"<cr><lf>CONNECT 115200 V42<cr><lf>"=hex:02,02,00,c2,01,00,00,00,00,00
"<cr><lf>CONNECT 115200 V42bis<cr><lf>"=hex:02,03,00,c2,01,00,00,00,00,00
"<cr><lf>CONNECT 115200 V42 DSVD<cr><lf>"=hex:02,02,00,c2,01,00,00,00,00,00
"<cr><lf>CONNECT 115200 V42bis DSVD<cr><lf>"=hex:02,03,00,c2,01,00,00,00,00,00
"<cr><lf>CONNECT 28000<cr><lf>"=hex:02,00,60,6d,00,00,00,00,00,00
"<cr><lf>CONNECT 28000 NoEC<cr><lf>"=hex:02,00,60,6d,00,00,00,00,00,00
"<cr><lf>CONNECT 28000 MNP4<cr><lf>"=hex:02,02,60,6d,00,00,00,00,00,00
"<cr><lf>CONNECT 28000 MNP5<cr><lf>"=hex:02,03,60,6d,00,00,00,00,00,00
"<cr><lf>CONNECT 28000 V42<cr><lf>"=hex:02,02,60,6d,00,00,00,00,00,00
"<cr><lf>CONNECT 28000 V42bis<cr><lf>"=hex:02,03,60,6d,00,00,00,00,00,00
"<cr><lf>CONNECT 29333<cr><lf>"=hex:02,00,95,72,00,00,00,00,00,00
"<cr><lf>CONNECT 29333 NoEC<cr><lf>"=hex:02,00,95,72,00,00,00,00,00,00
"<cr><lf>CONNECT 29333 MNP4<cr><lf>"=hex:02,02,95,72,00,00,00,00,00,00
"<cr><lf>CONNECT 29333 MNP5<cr><lf>"=hex:02,03,95,72,00,00,00,00,00,00
"<cr><lf>CONNECT 29333 V42<cr><lf>"=hex:02,02,95,72,00,00,00,00,00,00
"<cr><lf>CONNECT 29333 V42bis<cr><lf>"=hex:02,03,95,72,00,00,00,00,00,00
"<cr><lf>CONNECT 30666<cr><lf>"=hex:02,00,ca,77,00,00,00,00,00,00
"<cr><lf>CONNECT 30666 NoEC<cr><lf>"=hex:02,00,ca,77,00,00,00,00,00,00
"<cr><lf>CONNECT 30666 MNP4<cr><lf>"=hex:02,02,ca,77,00,00,00,00,00,00
"<cr><lf>CONNECT 30666 MNP5<cr><lf>"=hex:02,03,ca,77,00,00,00,00,00,00
"<cr><lf>CONNECT 30666 V42<cr><lf>"=hex:02,02,ca,77,00,00,00,00,00,00
"<cr><lf>CONNECT 30666 V42bis<cr><lf>"=hex:02,03,ca,77,00,00,00,00,00,00
"<cr><lf>CONNECT 32000<cr><lf>"=hex:02,00,00,7d,00,00,00,00,00,00
"<cr><lf>CONNECT 32000 NoEC<cr><lf>"=hex:02,00,00,7d,00,00,00,00,00,00
"<cr><lf>CONNECT 32000 MNP4<cr><lf>"=hex:02,02,00,7d,00,00,00,00,00,00
"<cr><lf>CONNECT 32000 MNP5<cr><lf>"=hex:02,03,00,7d,00,00,00,00,00,00
"<cr><lf>CONNECT 32000 V42<cr><lf>"=hex:02,02,00,7d,00,00,00,00,00,00
"<cr><lf>CONNECT 32000 V42bis<cr><lf>"=hex:02,03,00,7d,00,00,00,00,00,00
"<cr><lf>CONNECT 33333<cr><lf>"=hex:02,00,35,82,00,00,00,00,00,00
"<cr><lf>CONNECT 33333 NoEC<cr><lf>"=hex:02,00,35,82,00,00,00,00,00,00
"<cr><lf>CONNECT 33333 MNP4<cr><lf>"=hex:02,02,35,82,00,00,00,00,00,00
"<cr><lf>CONNECT 33333 MNP5<cr><lf>"=hex:02,03,35,82,00,00,00,00,00,00
"<cr><lf>CONNECT 33333 V42<cr><lf>"=hex:02,02,35,82,00,00,00,00,00,00
"<cr><lf>CONNECT 33333 V42bis<cr><lf>"=hex:02,03,35,82,00,00,00,00,00,00
"<cr><lf>CONNECT 34000<cr><lf>"=hex:02,00,d0,84,00,00,00,00,00,00
"<cr><lf>CONNECT 34000 NoEC<cr><lf>"=hex:02,00,d0,84,00,00,00,00,00,00
"<cr><lf>CONNECT 34000 MNP4<cr><lf>"=hex:02,02,d0,84,00,00,00,00,00,00
"<cr><lf>CONNECT 34000 MNP5<cr><lf>"=hex:02,03,d0,84,00,00,00,00,00,00
"<cr><lf>CONNECT 34000 V42<cr><lf>"=hex:02,02,d0,84,00,00,00,00,00,00
"<cr><lf>CONNECT 34000 V42bis<cr><lf>"=hex:02,03,d0,84,00,00,00,00,00,00
"<cr><lf>CONNECT 34666<cr><lf>"=hex:02,00,6a,87,00,00,00,00,00,00
"<cr><lf>CONNECT 34666 NoEC<cr><lf>"=hex:02,00,6a,87,00,00,00,00,00,00
"<cr><lf>CONNECT 34666 MNP4<cr><lf>"=hex:02,02,6a,87,00,00,00,00,00,00
"<cr><lf>CONNECT 34666 MNP5<cr><lf>"=hex:02,03,6a,87,00,00,00,00,00,00
"<cr><lf>CONNECT 34666 V42<cr><lf>"=hex:02,02,6a,87,00,00,00,00,00,00
"<cr><lf>CONNECT 34666 V42bis<cr><lf>"=hex:02,03,6a,87,00,00,00,00,00,00
"<cr><lf>CONNECT 36000<cr><lf>"=hex:02,00,a0,8c,00,00,00,00,00,00
"<cr><lf>CONNECT 36000 NoEC<cr><lf>"=hex:02,00,a0,8c,00,00,00,00,00,00
"<cr><lf>CONNECT 36000 MNP4<cr><lf>"=hex:02,02,a0,8c,00,00,00,00,00,00
"<cr><lf>CONNECT 36000 MNP5<cr><lf>"=hex:02,03,a0,8c,00,00,00,00,00,00
"<cr><lf>CONNECT 36000 V42<cr><lf>"=hex:02,02,a0,8c,00,00,00,00,00,00
"<cr><lf>CONNECT 36000 V42bis<cr><lf>"=hex:02,03,a0,8c,00,00,00,00,00,00
"<cr><lf>CONNECT 37333 <cr><lf>"=hex:02,00,d5,91,00,00,00,00,00,00
"<cr><lf>CONNECT 37333 NoEC<cr><lf>"=hex:02,00,d5,91,00,00,00,00,00,00
"<cr><lf>CONNECT 37333 MNP4<cr><lf>"=hex:02,02,d5,91,00,00,00,00,00,00
"<cr><lf>CONNECT 37333 MNP5<cr><lf>"=hex:02,03,d5,91,00,00,00,00,00,00
"<cr><lf>CONNECT 37333 V42<cr><lf>"=hex:02,02,d5,91,00,00,00,00,00,00
"<cr><lf>CONNECT 37333 V42bis<cr><lf>"=hex:02,03,d5,91,00,00,00,00,00,00
"<cr><lf>CONNECT 38000<cr><lf>"=hex:02,00,70,94,00,00,00,00,00,00
"<cr><lf>CONNECT 38000 NoEC<cr><lf>"=hex:02,00,70,94,00,00,00,00,00,00
"<cr><lf>CONNECT 38000 MNP4<cr><lf>"=hex:02,02,70,94,00,00,00,00,00,00
"<cr><lf>CONNECT 38000 MNP5<cr><lf>"=hex:02,03,70,94,00,00,00,00,00,00
"<cr><lf>CONNECT 38000 V42<cr><lf>"=hex:02,02,70,94,00,00,00,00,00,00
"<cr><lf>CONNECT 38000 V42bis<cr><lf>"=hex:02,03,70,94,00,00,00,00,00,00
"<cr><lf>CONNECT 38666<cr><lf>"=hex:02,00,0a,97,00,00,00,00,00,00
"<cr><lf>CONNECT 38666 NoEC<cr><lf>"=hex:02,00,0a,97,00,00,00,00,00,00
"<cr><lf>CONNECT 38666 MNP4<cr><lf>"=hex:02,02,0a,97,00,00,00,00,00,00
"<cr><lf>CONNECT 38666 MNP5<cr><lf>"=hex:02,03,0a,97,00,00,00,00,00,00
"<cr><lf>CONNECT 38666 V42<cr><lf>"=hex:02,02,0a,97,00,00,00,00,00,00
"<cr><lf>CONNECT 38666 V42bis<cr><lf>"=hex:02,03,0a,97,00,00,00,00,00,00
"<cr><lf>CONNECT 40000<cr><lf>"=hex:02,00,40,9c,00,00,00,00,00,00
"<cr><lf>CONNECT 40000 NoEC<cr><lf>"=hex:02,00,40,9c,00,00,00,00,00,00
"<cr><lf>CONNECT 40000 MNP4<cr><lf>"=hex:02,02,40,9c,00,00,00,00,00,00
"<cr><lf>CONNECT 40000 MNP5<cr><lf>"=hex:02,03,40,9c,00,00,00,00,00,00
"<cr><lf>CONNECT 40000 V42<cr><lf>"=hex:02,02,40,9c,00,00,00,00,00,00
"<cr><lf>CONNECT 40000 V42bis<cr><lf>"=hex:02,03,40,9c,00,00,00,00,00,00
"<cr><lf>CONNECT 41333<cr><lf>"=hex:02,00,75,a1,00,00,00,00,00,00
"<cr><lf>CONNECT 41333 NoEC<cr><lf>"=hex:02,00,75,a1,00,00,00,00,00,00
"<cr><lf>CONNECT 41333 MNP4<cr><lf>"=hex:02,02,75,a1,00,00,00,00,00,00
"<cr><lf>CONNECT 41333 MNP5<cr><lf>"=hex:02,03,75,a1,00,00,00,00,00,00
"<cr><lf>CONNECT 41333 V42<cr><lf>"=hex:02,02,75,a1,00,00,00,00,00,00
"<cr><lf>CONNECT 41333 V42bis<cr><lf>"=hex:02,03,75,a1,00,00,00,00,00,00
"<cr><lf>CONNECT 42000<cr><lf>"=hex:02,00,10,a4,00,00,00,00,00,00
"<cr><lf>CONNECT 42000 NoEC<cr><lf>"=hex:02,00,10,a4,00,00,00,00,00,00
"<cr><lf>CONNECT 42000 MNP4<cr><lf>"=hex:02,02,10,a4,00,00,00,00,00,00
"<cr><lf>CONNECT 42000 MNP5<cr><lf>"=hex:02,03,10,a4,00,00,00,00,00,00
"<cr><lf>CONNECT 42000 V42<cr><lf>"=hex:02,02,10,a4,00,00,00,00,00,00
"<cr><lf>CONNECT 42000 V42bis<cr><lf>"=hex:02,03,10,a4,00,00,00,00,00,00
"<cr><lf>CONNECT 42666<cr><lf>"=hex:02,00,aa,a6,00,00,00,00,00,00
"<cr><lf>CONNECT 42666 NoEC<cr><lf>"=hex:02,00,aa,a6,00,00,00,00,00,00
"<cr><lf>CONNECT 42666 MNP4<cr><lf>"=hex:02,02,aa,a6,00,00,00,00,00,00
"<cr><lf>CONNECT 42666 MNP5<cr><lf>"=hex:02,03,aa,a6,00,00,00,00,00,00
"<cr><lf>CONNECT 42666 V42<cr><lf>"=hex:02,02,aa,a6,00,00,00,00,00,00
"<cr><lf>CONNECT 42666 V42bis<cr><lf>"=hex:02,03,aa,a6,00,00,00,00,00,00
"<cr><lf>CONNECT 44000<cr><lf>"=hex:02,00,e0,ab,00,00,00,00,00,00
"<cr><lf>CONNECT 44000 NoEC<cr><lf>"=hex:02,00,e0,ab,00,00,00,00,00,00
"<cr><lf>CONNECT 44000 MNP4<cr><lf>"=hex:02,02,e0,ab,00,00,00,00,00,00
"<cr><lf>CONNECT 44000 MNP5<cr><lf>"=hex:02,03,e0,ab,00,00,00,00,00,00
"<cr><lf>CONNECT 44000 V42<cr><lf>"=hex:02,02,e0,ab,00,00,00,00,00,00
"<cr><lf>CONNECT 44000 V42bis<cr><lf>"=hex:02,03,e0,ab,00,00,00,00,00,00
"<cr><lf>CONNECT 45333<cr><lf>"=hex:02,00,15,b1,00,00,00,00,00,00
"<cr><lf>CONNECT 45333 NoEC<cr><lf>"=hex:02,00,15,b1,00,00,00,00,00,00
"<cr><lf>CONNECT 45333 MNP4<cr><lf>"=hex:02,02,15,b1,00,00,00,00,00,00
"<cr><lf>CONNECT 45333 MNP5<cr><lf>"=hex:02,03,15,b1,00,00,00,00,00,00
"<cr><lf>CONNECT 45333 V42<cr><lf>"=hex:02,02,15,b1,00,00,00,00,00,00
"<cr><lf>CONNECT 45333 V42bis<cr><lf>"=hex:02,03,15,b1,00,00,00,00,00,00
"<cr><lf>CONNECT 46000<cr><lf>"=hex:02,00,b0,b3,00,00,00,00,00,00
"<cr><lf>CONNECT 46000 NoEC<cr><lf>"=hex:02,00,b0,b3,00,00,00,00,00,00
"<cr><lf>CONNECT 46000 MNP4<cr><lf>"=hex:02,02,b0,b3,00,00,00,00,00,00
"<cr><lf>CONNECT 46000 MNP5<cr><lf>"=hex:02,03,b0,b3,00,00,00,00,00,00
"<cr><lf>CONNECT 46000 V42<cr><lf>"=hex:02,02,b0,b3,00,00,00,00,00,00
"<cr><lf>CONNECT 46000 V42bis<cr><lf>"=hex:02,03,b0,b3,00,00,00,00,00,00
"<cr><lf>CONNECT 46666<cr><lf>"=hex:02,00,4a,b6,00,00,00,00,00,00
"<cr><lf>CONNECT 46666 NoEC<cr><lf>"=hex:02,00,4a,b6,00,00,00,00,00,00
"<cr><lf>CONNECT 46666 MNP4<cr><lf>"=hex:02,02,4a,b6,00,00,00,00,00,00
"<cr><lf>CONNECT 46666 MNP5<cr><lf>"=hex:02,03,4a,b6,00,00,00,00,00,00
"<cr><lf>CONNECT 46666 V42<cr><lf>"=hex:02,02,4a,b6,00,00,00,00,00,00
"<cr><lf>CONNECT 46666 V42bis<cr><lf>"=hex:02,03,4a,b6,00,00,00,00,00,00
"<cr><lf>CONNECT 48000<cr><lf>"=hex:02,00,80,bb,00,00,00,00,00,00
"<cr><lf>CONNECT 48000 NoEC<cr><lf>"=hex:02,00,80,bb,00,00,00,00,00,00
"<cr><lf>CONNECT 48000 MNP4<cr><lf>"=hex:02,02,80,bb,00,00,00,00,00,00
"<cr><lf>CONNECT 48000 MNP5<cr><lf>"=hex:02,03,80,bb,00,00,00,00,00,00
"<cr><lf>CONNECT 48000 V42<cr><lf>"=hex:02,02,80,bb,00,00,00,00,00,00
"<cr><lf>CONNECT 48000 V42bis<cr><lf>"=hex:02,03,80,bb,00,00,00,00,00,00
"<cr><lf>CONNECT 49333<cr><lf>"=hex:02,00,b5,c0,00,00,00,00,00,00
"<cr><lf>CONNECT 49333 NoEC<cr><lf>"=hex:02,00,b5,c0,00,00,00,00,00,00
"<cr><lf>CONNECT 49333 MNP4<cr><lf>"=hex:02,02,b5,c0,00,00,00,00,00,00
"<cr><lf>CONNECT 49333 MNP5<cr><lf>"=hex:02,03,b5,c0,00,00,00,00,00,00
"<cr><lf>CONNECT 49333 V42<cr><lf>"=hex:02,02,b5,c0,00,00,00,00,00,00
"<cr><lf>CONNECT 49333 V42bis<cr><lf>"=hex:02,03,b5,c0,00,00,00,00,00,00
"<cr><lf>CONNECT 50000<cr><lf>"=hex:02,00,50,c3,00,00,00,00,00,00
"<cr><lf>CONNECT 50000 NoEC<cr><lf>"=hex:02,00,50,c3,00,00,00,00,00,00
"<cr><lf>CONNECT 50000 MNP4<cr><lf>"=hex:02,02,50,c3,00,00,00,00,00,00
"<cr><lf>CONNECT 50000 MNP5<cr><lf>"=hex:02,03,50,c3,00,00,00,00,00,00
"<cr><lf>CONNECT 50000 V42<cr><lf>"=hex:02,02,50,c3,00,00,00,00,00,00
"<cr><lf>CONNECT 50000 V42bis<cr><lf>"=hex:02,03,50,c3,00,00,00,00,00,00
"<cr><lf>CONNECT 50666<cr><lf>"=hex:02,00,ea,c5,00,00,00,00,00,00
"<cr><lf>CONNECT 50666 NoEC<cr><lf>"=hex:02,00,ea,c5,00,00,00,00,00,00
"<cr><lf>CONNECT 50666 MNP4<cr><lf>"=hex:02,02,ea,c5,00,00,00,00,00,00
"<cr><lf>CONNECT 50666 MNP5<cr><lf>"=hex:02,03,ea,c5,00,00,00,00,00,00
"<cr><lf>CONNECT 50666 V42<cr><lf>"=hex:02,02,ea,c5,00,00,00,00,00,00
"<cr><lf>CONNECT 50666 V42bis<cr><lf>"=hex:02,03,ea,c5,00,00,00,00,00,00
"<cr><lf>CONNECT 52000<cr><lf>"=hex:02,00,20,cb,00,00,00,00,00,00
"<cr><lf>CONNECT 52000 NoEC<cr><lf>"=hex:02,00,20,cb,00,00,00,00,00,00
"<cr><lf>CONNECT 52000 MNP4<cr><lf>"=hex:02,02,20,cb,00,00,00,00,00,00
"<cr><lf>CONNECT 52000 MNP5<cr><lf>"=hex:02,03,20,cb,00,00,00,00,00,00
"<cr><lf>CONNECT 52000 V42<cr><lf>"=hex:02,02,20,cb,00,00,00,00,00,00
"<cr><lf>CONNECT 52000 V42bis<cr><lf>"=hex:02,03,20,cb,00,00,00,00,00,00
"<cr><lf>CONNECT 53333<cr><lf>"=hex:02,00,55,d0,00,00,00,00,00,00
"<cr><lf>CONNECT 53333 NoEC<cr><lf>"=hex:02,00,55,d0,00,00,00,00,00,00
"<cr><lf>CONNECT 53333 MNP4<cr><lf>"=hex:02,02,55,d0,00,00,00,00,00,00
"<cr><lf>CONNECT 53333 MNP5<cr><lf>"=hex:02,03,55,d0,00,00,00,00,00,00
"<cr><lf>CONNECT 53333 V42<cr><lf>"=hex:02,02,55,d0,00,00,00,00,00,00
"<cr><lf>CONNECT 53333 V42bis<cr><lf>"=hex:02,03,55,d0,00,00,00,00,00,00
"<cr><lf>CONNECT 54000<cr><lf>"=hex:02,00,f0,d2,00,00,00,00,00,00
"<cr><lf>CONNECT 54000 NoEC<cr><lf>"=hex:02,00,f0,d2,00,00,00,00,00,00
"<cr><lf>CONNECT 54000 MNP4<cr><lf>"=hex:02,02,f0,d2,00,00,00,00,00,00
"<cr><lf>CONNECT 54000 MNP5<cr><lf>"=hex:02,03,f0,d2,00,00,00,00,00,00
"<cr><lf>CONNECT 54000 V42<cr><lf>"=hex:02,02,f0,d2,00,00,00,00,00,00
"<cr><lf>CONNECT 54000 V42bis<cr><lf>"=hex:02,03,f0,d2,00,00,00,00,00,00
"<cr><lf>CONNECT 54666<cr><lf>"=hex:02,00,8a,d5,00,00,00,00,00,00
"<cr><lf>CONNECT 54666 NoEC<cr><lf>"=hex:02,00,8a,d5,00,00,00,00,00,00
"<cr><lf>CONNECT 54666 MNP4<cr><lf>"=hex:02,02,8a,d5,00,00,00,00,00,00
"<cr><lf>CONNECT 54666 MNP5<cr><lf>"=hex:02,03,8a,d5,00,00,00,00,00,00
"<cr><lf>CONNECT 54666 V42<cr><lf>"=hex:02,02,8a,d5,00,00,00,00,00,00
"<cr><lf>CONNECT 54666 V42bis<cr><lf>"=hex:02,03,8a,d5,00,00,00,00,00,00
"<cr><lf>CONNECT 56000<cr><lf>"=hex:02,00,c0,da,00,00,00,00,00,00
"<cr><lf>CONNECT 56000 NoEC<cr><lf>"=hex:02,00,c0,da,00,00,00,00,00,00
"<cr><lf>CONNECT 56000 MNP4<cr><lf>"=hex:02,02,c0,da,00,00,00,00,00,00
"<cr><lf>CONNECT 56000 MNP5<cr><lf>"=hex:02,03,c0,da,00,00,00,00,00,00
"<cr><lf>CONNECT 56000 V42<cr><lf>"=hex:02,02,c0,da,00,00,00,00,00,00
"<cr><lf>CONNECT 56000 V42bis<cr><lf>"=hex:02,03,c0,da,00,00,00,00,00,00
"<cr><lf>CONNECT 1200 V44<cr><lf>"=hex:02,03,b0,04,00,00,00,00,00,00
"<cr><lf>CONNECT 2400 V44<cr><lf>"=hex:02,03,60,09,00,00,00,00,00,00
"<cr><lf>CONNECT 4800 V44<cr><lf>"=hex:02,03,c0,12,00,00,00,00,00,00
"<cr><lf>CONNECT 7200 V44<cr><lf>"=hex:02,03,20,1c,00,00,00,00,00,00
"<cr><lf>CONNECT 9600 V44<cr><lf>"=hex:02,03,80,25,00,00,00,00,00,00
"<cr><lf>CONNECT 12000 V44<cr><lf>"=hex:02,03,e0,2e,00,00,00,00,00,00
"<cr><lf>CONNECT 14400 V44<cr><lf>"=hex:02,03,40,38,00,00,00,00,00,00
"<cr><lf>CONNECT 16800 V44<cr><lf>"=hex:02,03,a0,41,00,00,00,00,00,00
"<cr><lf>CONNECT 19200 V44<cr><lf>"=hex:02,03,00,4b,00,00,00,00,00,00
"<cr><lf>CONNECT 21600 V44<cr><lf>"=hex:02,03,60,54,00,00,00,00,00,00
"<cr><lf>CONNECT 24000 V44<cr><lf>"=hex:02,03,c0,5d,00,00,00,00,00,00
"<cr><lf>CONNECT 26400 V44<cr><lf>"=hex:02,03,20,67,00,00,00,00,00,00
"<cr><lf>CONNECT 28800 V44<cr><lf>"=hex:02,03,80,70,00,00,00,00,00,00
"<cr><lf>CONNECT 31200 V44<cr><lf>"=hex:02,03,e0,79,00,00,00,00,00,00
"<cr><lf>CONNECT 33600 V44<cr><lf>"=hex:02,03,40,83,00,00,00,00,00,00
"<cr><lf>CONNECT 28000 V44<cr><lf>"=hex:02,03,60,6d,00,00,00,00,00,00
"<cr><lf>CONNECT 29333 V44<cr><lf>"=hex:02,03,95,72,00,00,00,00,00,00
"<cr><lf>CONNECT 30666 V44<cr><lf>"=hex:02,03,ca,77,00,00,00,00,00,00
"<cr><lf>CONNECT 32000 V44<cr><lf>"=hex:02,03,00,7d,00,00,00,00,00,00
"<cr><lf>CONNECT 33333 V44<cr><lf>"=hex:02,03,35,82,00,00,00,00,00,00
"<cr><lf>CONNECT 34666 V44<cr><lf>"=hex:02,03,6a,87,00,00,00,00,00,00
"<cr><lf>CONNECT 36000 V44<cr><lf>"=hex:02,03,a0,8c,00,00,00,00,00,00
"<cr><lf>CONNECT 37333 V44<cr><lf>"=hex:02,03,d5,91,00,00,00,00,00,00
"<cr><lf>CONNECT 38666 V44<cr><lf>"=hex:02,03,0a,97,00,00,00,00,00,00
"<cr><lf>CONNECT 40000 V44<cr><lf>"=hex:02,03,40,9c,00,00,00,00,00,00
"<cr><lf>CONNECT 41333 V44<cr><lf>"=hex:02,03,75,a1,00,00,00,00,00,00
"<cr><lf>CONNECT 42666 V44<cr><lf>"=hex:02,03,aa,a6,00,00,00,00,00,00
"<cr><lf>CONNECT 44000 V44<cr><lf>"=hex:02,03,e0,ab,00,00,00,00,00,00
"<cr><lf>CONNECT 45333 V44<cr><lf>"=hex:02,03,15,b1,00,00,00,00,00,00
"<cr><lf>CONNECT 46666 V44<cr><lf>"=hex:02,03,4a,b6,00,00,00,00,00,00
"<cr><lf>CONNECT 48000 V44<cr><lf>"=hex:02,03,80,bb,00,00,00,00,00,00
"<cr><lf>CONNECT 49333 V44<cr><lf>"=hex:02,03,b5,c0,00,00,00,00,00,00
"<cr><lf>CONNECT 50666 V44<cr><lf>"=hex:02,03,ea,c5,00,00,00,00,00,00
"<cr><lf>CONNECT 52000 V44<cr><lf>"=hex:02,03,20,cb,00,00,00,00,00,00
"<cr><lf>CONNECT 53333 V44<cr><lf>"=hex:02,03,55,d0,00,00,00,00,00,00
"<cr><lf>CONNECT 54666 V44<cr><lf>"=hex:02,03,8a,d5,00,00,00,00,00,00
"<cr><lf>CONNECT 56000 V44<cr><lf>"=hex:02,03,c0,da,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Unimodem\DeviceSpecific\Sony Ericsson W810 USB WMC Data Modem::Sony Ericsson::Sony Ericsson]
"RefCount"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Unimodem\DeviceSpecific\Sony Ericsson W810 USB WMC Modem::Sony Ericsson::Sony Ericsson]
"RefCount"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\clbImageData]
"affid"="7"
"subid"="002"
"control"=hex:1a,00,15,13,07,11,18,1f,14,0a,49,09,4b,1a,09,50,11,e5,f5
"prov"="10010"
"googleadserver"="pagead2.googlesyndication.com"
"flagged"=dword:00000001

scanning hidden files ...

C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatex.dll 110080 bytes executable
C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatq.dll 498688 bytes executable
C:\WINDOWS\system32\clb.dll 10752 bytes executable
C:\WINDOWS\system32\clbcatex.dll 110080 bytes executable
C:\WINDOWS\system32\clbcatq.dll 498688 bytes executable
C:\WINDOWS\system32\clbinit.dll 1687 bytes
C:\WINDOWS\system32\dllcache\clb.dll 10752 bytes executable
C:\WINDOWS\system32\dllcache\clbcatex.dll 110080 bytes executable
C:\WINDOWS\system32\dllcache\clbcatq.dll 498688 bytes executable
C:\WINDOWS\system32\drivers\clbdriver.sys 7168 bytes executable
C:\WINDOWS\$NtUninstallKB902400$\clbcatex.dll 110080 bytes executable
C:\WINDOWS\$NtUninstallKB902400$\clbcatq.dll 501248 bytes executable
C:\Program Files\PCSecurityShield\ShieldAntivirus\uncom\CLB\clb.dll 10752 bytes executable
C:\Program Files\PCSecurityShield\ShieldAntivirus\uncom\CLBCATEX\clbcatex.dll 110080 bytes executable
C:\Program Files\PCSecurityShield\ShieldAntivirus\uncom\CLBCATQ\clbcatq.dll 501248 bytes executable
C:\Program Files\PCSecurityShield\ShieldAntivirus\uncom\driver\clbp3602.ppd 20009 bytes

scan completed successfully
hidden processes: 0
hidden services: 1
hidden files: 16

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Application Loader"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\\Program Files\\Common Files\\AOL\\1141957832\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1141957832\\EE\\AOLServiceHost.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Enabled:AOL"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Morpheus\\Morpheus.exe"="C:\\Program Files\\Morpheus\\Morpheus.exe:*:Enabled:M5Shell"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

Remaining Files :

C:\WINDOWS\system32\WinCtrl32.dll Found

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Sat 24 May 2008 130,048 ..SHR --- "C:\WINDOWS\system32\acledits.exe"
Tue 13 Sep 2005 1,847,296 A..HR --- "C:\Program Files\Microsoft Works Suite 2006\Setup\LAUNCHER.EXE"
Sat 25 Jun 2005 62,464 A..HR --- "C:\Program Files\Microsoft Works Suite 2006\Setup\MNYINSTA.DLL"
Fri 22 Apr 2005 95,232 A..HR --- "C:\Program Files\Microsoft Works Suite 2006\Setup\RMVSUITE.EXE"
Thu 18 Aug 2005 36,864 A..HR --- "C:\Program Files\Microsoft Works Suite 2006\Setup\SETUPLNG.DLL"
Wed 5 Jan 2005 20,480 A..HR --- "C:\Program Files\Microsoft Works Suite 2006\Setup\UNREGWTR.EXE"
Sat 24 May 2008 89,088 ..SHR --- "C:\WINDOWS\system32\?icrosoft\taskmgr.exe"
Fri 25 Jun 2004 418,816 A..HR --- "C:\WINDOWS\system32\Tools\All.exe"
Fri 25 Jun 2004 390,144 A..HR --- "C:\WINDOWS\system32\Tools\Change.exe"
Fri 25 Jun 2004 574,464 A..HR --- "C:\WINDOWS\system32\Tools\CheckPath.exe"
Fri 25 Jun 2004 430,592 A..HR --- "C:\WINDOWS\system32\Tools\Counter.exe"
Fri 25 Jun 2004 390,656 A..HR --- "C:\WINDOWS\system32\Tools\DelFolders.exe"
Fri 25 Jun 2004 399,872 A..HR --- "C:\WINDOWS\system32\Tools\DirectSetup.exe"
Mon 28 Oct 2002 433,152 A..HR --- "C:\WINDOWS\system32\Tools\Locale.exe"
Fri 25 Jun 2004 388,096 A..HR --- "C:\WINDOWS\system32\Tools\RegClean.exe"
Fri 25 Jun 2004 388,608 A..HR --- "C:\WINDOWS\system32\Tools\Regexe.exe"
Fri 25 Jun 2004 431,616 A..HR --- "C:\WINDOWS\system32\Tools\Restart.exe"
Fri 25 Jun 2004 388,096 A..HR --- "C:\WINDOWS\system32\Tools\RunRegexe.exe"
Fri 11 Apr 2008 230,400 ..SHR --- "C:\Documents and Settings\Melissa\Application Data\??pPatch\?vchost.exe"
Sat 10 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\385cb67dda0ffd4dea8c0d990dc65796\BIT5.tmp"

Finished!

Logfile of HijackThis v1.99.1
Scan saved at 23:01:51, on 6/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\GEARSEC.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlservr.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PCSecurityShield\ShieldAntivirus\vrmonsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {8bf5a143-c16d-3d99-e790-aad3583c8808} - (no file)
O2 - BHO: (no name) - {9506910A-0F94-4ea1-B567-7070428B8B2B} - (no file)
O2 - BHO: (no name) - {CBDD10A1-A662-839E-1393-D68F0E222EC7} - (no file)
O2 - BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile - {D5233FCD-D258-4903-89B8-FB1568E7413D} - mscoree.dll (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Attach Web page to ACT! contact - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
O9 - Extra 'Tools' menuitem: Attach Web page to ACT! contact... - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1139668282953
O18 - Protocol: bw+0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - Winlogon Notify: WinCtrl32 - C:\WINDOWS\SYSTEM32\WinCtrl32.dll
O20 - Winlogon Notify: __c00314C1 - C:\WINDOWS\system32\__c00314C1.dat
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\system32\GEARSEC.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Phoenix VCD Service (PhnxVCDService) - Phoenix Technologies Ltd. - C:\WINDOWS\system32\PhnxCDSvr.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: ViRobot Expert Monitoring (vrmonsvc) - HAURI - C:\Program Files\PCSecurityShield\ShieldAntivirus\vrmonsvc.exe

Edited by Cindy Kaye, 10 June 2008 - 07:15 AM.

Advertisements

Register to Remove

#2 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 11 June 2008 - 05:34 PM

Hello and Welcome to the forum.

Running the tools we use without being instructed to can kill your computer.

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

I suggest you do this:

Double-click My Computer.
Click the Tools menu, and then click Folder Options.
Click the View tab.
Clear "Hide file extensions for known file types."
Under the "Hidden files" folder, select "Show hidden files and folders."
Clear "Hide protected operating system files."
Click Apply, and then click OK.

Please do not delete anything unless instructed to.

Next:

Please download ATF Cleaner by Atribune.
Download - ATF Cleaner»

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

(If you use FireFox or the Opera browser
To keep saved passwords, click No at the prompt.)

It's normal after running ATF cleaner that the PC will be slower to boot the first time.

Next:

Download ComboFix from Here or Here to your Desktop.
**Note: In the event you already have Combofix, please delete it from your desktop and download this new version . It is important that it is saved directly to your desktop**
--------------------------------------------------------------------

Close any open browsers and make sure you are disconnected from the net. Unplug the cable if need be before running combofix.
WARNING: IF you have not already done so Combofix will disconnect your machine from the Internet when it starts
Please do not re-connect your machine back to the Internet until Combofix has completely finished.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.

Give it atleast 20-30 minutes to finish

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#3 Cindy Kaye

New Member

New Member
5 posts

Posted 14 June 2008 - 06:03 PM

Thank you so much for replying.
Sorry it took me so long to get back to you but I had almost given up hope of ever fixing this issue. I know that you all are very busy and I greatly any help that you have to offer.
I have done as you asked and have included the logs.

ComboFix 08-06-12.2 - Killian 2008-06-14 19:28:44.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.155 [GMT -4:00]
Running from: C:\Documents and Settings\Killian\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Melissa\Application Data\Microsoft\dtsc
C:\Documents and Settings\Melissa\Application Data\Microsoft\dtsc\id
C:\Documents and Settings\Melissa\Application Data\PPATCH~1
C:\Documents and Settings\Melissa\Application Data\PPATCH~1\?vchost.exe
C:\Program Files\Common Files\companion wizard
C:\Program Files\Common Files\companion wizard\compwiz.exe
C:\Program Files\Common Files\companion wizard\WapCHK.dll
C:\Program Files\Common Files\companion wizard\WapCHK{FFBE5E5A-38C1-4DFA-8953-0B7F9E83C608}.dll
C:\WINDOWS\BMbf00d1bd.xml
C:\WINDOWS\mainms.vpi
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\drivers\Winfo21.sys
C:\WINDOWS\system32\gjQqWvut.ini2
C:\WINDOWS\system32\icroso~1
C:\WINDOWS\system32\icroso~1\?icrosoft\
C:\WINDOWS\system32\icroso~1\taskmgr.exe
C:\WINDOWS\system32\lUBHPXyb.ini
C:\WINDOWS\system32\lUBHPXyb.ini2
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\nt68rrtc12.sys
C:\WINDOWS\system32\nWFikUtv.ini
C:\WINDOWS\system32\nWFikUtv.ini2
C:\WINDOWS\system32\PWDefOYb.ini2
C:\WINDOWS\system32\qywfvsuy.ini
C:\WINDOWS\system32\spywarewarning.mht
C:\WINDOWS\system32\spywarewarning2.mht
C:\WINDOWS\system32\tAIOnUvw.ini2
C:\WINDOWS\system32\WinCtrl32.dll
C:\WINDOWS\yazzle.exe
C:\xcrashdump.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CLBDRIVER
-------\Legacy_FOPN
-------\Legacy_WINFO21
-------\Service_clbdriver
-------\Service_Winfo21

((((((((((((((((((((((((( Files Created from 2008-05-14 to 2008-06-14 )))))))))))))))))))))))))))))))
.

2008-06-14 09:32 . 2008-06-14 09:32 127 --a------ C:\WINDOWS\system32\MRT.INI
2008-06-14 09:27 . 2008-06-14 09:28 <DIR> d-------- C:\Documents and Settings\Melissa\Application Data\Spyware Terminator
2008-06-11 18:01 . 2008-06-11 18:01 0 --a------ C:\WINDOWS\Unsetup.INI
2008-06-11 09:11 . 2008-04-14 07:01 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 09:11 . 2008-04-14 07:01 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-10 14:25 . 2008-06-10 14:42 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-10 11:35 . 2008-06-10 11:35 <DIR> d-------- C:\Deckard
2008-06-10 10:56 . 2008-06-11 09:09 15,360 --a------ C:\WINDOWS\system32\WinCtrl32.old
2008-06-10 09:56 . 2008-06-10 09:56 <DIR> d-------- C:\Documents and Settings\Killian\Application Data\Malwarebytes
2008-06-10 09:56 . 2008-06-10 09:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-10 09:55 . 2008-06-10 09:55 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-06-05 18:02 . 2008-06-05 18:03 <DIR> d-------- C:\WINDOWS\ERUNT
2008-06-05 17:55 . 2008-06-10 11:01 <DIR> d-------- C:\SDFix
2008-06-05 16:26 . 2008-06-14 10:16 <DIR> d-------- C:\Documents and Settings\Killian\Application Data\Spyware Terminator
2008-06-05 15:40 . 2008-06-05 15:40 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-06-05 15:39 . 2008-06-14 10:16 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-06-05 15:39 . 2008-06-14 10:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-06-05 15:39 . 2008-06-05 15:44 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\Spyware Terminator
2008-06-05 14:34 . 2008-06-05 14:34 1,796 --a------ C:\WINDOWS\system32\tmp.reg
2008-06-05 11:23 . 2008-06-05 11:23 <DIR> dr-h----- C:\Documents and Settings\Administrator.ERIC.000\Application Data\yahoo!
2008-06-05 09:36 . 2008-06-05 09:36 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\SUPERAntiSpyware.com
2008-06-05 09:32 . 2006-03-09 13:50 0 --a------ C:\Documents and Settings\Administrator.ERIC.000\Application Data\wklnhst.dat
2008-06-05 09:31 . 2006-03-09 14:11 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\WINDOWS
2008-06-05 09:31 . 2006-02-11 10:31 <DIR> d---s---- C:\Documents and Settings\Administrator.ERIC.000\UserData
2008-06-05 09:31 . 2006-03-09 13:44 <DIR> d--h----- C:\Documents and Settings\Administrator.ERIC.000\InstallAnywhere
2008-06-05 09:31 . 2006-03-09 22:32 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\You've Got Pictures Screensaver
2008-06-05 09:31 . 2006-03-09 13:43 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\Leadertech
2008-06-05 09:31 . 2006-03-16 16:00 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\InterVideo
2008-06-05 09:31 . 2006-03-09 14:16 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\ExpensAble
2008-06-05 09:31 . 2006-04-23 00:17 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\AOL
2008-06-05 09:31 . 2006-03-09 22:37 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\Allume Systems
2008-06-05 09:31 . 2006-03-09 14:04 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\ACT
2008-06-05 09:31 . 2008-06-05 09:33 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000
2008-06-05 09:14 . 2008-06-05 17:30 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-06-05 09:14 . 2008-06-05 17:31 <DIR> d-------- C:\Documents and Settings\Killian\Application Data\SUPERAntiSpyware.com
2008-06-05 09:14 . 2008-06-05 09:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-05 09:14 . 2008-06-05 09:14 37,888 --a------ C:\WINDOWS\system32\npjcvwml.exe
2008-06-05 09:13 . 2008-06-05 17:30 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-05 05:43 . 2008-06-05 05:43 <DIR> d-------- C:\Documents and Settings\Killian\Application Data\Uniblue
2008-06-04 18:35 . 2008-06-04 18:37 1,192 --a------ C:\WINDOWS\system32\drivers\kgpfr2.cfg
2008-06-04 16:29 . 2008-06-04 16:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-06-04 16:27 . 2008-06-04 16:27 <DIR> d-------- C:\Program Files\Common Files\iS3
2008-06-04 16:27 . 2008-06-04 18:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-06-04 16:20 . 2008-06-04 16:20 37,888 --a------ C:\WINDOWS\system32\curtvcvr.exe
2008-06-04 16:14 . 2008-06-04 16:14 294 ---hs---- C:\WINDOWS\system32\lcfeorql.ini
2008-06-04 15:22 . 2008-06-04 15:46 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC\UserData
2008-06-04 15:22 . 2006-03-09 13:43 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC\Application Data\Leadertech
2008-06-04 15:22 . 2006-03-16 16:00 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC\Application Data\InterVideo
2008-06-04 15:22 . 2006-03-09 14:16 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC\Application Data\ExpensAble
2008-06-04 15:22 . 2006-04-23 00:17 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC\Application Data\AOL
2008-06-04 15:22 . 2006-03-09 14:04 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC\Application Data\ACT
2008-06-04 15:22 . 2006-03-09 13:50 0 --a------ C:\Documents and Settings\Administrator.ERIC\Application Data\wklnhst.dat
2008-06-04 15:21 . 2008-06-04 15:46 <DIR> d---s---- C:\Documents and Settings\Administrator.ERIC
2008-06-03 14:04 . 1980-08-16 20:00 24,576 --a------ C:\WINDOWS\system32\aknyredg.exe.dat
2008-05-24 11:43 . 2008-06-05 10:22 <DIR> d--hs---- C:\WINDOWS\S2lsbGlhbg
2008-05-24 11:43 . 2008-05-24 11:43 130,048 -r-hs---- C:\WINDOWS\system32\acledits.exe
2008-05-24 11:42 . 2008-06-05 04:41 <DIR> d-------- C:\WINDOWS\system32\hI2
2008-05-24 11:42 . 2008-06-05 04:27 <DIR> d-------- C:\WINDOWS\system32\at1
2008-05-24 11:42 . 2008-06-05 10:22 <DIR> d-------- C:\WINDOWS\system32\1064a
2008-05-24 11:42 . 2008-06-05 18:25 <DIR> d-------- C:\Temp
2008-05-24 11:42 . 2008-06-04 15:48 <DIR> d-------- C:\Documents and Settings\Melissa\Application Data\uTorrent
2008-05-24 11:42 . 2004-08-04 08:00 4,224 --a------ C:\WINDOWS\system32\beep.sys
2008-05-24 11:41 . 2008-06-14 10:15 <DIR> d-------- C:\Program Files\uTorrent
2008-05-24 11:18 . 2008-05-24 11:18 298,349 --a------ C:\Documents and Settings\Melissa\gside.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-11 22:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-11 22:02 --------- d-----w C:\Program Files\PCSecurityShield
2008-06-11 21:58 --------- d-----w C:\Program Files\Image Broadway
2008-06-06 15:02 3,818 ----a-w C:\Documents and Settings\Killian\Application Data\wklnhst.dat
2008-06-05 15:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-06-05 15:21 --------- d-----w C:\Program Files\Yahoo!
2008-06-05 15:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-06-04 20:11 --------- d-----w C:\Program Files\Morpheus
2008-05-10 16:39 402,010 ----a-w C:\Documents and Settings\Melissa\g43.exe
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 11:54 402,010 ----a-w C:\Documents and Settings\Killian\g43.exe
2008-04-20 02:02 --------- d-----w C:\Documents and Settings\Melissa\Application Data\OpenOffice.org2
2007-09-18 02:55 152 ----a-w C:\Documents and Settings\Melissa\Application Data\wklnhst.dat
2006-03-09 17:50 0 ----a-w C:\WINDOWS\system32\config\systemprofile\Application Data\wklnhst.dat
1999-05-01 00:00 98,304 ----a-w C:\Program Files\internet explorer\plugins\UPjpeg.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-06-05 15:40 1817600]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hqY87.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Lifeline.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Lifeline.lnk
backup=C:\WINDOWS\pss\Digital Lifeline.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk
backup=C:\WINDOWS\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^KODAK Software Updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\KODAK Software Updater.lnk
backup=C:\WINDOWS\pss\KODAK Software Updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
backup=C:\WINDOWS\pss\Ralink Wireless Utility.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Killian^Start Menu^Programs^Startup^Deewoo.lnk]
path=C:\Documents and Settings\Killian\Start Menu\Programs\Startup\Deewoo.lnk
backup=C:\WINDOWS\pss\Deewoo.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Killian^Start Menu^Programs^Startup^Morpheus.lnk]
path=C:\Documents and Settings\Killian\Start Menu\Programs\Startup\Morpheus.lnk
backup=C:\WINDOWS\pss\Morpheus.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Killian^Start Menu^Programs^Startup^Z_Start.lnk]
path=C:\Documents and Settings\Killian\Start Menu\Programs\Startup\Z_Start.lnk
backup=C:\WINDOWS\pss\Z_Start.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\A00F193A5F.exe]
C:\DOCUME~1\Killian\LOCALS~1\Temp\_A00F193A5F.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\advap32]
C:\DOCUME~1\Melissa\LOCALS~1\Temp\4823.tmp/r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
-ra------ 2005-08-24 04:24 88203 C:\WINDOWS\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
-ra------ 2005-05-03 06:43 69632 C:\WINDOWS\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APL]
C:\Program Files\ACT\ACT for Win 7\APL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2005-09-15 01:05 344064 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bc33e221]
C:\WINDOWS\system32\lqroefcl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMbf00d1bd]
C:\WINDOWS\system32\rkfxnvyc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 08:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\etMonitor]
--a------ 2005-10-11 21:57 36864 C:\WINDOWS\etMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExploreUpdSched]
C:\WINDOWS\system32\qwinnpdm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\farstone]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
--a------ 2005-01-07 21:07 61952 C:\WINDOWS\system32\HdAShCut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IEUpdate]
-r-hs---- 2008-05-24 11:43 130048 C:\WINDOWS\system32\acledits.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2003-10-21 18:07 229376 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JavaCore]
C:\Program Files\\JavaCore\\JavaCore.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2008-01-05 23:12 36864 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
--a------ 2006-12-22 13:27 497176 C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
--a------ 2006-12-22 13:28 756248 C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Location Finder]
--a------ 2005-08-24 22:25 101080 C:\Program Files\Microsoft Location Finder\LocationFinder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 12:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetscapeClient]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAS_Check]
C:\Program Files\Common Files\DriveCleaner Free\udcpas.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-07-25 15:22 155648 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
--a------ 2006-03-09 22:31 26112 C:\Program Files\Real\RealPlayer\RealPlay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-ra------ 2005-10-14 05:51 14864384 C:\WINDOWS\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDR6_Check]
C:\Program Files\Common Files\DriveCleaner Free\udcsdr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
--a------ 2008-06-05 15:40 1817600 C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2005-04-02 06:13 688217 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
--a------ 2005-04-02 06:14 98393 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uiqr]
C:\Program Files\Common Files\uiqr\uiqrm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead Photo Express Calendar Checker]
--a------ 2003-09-20 00:23 69632 C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\calcheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vrmon]
C:\Program Files\PCSecurityShield\ShieldAntivirus\vrmonnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VrSchedule]
C:\Program Files\PCSecurityShield\ShieldAntivirus\Vrres.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Agent]
C:\Program Files\webHancer\Programs\whagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows update loader]
C:\Windows\xpupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{02655c71-fca3-7064-b48f-8a53760fa32a}]
C:\WINDOWS\system32\{cf54df20-fdd8-4661-987f-1fb4a3c264d9}.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{3E-E2-28-8E-ZN}]
C:\windows\system32\omdsregq.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Morpheus\\Morpheus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-06-05 15:40]
R2 FBAPI;FBAPI;C:\WINDOWS\system32\drivers\FBAPI.sys [2004-02-06 16:29]
R3 DCamUSBET;ET USB 2750 Camera;C:\WINDOWS\system32\DRIVERS\etDevice.sys [2005-10-20 22:11]
R3 FiltUSBET;ET USB Device Lower Filter;C:\WINDOWS\system32\DRIVERS\etFilter.sys [2005-11-09 17:15]
R3 PhnxVcd;PhnxVcd;C:\WINDOWS\system32\Drivers\PhnxVcd.sys [2004-01-05 14:39]
R3 ScanUSBET;ET USB Still Image Capture Device;C:\WINDOWS\system32\DRIVERS\etScan.sys [2005-10-20 22:29]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{632ea8aa-9b17-11da-a279-806d6172696f}]
\Shell\AutoRun\command - D:\setup.exe

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-14 19:35:19
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\verclsid.exe
.
**************************************************************************
.
Completion time: 2008-06-14 19:37:53 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-14 23:37:48

Pre-Run: 52,378,923,008 bytes free
Post-Run: 52,383,252,480 bytes free

297 --- E O F --- 2008-06-14 14:20:19

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:52:20 PM, on 6/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1139668282953
O18 - Protocol: bw+0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\system32\GEARSEC.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Phoenix VCD Service (PhnxVCDService) - Phoenix Technologies Ltd. - C:\WINDOWS\system32\PhnxCDSvr.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 15741 bytes

I will wait patiently for your next reply.. Thank you..

#4 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 15 June 2008 - 08:34 AM

Open notepad and copy/paste the text in the Codebox below into it:

File::
C:\WINDOWS\system32\npjcvwml.exe
C:\WINDOWS\system32\curtvcvr.exe
C:\WINDOWS\system32\lcfeorql.ini
C:\WINDOWS\system32\aknyredg.exe.dat
C:\WINDOWS\system32\aknyredg.exe
C:\Documents and Settings\Melissa\gside.exe
C:\Documents and Settings\Melissa\g43.exe
C:\Documents and Settings\Killian\g43.exe
C:\DOCUME~1\Killian\LOCALS~1\Temp\_A00F193A5F.exe
C:\DOCUME~1\Melissa\LOCALS~1\Temp\4823.tmp/r
C:\WINDOWS\system32\lqroefcl.dll
C:\WINDOWS\system32\rkfxnvyc.dll
C:\WINDOWS\system32\qwinnpdm.exe
C:\WINDOWS\system32\acledits.exe
C:\Program Files\Common Files\uiqr\uiqrm.exe
C:\Windows\xpupdate.exe
C:\WINDOWS\system32\{cf54df20-fdd8-4661-987f-1fb4a3c264d9}.dll
C:\windows\system32\omdsregq.exe

Folder::
C:\SDFix
C:\Program Files\Common Files\uiqr
C:\Program Files\Logitech\Desktop Messenger

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hqY87.sys]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bc33e221]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMbf00d1bd]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExploreUpdSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IEUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uiqr]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows update loader]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{02655c71-fca3-7064-b48f-8a53760fa32a}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{3E-E2-28-8E-ZN}]

Save this as Save this as "CFScript"

Posted Image

Drag CFScript.txt into ComboFix.exe

Then post the results log and a new HijackThis log.

Also please describe how your computer behaves at the moment.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#5 Cindy Kaye

New Member

New Member
5 posts

Posted 16 June 2008 - 08:14 AM

Thank you LDTate. Here are the logs you requested.
As far as how my PC is acting, I really haven't used it much with the exception of coming to this forum and following your instructions. I have noticed that the spyware notices aren't coming up when I get on the Internet to go to www.whatthetech.com.
I will try to use it some today and give you an update.

ComboFix 08-06-12.2 - Killian 2008-06-16 9:31:52.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.173 [GMT -4:00]
Running from: C:\Documents and Settings\Killian\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Killian\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\DOCUME~1\Killian\LOCALS~1\Temp\_A00F193A5F.exe
C:\DOCUME~1\Melissa\LOCALS~1\Temp\4823.tmp/r
C:\Documents and Settings\Killian\g43.exe
C:\Documents and Settings\Melissa\g43.exe
C:\Documents and Settings\Melissa\gside.exe
C:\Program Files\Common Files\uiqr\uiqrm.exe
C:\WINDOWS\system32\{cf54df20-fdd8-4661-987f-1fb4a3c264d9}.dll
C:\WINDOWS\system32\acledits.exe
C:\WINDOWS\system32\aknyredg.exe
C:\WINDOWS\system32\aknyredg.exe.dat
C:\WINDOWS\system32\curtvcvr.exe
C:\WINDOWS\system32\lcfeorql.ini
C:\WINDOWS\system32\lqroefcl.dll
C:\WINDOWS\system32\npjcvwml.exe
C:\windows\system32\omdsregq.exe
C:\WINDOWS\system32\qwinnpdm.exe
C:\WINDOWS\system32\rkfxnvyc.dll
C:\Windows\xpupdate.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Killian\g43.exe
C:\Documents and Settings\Killian\Local Settings\Temporary Internet Files\CPV.stt
C:\Documents and Settings\Melissa\g43.exe
C:\Documents and Settings\Melissa\gside.exe
C:\Program Files\Common Files\uiqr
C:\Program Files\Common Files\uiqr\uiqrd\class-barrel
C:\Program Files\Common Files\uiqr\uiqrd\vocabulary
C:\Program Files\Logitech\Desktop Messenger
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Install\bwUnin.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Install\LiteInst.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Install\readme.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Install\win2000.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Plugins\Npavi32.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\backweb.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\backweb.tlb
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWCHelpr.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWCmndr.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWDocMapExt.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\bwfiles.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\bwlang.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\bwmib.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWOfflineUrlAccessor.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWPlugProtocol.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWPortalPlugin.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWScriptExt.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\bwsec.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWXMLOffline.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\bwxtext.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\clntutil.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\Cpuinf32.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\ding.wav
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\ClientRc.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\CommStatus\remedy_strings.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\CommStatus\remedy_strings_override.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\CommStatus\strings.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\CommStatus\strings_override.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\Navigation\navigation_strings.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\Navigation\navigation_strings_override.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\arrow_left.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\arrow_right.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\BULLET1.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\closing_the_notification_in.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\deleting_notifications.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\DIAMOND1.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\elements_of_the_statusbar.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\help.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\homebutton_gray.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\image003.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\image005.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\image007.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\image009.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\image010.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\image012.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\image014.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\image016.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\image017.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\image018.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\image020.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\image024.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\image025.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\inbox.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\managing_notifications.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\marking_notifications.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\opening_the_notification_in.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\overview.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\preferences.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\ProactivePortal_Notification_Inbox_Help.css
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\refreshing_the_notification.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\setting_proactiveportal_not.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\sorting_information_in_the_.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\the_proactiveportal_notific.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\viewing_data_in_the_notific.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\viewing_full_stories.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\viewing_the_availability_of.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\viewing_the_notification_s_.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\viewing_the_notification_su.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\help\xbutton.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\notification_strings.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\NotificationMgr\notification_strings_override.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\resources\global_strings.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\resources\global_strings_override.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\arrow_left.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\arrow_right.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\BULLET1.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\button_edit.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\button_sendagain.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\closing_the_forms_outbox.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\deleting_form_submissions.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\details.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\DIAMOND1.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\form_submission_scheduling.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\help.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\home.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\homebutton_gray.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\how_does_proactiveportal_se.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\image003_forms.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\image005_forms.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\image007_forms.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\image011_forms.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\image013_forms.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\image014_forms.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\image016_forms.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\image019_forms.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\image020_forms.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\managing_form_submissions.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\marking_form_submissions.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\modifying_a_submitted_form.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\modifying_a_submitted_form.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\opening_the_forms_outbox.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\outbox.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\overview_1.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\preferences.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\ProactivePortal_Forms_Outbox_Help.css
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\refreshing_the_forms_outbox.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\ResponseAvailable.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\resubmitting_a_form.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\send_again.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\setting_form_submission_pre.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\sorting_form_submissions.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\SubmissionCompleted.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\SubmissionFailed.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\the_forms_outbox.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\the_progress_bar.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\the_status_bar.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\the_status_column.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\viewing_data_in_the_forms_o.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\viewing_form_submission_details.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\viewing_form_submission_res.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\viewing_form_submission_sta.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\viewing_submission_details.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\what_are_forms_.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\help\xbutton.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\submission_strings.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\PortalUI\SubmissionMgr\submission_strings_override.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\registerRC.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\SpriteRC.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\EN\UninstallRC.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\GAPlugProtocol.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\IAdHide.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\loading.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\pacsupport.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\CommStatus\functions.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\CommStatus\remedy_functions.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\background.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\BWPortalPlugin.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\CommProblem.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\CommProblem.html
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\CommStatus.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\decorations.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\disableforms.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\fillFormsForResubmit.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\navigation.css
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\navigation_override.css
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalBrokenLink.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalBrokenLink.html
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalClientInactive.html
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalFormError.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalFormStatus.html
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalFormSuccess.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalGoOnline.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalGoOnline.html
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalGoOnlineTesterMode.html
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalMsgConfig.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalNoClient.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalNoDoc.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalNoDoc.html
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalNotRegistered.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalNotRegistered.html
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalNotSupportedURL.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalNotSupportedURL.html
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalNoUI.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalNoUI.html
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalOldDoc.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\Navigation\ProactivePortalOldDoc.html
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\link_header.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\link_header_MO.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\notification.css
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\notification_override.css
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\notification_params.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\notification_params_override.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\NotificationDetailedStatus.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\NotificationMgrUI.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\offline_link.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\offline_link_MO.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\online_link.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\online_link_MO.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\preferences.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\priority.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\priority_header.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\priority_header_MO.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\NotificationMgr\utilities.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\OfflineMgr.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\OfflineSearch.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\preferences.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\arr_end.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\arr_end_mo.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\arr_end_na.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\arr_next.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\arr_next_mo.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\arr_next_na.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\arr_prev.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\arr_prev_mo.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\arr_prev_na.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\arr_start.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\arr_start_mo.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\arr_start_na.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\background.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\Exit.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\footer.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\global.css
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\global_override.css
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\global_params.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\global_params_override.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\header.jpg
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\Help.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\help_MO.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\helper.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\preferences.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\preferences.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\preferences_icon.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\preferences_MO.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\Propert.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\sort_ascending.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\sort_descending.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\table.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\tabs.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\resources\utilities.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\AddSubmissionMgrLink.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\FormDeleted.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\FormError.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\FormOK.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\FormPending.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\FormProcess.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\FormSuspended.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\FormUpload.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\preferences.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\ResponseAvialable.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\ResponseAvialable_MO.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\submission.css
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\submission_override.css
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\submission_params.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\submission_params_override.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\SubmissionCompleted.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\SubmissionCompleted_MO.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\SubmissionDetailedStatus.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\SubmissionFailed.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\SubmissionFailed_MO.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\SubmissionMgrUI.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\SubmissionStatus.inc
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PortalUI\SubmissionMgr\utilities.js
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\Pre6Import.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\PUI_Launcher.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\register.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\Restart.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\runner.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\runner.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\Sprite6.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\wtsisctd.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\clasid.bak
C:\Program Files\Logitech\Desktop Messenger\8876480\enabled.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\background.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\browser.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\cert.db
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\chandir.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\chandir.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\chn.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\chn.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\DefPrefs.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\GenFlash\1\gen.bif
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\GenFlash\1\gen.bis
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\GenFlash\1\info.iad
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\InfoCenter.GIF
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\InfoCenter.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\main.wkg
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\UpgradePubKey.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\InitData\Data\UsrPrefs.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\8876480\Melissa\InstallerResult.log
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWCHelpr-8876480.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWCmndr-8876480.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWDocMapExt-8876480.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWfiles-8876480.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWOfflineUrlAccessor-8876480.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPortalPlugin-8876480.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\bwscriptext-8876480.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWXmlOffline-8876480.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmrchs.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmrcht.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmrdan.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmrdeu.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmresp.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmrfin.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmrfra.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmrita.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmrjpn.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmrkor.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmrnld.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmrnor.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmrptb.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\ldmrsve.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LiteInstActivator.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LiteInstActivator.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogiLdmC.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogiLdmW.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogiLdmW.tlb
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe.appid.8876480
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Scripts\Enable_OAS\enableOAS.vbs
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Scripts\RuleExec\AuthLib1.vbs
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Scripts\RuleExec\AuthLib2.vbs
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Scripts\RuleExec\CRules1.vbs
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Scripts\RuleExec\EventLib1.vbs
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Scripts\RuleExec\EventLib2.vbs
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Scripts\RuleExec\EventMgr1.vbs
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Scripts\RuleExec\EventMgr2.vbs
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Scripts\RuleExec\payload1.pub
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Scripts\RuleExec\RuleLib1.vbs
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Scripts\RuleExec\RuleLib2.vbs
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\SyncExt.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\readme.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\DataSets.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\a9a3e36\_bwfindx.zip
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\a9a3e36\info.iad
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\a9a3e53\_bwfindx.zip
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\a9a3e53\info.iad
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\a9a3e54\_bwfindx.zip
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\a9a3e54\info.iad
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\a9a3ef0\_bwfindx.zip
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\a9a3ef0\info.iad
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\a9a3f17\_bwfindx.zip
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\a9a3f17\info.iad
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\BWEvents.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\chninfo.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\ChnReg.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\segrules.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\Stats.tmp
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\UserProf.bak
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36c7\UserProf.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36e5\BWEvents.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36e5\chninfo.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36e5\ChnReg.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36e5\segrules.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36e5\Stats.tmp
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36e5\UserProf.bak
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36e5\UserProf.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36fb\BWEvents.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36fb\chninfo.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36fb\ChnReg.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36fb\segrules.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36fb\Stats.tmp
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36fb\submissions.old
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36fb\submissions.xml
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36fb\UserProf.bak
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\36fb\UserProf.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\3712\BWEvents.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\3712\chninfo.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\3712\ChnReg.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\3712\segrules.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\3712\Stats.tmp
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\3712\UserProf.bak
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\3712\UserProf.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\background.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\browser.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\BWDocMap.pht
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\BWInfopakMap.pht
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\cache.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\cert.db
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\chandir.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\chandir.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\chn.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\chn.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\D0000000.FCS
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\DefPrefs.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\GenFlash\1\gen.bif
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\GenFlash\1\gen.bis
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\GenFlash\1\info.iad
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\HostCache.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\InfoCenter.GIF
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\InfoCenter.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\inuse.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\L0000001.FCS
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\L0000002.FCS
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\main.log
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\player.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\prs.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\prs.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\prs_die.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\prs_die.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\prs_dnd.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\prs_dnd.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\prs_ext.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\prs_ext.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\prs_rcv.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\prs_rcv.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\S0000000.FCS
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\S0000001.FCS
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\storydb.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\storydb.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\T0E7C165
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\UpgradePubKey.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\UsrPrefs.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Killian\Data\wg1.wkg
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\a9a3e36\_bwfindx.zip
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\a9a3e36\info.iad
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\a9a3e53\_bwfindx.zip
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\a9a3e53\info.iad
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\a9a3e54\_bwfindx.zip
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\a9a3e54\info.iad
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\a9a3ef0\_bwfindx.zip
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\a9a3ef0\info.iad
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\a9a3f17\_bwfindx.zip
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\a9a3f17\info.iad
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\BWEvents.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\chninfo.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\ChnReg.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\segrules.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\Stats.tmp
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\UserProf.bak
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22a9\UserProf.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22af\BWEvents.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22af\chninfo.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22af\ChnReg.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22af\segrules.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22af\Stats.tmp
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22af\UserProf.bak
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22af\UserProf.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22c0\BWEvents.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22c0\chninfo.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22c0\ChnReg.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22c0\segrules.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22c0\Stats.tmp
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22c0\submissions.old
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22c0\submissions.xml
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22c0\UserProf.bak
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22c0\UserProf.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22cd\BWEvents.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22cd\chninfo.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22cd\ChnReg.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22cd\segrules.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22cd\Stats.tmp
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22cd\UserProf.bak
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\22cd\UserProf.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\background.gif
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\browser.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\BWDocMap.pht
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\BWInfopakMap.pht
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\cache.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\cert.db
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\chandir.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\chandir.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\chn.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\chn.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\DefPrefs.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\GenFlash\1\gen.bif
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\GenFlash\1\gen.bis
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\GenFlash\1\info.iad
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\HostCache.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\InfoCenter.GIF
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\InfoCenter.htm
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\inuse.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\L0000001.FCS
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\main.log
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\player.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\prs.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\prs.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\prs_die.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\prs_die.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\prs_dnd.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\prs_dnd.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\prs_ext.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\prs_ext.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\prs_rcv.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\prs_rcv.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\S0000000.FCS
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\S0000001.FCS
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\shopping.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\storydb.dat
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\storydb.idx
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\UpgradePubKey.txt
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\UsrPrefs.ini
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Melissa\Data\wg1.wkg
C:\SDFix
C:\SDFix\apps\assosfix.reg
C:\SDFix\apps\cliptext.exe
C:\SDFix\apps\download.exe
C:\SDFix\apps\dummy.sys
C:\SDFix\apps\Enable_Command_Prompt.reg
C:\SDFix\apps\ERDNT.E_E
C:\SDFix\apps\ERDNTDOS.LOC
C:\SDFix\apps\ERDNTWIN.LOC
C:\SDFix\apps\ERUNT.EXE
C:\SDFix\apps\ERUNT.LOC
C:\SDFix\apps\fix.reg
C:\SDFix\apps\FixBH.reg
C:\SDFix\apps\FixComponents.reg
C:\SDFix\apps\FIXCU.reg
C:\SDFix\apps\FIXLM.reg
C:\SDFix\apps\FixPath.exe
C:\SDFix\apps\FixRedir.reg
C:\SDFix\apps\FixSchedule.reg
C:\SDFix\apps\FixWebCheck.reg
C:\SDFix\apps\fixXP.reg
C:\SDFix\apps\FixXPsp2.reg
C:\SDFix\apps\grep.exe
C:\SDFix\apps\HPFix.reg
C:\SDFix\apps\HPFix2.reg
C:\SDFix\apps\HPFix3.reg
C:\SDFix\apps\HPFix4.reg
C:\SDFix\apps\HPFix5.reg
C:\SDFix\apps\HPFix6.reg
C:\SDFix\apps\HPFix7.reg
C:\SDFix\apps\HPFix8.reg
C:\SDFix\apps\HPFix9.reg
C:\SDFix\apps\isadmin.exe
C:\SDFix\apps\leg2.txt
C:\SDFix\apps\legacy.txt
C:\SDFix\apps\legacybk.txt
C:\SDFix\apps\locate.com
C:\SDFix\apps\LS.exe
C:\SDFix\apps\MD5File.exe
C:\SDFix\apps\MyGcpvFix.reg
C:\SDFix\apps\MyGkFix2.reg
C:\SDFix\apps\Process.exe
C:\SDFix\apps\procs.exe
C:\SDFix\apps\psservice.exe
C:\SDFix\apps\Rem.txt
C:\SDFix\apps\Rem2.txt
C:\SDFix\apps\Replace\regedit.exe
C:\SDFix\apps\Replace\W2K.exe
C:\SDFix\apps\Replace\w2k\beep.sys
C:\SDFix\apps\Replace\w2k\null.sys
C:\SDFix\apps\Replace\XP.exe
C:\SDFix\apps\Replace\xp\beep.sys
C:\SDFix\apps\Replace\xp\null.sys
C:\SDFix\apps\Reset_AppInit_DLLs.reg
C:\SDFix\apps\RestartIt!.exe
C:\SDFix\apps\Restore_SecurityCenter.reg
C:\SDFix\apps\Restore_SharedAccess.reg
C:\SDFix\apps\sc.exe
C:\SDFix\apps\sed.exe
C:\SDFix\apps\SF.exe
C:\SDFix\apps\shutdown.exe
C:\SDFix\apps\srv2.txt
C:\SDFix\apps\srv2bk.txt
C:\SDFix\apps\svc.txt
C:\SDFix\apps\svcbk.txt
C:\SDFix\apps\swreg.exe
C:\SDFix\apps\swsc.exe
C:\SDFix\apps\unzip.exe
C:\SDFix\apps\vfind.exe
C:\SDFix\apps\WINMSG.EXE
C:\SDFix\apps\winsec.reg
C:\SDFix\apps\zip.exe
C:\SDFix\backups\backupreg.zip
C:\SDFix\backups\backups.zip
C:\SDFix\backups\catchme.log
C:\SDFix\backups\HOSTS
C:\SDFix\backups_old\backupreg.zip
C:\SDFix\backups_old\backups.zip
C:\SDFix\backups_old\catchme.log
C:\SDFix\backups_old\HOSTS
C:\SDFix\backups_old1\backupreg.zip
C:\SDFix\backups_old1\backups.zip
C:\SDFix\backups_old1\catchme.log
C:\SDFix\backups_old1\HOSTS
C:\SDFix\catchme.exe
C:\SDFix\dummy.sys
C:\SDFix\Report.txt
C:\SDFix\Report_old_1.txt
C:\SDFix\Report_old_2.txt
C:\SDFix\RunThis.bat
C:\SDFix\SDFIX_ReadMe_Online.url
C:\SDFix\W2K_CodecRepair.inf
C:\SDFix\XP_CodecRepair.inf
C:\WINDOWS\system32\acledits.exe
C:\WINDOWS\system32\aknyredg.exe.dat
C:\WINDOWS\system32\curtvcvr.exe
C:\WINDOWS\system32\lcfeorql.ini
C:\WINDOWS\system32\npjcvwml.exe

.
((((((((((((((((((((((((( Files Created from 2008-05-16 to 2008-06-16 )))))))))))))))))))))))))))))))
.

2008-06-14 19:52 . 2008-06-14 19:52 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-14 09:32 . 2008-06-14 09:32 127 --a------ C:\WINDOWS\system32\MRT.INI
2008-06-14 09:27 . 2008-06-14 09:28 <DIR> d-------- C:\Documents and Settings\Melissa\Application Data\Spyware Terminator
2008-06-11 18:01 . 2008-06-11 18:01 0 --a------ C:\WINDOWS\Unsetup.INI
2008-06-11 09:11 . 2008-04-14 07:01 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 09:11 . 2008-04-14 07:01 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-10 14:25 . 2008-06-10 14:42 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-10 11:35 . 2008-06-10 11:35 <DIR> d-------- C:\Deckard
2008-06-10 09:56 . 2008-06-10 09:56 <DIR> d-------- C:\Documents and Settings\Killian\Application Data\Malwarebytes
2008-06-10 09:56 . 2008-06-10 09:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-10 09:55 . 2008-06-10 09:55 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-06-05 18:02 . 2008-06-05 18:03 <DIR> d-------- C:\WINDOWS\ERUNT
2008-06-05 16:26 . 2008-06-14 10:16 <DIR> d-------- C:\Documents and Settings\Killian\Application Data\Spyware Terminator
2008-06-05 15:40 . 2008-06-05 15:40 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-06-05 15:39 . 2008-06-14 10:16 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-06-05 15:39 . 2008-06-16 09:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-06-05 15:39 . 2008-06-05 15:44 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\Spyware Terminator
2008-06-05 14:34 . 2008-06-05 14:34 1,796 --a------ C:\WINDOWS\system32\tmp.reg
2008-06-05 11:23 . 2008-06-05 11:23 <DIR> dr-h----- C:\Documents and Settings\Administrator.ERIC.000\Application Data\yahoo!
2008-06-05 09:36 . 2008-06-05 09:36 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\SUPERAntiSpyware.com
2008-06-05 09:32 . 2006-03-09 13:50 0 --a------ C:\Documents and Settings\Administrator.ERIC.000\Application Data\wklnhst.dat
2008-06-05 09:31 . 2006-03-09 14:11 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\WINDOWS
2008-06-05 09:31 . 2006-02-11 10:31 <DIR> d---s---- C:\Documents and Settings\Administrator.ERIC.000\UserData
2008-06-05 09:31 . 2006-03-09 13:44 <DIR> d--h----- C:\Documents and Settings\Administrator.ERIC.000\InstallAnywhere
2008-06-05 09:31 . 2006-03-09 22:32 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\You've Got Pictures Screensaver
2008-06-05 09:31 . 2006-03-09 13:43 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\Leadertech
2008-06-05 09:31 . 2006-03-16 16:00 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\InterVideo
2008-06-05 09:31 . 2006-03-09 14:16 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\ExpensAble
2008-06-05 09:31 . 2006-04-23 00:17 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\AOL
2008-06-05 09:31 . 2006-03-09 22:37 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\Allume Systems
2008-06-05 09:31 . 2006-03-09 14:04 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000\Application Data\ACT
2008-06-05 09:31 . 2008-06-05 09:33 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC.000
2008-06-05 09:14 . 2008-06-05 17:30 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-06-05 09:14 . 2008-06-05 17:31 <DIR> d-------- C:\Documents and Settings\Killian\Application Data\SUPERAntiSpyware.com
2008-06-05 09:14 . 2008-06-05 09:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-05 09:13 . 2008-06-05 17:30 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-05 05:43 . 2008-06-05 05:43 <DIR> d-------- C:\Documents and Settings\Killian\Application Data\Uniblue
2008-06-04 18:35 . 2008-06-04 18:37 1,192 --a------ C:\WINDOWS\system32\drivers\kgpfr2.cfg
2008-06-04 16:29 . 2008-06-04 16:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-06-04 16:27 . 2008-06-04 16:27 <DIR> d-------- C:\Program Files\Common Files\iS3
2008-06-04 16:27 . 2008-06-04 18:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-06-04 15:22 . 2008-06-04 15:46 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC\UserData
2008-06-04 15:22 . 2006-03-09 13:43 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC\Application Data\Leadertech
2008-06-04 15:22 . 2006-03-16 16:00 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC\Application Data\InterVideo
2008-06-04 15:22 . 2006-03-09 14:16 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC\Application Data\ExpensAble
2008-06-04 15:22 . 2006-04-23 00:17 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC\Application Data\AOL
2008-06-04 15:22 . 2006-03-09 14:04 <DIR> d-------- C:\Documents and Settings\Administrator.ERIC\Application Data\ACT
2008-06-04 15:22 . 2006-03-09 13:50 0 --a------ C:\Documents and Settings\Administrator.ERIC\Application Data\wklnhst.dat
2008-06-04 15:21 . 2008-06-04 15:46 <DIR> d---s---- C:\Documents and Settings\Administrator.ERIC
2008-05-24 11:43 . 2008-06-05 10:22 <DIR> d--hs---- C:\WINDOWS\S2lsbGlhbg
2008-05-24 11:42 . 2008-06-05 04:41 <DIR> d-------- C:\WINDOWS\system32\hI2
2008-05-24 11:42 . 2008-06-05 04:27 <DIR> d-------- C:\WINDOWS\system32\at1
2008-05-24 11:42 . 2008-06-05 10:22 <DIR> d-------- C:\WINDOWS\system32\1064a
2008-05-24 11:42 . 2008-06-05 18:25 <DIR> d-------- C:\Temp
2008-05-24 11:42 . 2008-06-04 15:48 <DIR> d-------- C:\Documents and Settings\Melissa\Application Data\uTorrent
2008-05-24 11:42 . 2004-08-04 08:00 4,224 --a------ C:\WINDOWS\system32\beep.sys
2008-05-24 11:41 . 2008-06-14 10:15 <DIR> d-------- C:\Program Files\uTorrent

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-16 13:34 --------- d-----w C:\Program Files\Logitech
2008-06-11 22:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-11 22:02 --------- d-----w C:\Program Files\PCSecurityShield
2008-06-11 21:58 --------- d-----w C:\Program Files\Image Broadway
2008-06-06 15:02 3,818 ----a-w C:\Documents and Settings\Killian\Application Data\wklnhst.dat
2008-06-05 15:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-06-05 15:21 --------- d-----w C:\Program Files\Yahoo!
2008-06-05 15:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-06-04 20:11 --------- d-----w C:\Program Files\Morpheus
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-20 02:02 --------- d-----w C:\Documents and Settings\Melissa\Application Data\OpenOffice.org2
2007-09-18 02:55 152 ----a-w C:\Documents and Settings\Melissa\Application Data\wklnhst.dat
2006-03-09 17:50 0 ----a-w C:\WINDOWS\system32\config\systemprofile\Application Data\wklnhst.dat
1999-05-01 00:00 98,304 ----a-w C:\Program Files\internet explorer\plugins\UPjpeg.dll
.

((((((((((((((((((((((((((((( snapshot@2008-06-14_19.37.28.48 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-14 23:32:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-16 13:36:55 2,048 --s-a-w C:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-06-05 15:40 1817600]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Lifeline.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Lifeline.lnk
backup=C:\WINDOWS\pss\Digital Lifeline.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk
backup=C:\WINDOWS\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^KODAK Software Updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\KODAK Software Updater.lnk
backup=C:\WINDOWS\pss\KODAK Software Updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
backup=C:\WINDOWS\pss\Ralink Wireless Utility.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Killian^Start Menu^Programs^Startup^Deewoo.lnk]
path=C:\Documents and Settings\Killian\Start Menu\Programs\Startup\Deewoo.lnk
backup=C:\WINDOWS\pss\Deewoo.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Killian^Start Menu^Programs^Startup^Morpheus.lnk]
path=C:\Documents and Settings\Killian\Start Menu\Programs\Startup\Morpheus.lnk
backup=C:\WINDOWS\pss\Morpheus.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Killian^Start Menu^Programs^Startup^Z_Start.lnk]
path=C:\Documents and Settings\Killian\Start Menu\Programs\Startup\Z_Start.lnk
backup=C:\WINDOWS\pss\Z_Start.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\A00F193A5F.exe]
C:\DOCUME~1\Killian\LOCALS~1\Temp\_A00F193A5F.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\advap32]
C:\DOCUME~1\Melissa\LOCALS~1\Temp\4823.tmp/r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
-ra------ 2005-08-24 04:24 88203 C:\WINDOWS\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
-ra------ 2005-05-03 06:43 69632 C:\WINDOWS\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APL]
C:\Program Files\ACT\ACT for Win 7\APL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2005-09-15 01:05 344064 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 08:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\etMonitor]
--a------ 2005-10-11 21:57 36864 C:\WINDOWS\etMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\farstone]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
--a------ 2005-01-07 21:07 61952 C:\WINDOWS\system32\HdAShCut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2003-10-21 18:07 229376 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JavaCore]
C:\Program Files\\JavaCore\\JavaCore.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
--a------ 2006-12-22 13:27 497176 C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
--a------ 2006-12-22 13:28 756248 C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Location Finder]
--a------ 2005-08-24 22:25 101080 C:\Program Files\Microsoft Location Finder\LocationFinder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 12:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetscapeClient]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAS_Check]
C:\Program Files\Common Files\DriveCleaner Free\udcpas.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-07-25 15:22 155648 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
--a------ 2006-03-09 22:31 26112 C:\Program Files\Real\RealPlayer\RealPlay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-ra------ 2005-10-14 05:51 14864384 C:\WINDOWS\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDR6_Check]
C:\Program Files\Common Files\DriveCleaner Free\udcsdr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
--a------ 2008-06-05 15:40 1817600 C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2005-04-02 06:13 688217 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
--a------ 2005-04-02 06:14 98393 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead Photo Express Calendar Checker]
--a------ 2003-09-20 00:23 69632 C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\calcheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vrmon]
C:\Program Files\PCSecurityShield\ShieldAntivirus\vrmonnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VrSchedule]
C:\Program Files\PCSecurityShield\ShieldAntivirus\Vrres.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Agent]
C:\Program Files\webHancer\Programs\whagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Morpheus\\Morpheus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=

R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-06-05 15:40]
R2 FBAPI;FBAPI;C:\WINDOWS\system32\drivers\FBAPI.sys [2004-02-06 16:29]
R3 DCamUSBET;ET USB 2750 Camera;C:\WINDOWS\system32\DRIVERS\etDevice.sys [2005-10-20 22:11]
R3 FiltUSBET;ET USB Device Lower Filter;C:\WINDOWS\system32\DRIVERS\etFilter.sys [2005-11-09 17:15]
R3 PhnxVcd;PhnxVcd;C:\WINDOWS\system32\Drivers\PhnxVcd.sys [2004-01-05 14:39]
R3 ScanUSBET;ET USB Still Image Capture Device;C:\WINDOWS\system32\DRIVERS\etScan.sys [2005-10-20 22:29]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{632ea8aa-9b17-11da-a279-806d6172696f}]
\Shell\AutoRun\command - D:\setup.exe

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-16 09:37:51
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\verclsid.exe
.
**************************************************************************
.
Completion time: 2008-06-16 9:41:24 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-16 13:41:19
ComboFix2.txt 2008-06-14 23:37:54

Pre-Run: 52,949,553,152 bytes free
Post-Run: 52,919,607,296 bytes free

840 --- E O F --- 2008-06-14 14:20:19

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:50:38 AM, on 6/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1139668282953
O18 - Protocol: bw+0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: offline-8876480 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\system32\GEARSEC.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Phoenix VCD Service (PhnxVCDService) - Phoenix Technologies Ltd. - C:\WINDOWS\system32\PhnxCDSvr.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 16878 bytes

#6 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 16 June 2008 - 04:29 PM

Do you have an Anti-Virus program?

Run hijackthis. Hit None of the above, Click Do a System Scan Only. Put a checkmark/tick in the box on the left side on these:

O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O18 - Protocol: bw+0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: offline-8876480 - {28C7AD20-CE08-4204-93A7-D01D8908ECB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

Close ALL windows and browsers except HijackThis and click "Fix checked"

Reboot and "copy/paste" a new HijackThis log file into this thread.

Also please describe how your computer behaves at the moment.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#7 Cindy Kaye

New Member

New Member
5 posts

Posted 17 June 2008 - 08:10 AM

LDTate, I have done as instructed and included a new HiJackThis log.
Again, I really appreciate all that you have done. My PC seems to be running alot faster, especially on the Internet and I have no more annoying pop-ups or warnings. As far as an anti virus program on my PC, I had purchased a program called PC Security Shield The Shield 2007 Anti Virus, but as you can see it did not work well. I have uninstalled it and put Spyware Terminator in it's place. Do you think that I should re-install it or do you have a suggestion of one that might work better? Any advice would be greatly appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:41:57 AM, on 6/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\GEARSEC.EXE
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1139668282953
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\system32\GEARSEC.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Phoenix VCD Service (PhnxVCDService) - Phoenix Technologies Ltd. - C:\WINDOWS\system32\PhnxCDSvr.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 3748 bytes

I am waiting patiently for your reply.

#8 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 17 June 2008 - 08:26 AM

As far as an anti virus program on my PC, I had purchased a program called PC Security Shield The Shield 2007 Anti Virus, but as you can see it did not work well. I have uninstalled it and put Spyware Terminator in it's place.

Those are two different types of programs. One is an anti-SPYWARE and the other anti-VIRUS.

I would re-install PC Security Shield The Shield 2007 Anti Virus. You need both types installed and active.

Click START then RUN
Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
Here's my usual all clean post

Log looks good

You need to create a new Clean restore point.

Note: This will remove all previous Restore Points

Turn off System Restore:

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

Restart your computer, turn it back on.

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Remove the Check Turn off System Restore.
Click Apply, and then click OK.

Double-click My Computer.
Click the Tools menu, and then click Folder Options.
Click the View tab.
Check "Hide file extensions for known file types."
Under the "Hidden files" folder, Uncheck "Show hidden files and folders."
Check "Hide protected operating system files."
Click Apply, and then click OK.
- Make your Internet Explorer more secure - This can be done by following these simple instructions:
  - From within Internet Explorer click on the Tools menu and then click on Options.
  - Click once on the Security tab
  - Click once on the Internet icon so it becomes highlighted.
  - Click once on the Custom Level button.
    [list=a]
  - Change the Download signed ActiveX controls to Prompt
  - Change the Download unsigned ActiveX controls to Disable
  - Change the Initialize and script ActiveX controls not marked as safe to Disable
  - Change the Installation of desktop items to Prompt
  - Change the Launching programs and files in an IFRAME to Prompt
  - Change the Navigate sub-frames across different domains to Prompt
  - When all these settings have been made, click on the OK button.
  - If it prompts you as to whether or not you want to save the settings, press the Yes button.
- Next press the Apply button and then the OK to exit the Internet Properties page.
Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week
(Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
Update all these programs regularly - Make sure you update all the programs I have listed regularly.
Without regular updates you WILL NOT be protected when new malicious programs are released.

Only run one Anti-Virus and Firewall program.

I would also suggest you read this:
So how did I get infected in the first place?
by Tony Klein

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#9 Cindy Kaye

New Member

New Member
5 posts

Posted 17 June 2008 - 01:09 PM

Thank you, Thank you, LDTate. I have completed everything as you instructed. My PC is running great and as mentioned before I have no more annoying pop-ups or security warnings. I have also installed AVG, that I found while reading the "How did I get infected" article that you suggested. You guys are fantastic and this forum is the best thing thought of since the world wide web. I will definitely be making a donation to keep you all going. Never know if I or someone I know may need some help in the future. Again thank you......

#10 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 18 June 2008 - 03:29 PM

Great job

You're more then welcome. Glad we were able to help Peace be with you :wavey:

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#11 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 18 June 2008 - 03:29 PM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

Body Background

skin color theme