View Full Version : I think I might have a virus?
I think I might have a virus! So I was levelbuilding today and I kept getting AVG alerts about viruses its finding on my computer. So I did a full virus scan and I cleaned all the viruses out.
Now, this is the weirdest part. Like every half hour or so, whatever I'm doing on the Internet pops up... It's confusing so let me explain. First I googled Tomb Raider Underworld for PS2. Then all of a sudden, like 4 pages pop up (they were all Ebay) and they have TRU for PS2 on them. I didn't even click on anything!
Then I was looking at the Mirrors Edge thread in the videogame section. Like 4 pop ups came up and they took me to Mirror Edge sites! And this morning when I checked my email I was on the Yahoo homepage and I read an article about a woman who was killed, then a pop up came up about a womens talkshow.
This is really frustrating, what could be the problem? I have Mozilla Firefox and I have AVG. Please help! Thanks :hug:
Run ARDiag.exe (http://www.tombraiderhub.com/download/ardiag.exe) and post the report here.
Have you updated AVG recently?
Run ARDiag.exe (http://www.tombraiderhub.com/download/ardiag.exe) and post the report here.
Have you updated AVG recently?
Every time I start my computer it says that AVG is downloading an update and then it updates.
---------------------------------------------------------------
AutoRuns Diagnostics for TRF v 0.5 Developed by EscondeR
---------------------------------------------------------------
Program:
"ASUS Keyboard Service "
Publisher:
"(Not verified) ASUSTeK COMPUTER INC."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ATKKeyboardService
Program path & name:
"c:\windows\atkkbservice.exe"
Enabled: [V]
Program:
"Manages the scheduling of Automatic LiveUpdate sessions"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Automatic LiveUpdate Scheduler
Program path & name:
"c:\program files\symantec\liveupdate\aluschedulersvc.exe"
Enabled: [V]
Program:
"AVG Alert Manager"
Publisher:
"(Not verified) GRISOFT s.r.o."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Avg7Alrt
Program path & name:
"c:\program files\grisoft\avg7\avgamsvr.exe"
Enabled: [V]
Program:
"AVG Update Service"
Publisher:
"(Not verified) GRISOFT s.r.o."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Avg7UpdSvc
Program path & name:
"c:\program files\grisoft\avg7\avgupsvc.exe"
Enabled: [V]
Program:
"Event propagation and logging service"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ccEvtMgr
Program path & name:
"c:\program files\common files\symantec shared\ccevtmgr.exe"
Enabled: [V]
Program:
"Symantec Proxy Service"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ccProxy
Program path & name:
"c:\program files\common files\symantec shared\ccproxy.exe"
Enabled: [V]
Program:
"Settings storage and management service"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ccSetMgr
Program path & name:
"c:\program files\common files\symantec shared\ccsetmgr.exe"
Enabled: [V]
Program:
"Creative Service for CDROM Access"
Publisher:
"(Not verified) Creative Technology Ltd"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Creative Service for CDROM Access
Program path & name:
"c:\windows\system32\ctsvccda.exe"
Enabled: [V]
Program:
"Controls the Diskeeper Service"
Publisher:
"(Not verified) Executive Software International Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Diskeeper
Program path & name:
"c:\program files\executive software\diskeeperlite\dkservice.exe"
Enabled: [V]
Program:
"Symantec Licensing Detect Internet Connection"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
DJSNETCN
Program path & name:
"c:\program files\common files\symantec shared\djsnetcn.exe"
Enabled: [V]
Program:
"gusvc"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
gusvc
Program path & name:
"c:\program files\google\common\google updater\googleupdaterservice.exe"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
RegManServ
Program path & name:
c:\program files\registry defragmentation\regmanserv.exe"
Enabled: [V]
Program:
"Symantec Core LC"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Symantec Core LC
Program path & name:
"c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe"
Enabled: [V]
Program:
"Allows to use visual styles without Microsoft signature."
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
UxTuneUp
Program path & name:
"c:\windows\system32\uxtuneup.dll"
Enabled: [V]
Program:
"Helps manage PC security and overall health by providing virus and spyware monitoring
Publisher:
firewall backup and other services. If this service is stopped this computer might be at risk from viruses and other threats."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
winss
Program path & name:
"File not found: C:\Program Files\Microsoft Windows OneCare Live\winss.exe"
Enabled: [V]
Program:
"ASPI for WIN32 Kernel Driver"
Publisher:
"(Not verified) Adaptec"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ASPI
Program path & name:
"c:\windows\system32\drivers\aspi32.sys"
Enabled: [V]
Program:
"ASUS Help driver For Keyboard Service."
Publisher:
"(Not verified) ASUSTeK COMPUTER INC."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
asuskbnt
Program path & name:
"c:\windows\system32\drivers\atkkbnt.sys"
Enabled: [V]
Program:
"AVG Scanning Engine"
Publisher:
"(Not verified) GRISOFT s.r.o."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Avg7Core
Program path & name:
"c:\windows\system32\drivers\avg7core.sys"
Enabled: [V]
Program:
"AVG Resident Shield Unload Helper"
Publisher:
"(Not verified) GRISOFT s.r.o."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Avg7RsW
Program path & name:
"c:\windows\system32\drivers\avg7rsw.sys"
Enabled: [V]
Program:
"AVG Resident Anti-Virus Shield"
Publisher:
"(Not verified) GRISOFT s.r.o."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Avg7RsXP
Program path & name:
"c:\windows\system32\drivers\avg7rsxp.sys"
Enabled: [V]
Program:
"AVG7 Clean Driver"
Publisher:
"(Verified) GRISOFT s.r.o."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
AvgClean
Program path & name:
"c:\windows\system32\drivers\avgclean.sys"
Enabled: [V]
Program:
"Universal Serial Bus Camera Driver"
Publisher:
"(Not verified) Service & Quality Technology."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
DCamUSBSQTECH
Program path & name:
"c:\windows\system32\drivers\sqcaptur.sys"
Enabled: [V]
Program:
"ASUS Kernel Mode Driver for NT "
Publisher:
"(Not verified) ASUSTeK Computer Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
EIO
Program path & name:
"c:\windows\system32\drivers\eio.sys"
Enabled: [V]
Program:
"ElbyCDIO Filter Driver"
Publisher:
"(Verified) SlySoft Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ElbyCDFL
Program path & name:
"c:\windows\system32\drivers\elbycdfl.sys"
Enabled: [V]
Program:
"ElbyCD Windows NT/2000/XP I/O driver"
Publisher:
"(Verified) Elaborate Bytes AG"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ElbyCDIO
Program path & name:
"c:\windows\system32\drivers\elbycdio.sys"
Enabled: [V]
Program:
"CDRom Class Filter Driver"
Publisher:
"(Verified) GEAR Software Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
GEARAspiWDM
Program path & name:
"c:\windows\system32\drivers\gearaspiwdm.sys"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
jgameenp
Program path & name:
File not found: C:\DOCUME~1\RATBOY~1\LOCALS~1\Temp\jgameenp.sys"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
LMouKE
Program path & name:
File not found: System32\Drivers\LMouKE.sys"
Enabled: [V]
Program:
"DUCam Driver for DU101"
Publisher:
"(Not verified) DUCam Technology Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
MR97310_USB_DUAL_CAMERA
Program path & name:
"c:\windows\system32\drivers\mr97310c.sys"
Enabled: [V]
Program:
"NPF Driver - TME extensions"
Publisher:
"(Not verified) Politecnico di Torino"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NPF
Program path & name:
"c:\windows\system32\drivers\npf.sys"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Pcouffin
Program path & name:
File not found: System32\Drivers\Pcouffin.sys"
Enabled: [V]
Program:
"Px Engine Device Driver for Windows 2000/XP"
Publisher:
"(Verified) Sonic Solutions"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
PxHelp20
Program path & name:
"c:\windows\system32\drivers\pxhelp20.sys"
Enabled: [V]
Program:
"SPBBC Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SPBBCDrv
Program path & name:
"c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
sptd
Program path & name:
c:\windows\system32\drivers\sptd.sys"
Enabled: [V]
Program:
"Symantec Event Library"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SymEvent
Program path & name:
"c:\program files\symantec\symevent.sys"
Enabled: [V]
Program:
"IDS Core Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SYMIDSCO
Program path & name:
"c:\program files\common files\symantec shared\symcdata\idsdefs\20050901.036\symidsco.sys"
Enabled: [V]
Program:
"Network Dispatch Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SYMTDI
Program path & name:
"c:\windows\system32\drivers\symtdi.sys"
Enabled: [V]
Program:
"TrendMicro Common Module"
Publisher:
"(Verified) Trend Micro Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
tmcomm
Program path & name:
"c:\windows\system32\drivers\tmcomm.sys"
Enabled: [V]
Program:
"TVicHW32 Driver for Windows NT/2000/XP"
Publisher:
"(Not verified) EnTech Taiwan"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
TVICHW32
Program path & name:
"c:\windows\system32\drivers\tvichw32.sys"
Enabled: [V]
Program:
"ATAPI IDE Miniport Driver"
Publisher:
"(Not verified) VIA Technologies Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
viadsk
Program path & name:
"c:\windows\system32\drivers\viadsk.sys"
Enabled: [V]
Program:
"VIA PFD driver"
Publisher:
"(Not verified) VIA Technologies. Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
VIAPFD
Program path & name:
"c:\windows\system32\drivers\viapfd.sys"
Enabled: [V]
Program:
"X4HSX32Ex Kernel Mode Driver"
Publisher:
"(Verified) Exent Technologies Ltd."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
X4HSX32Ex
Program path & name:
"c:\program files\free ride games\x4hsx32ex.sys"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
awttttQH
Program path & name:
c:\windows\system32\awttttqh.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
WBSrv
Program path & name:
File not found: C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authenti cation Packages
Entry name:
C:\WINDOWS\system32\pmnkHYRl
Program path & name:
c:\windows\system32\pmnkhyrl.dll"
Enabled: [V]
Program:
"Google Desktop"
Publisher:
"(Not verified) Google"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
Program path & name:
"c:\program files\google\google desktop search\googledesktopnetwork3.dll"
Enabled: [V]
Program:
"WindowBlinds"
Publisher:
"(Verified) Stardock Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
wbsys.dll
Program path & name:
"c:\windows\system32\wbsys.dll"
Enabled: [V]
Program:
"Google Desktop"
Publisher:
"(Not verified) Google"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
Program path & name:
"c:\program files\google\google desktop search\googledesktopnetwork3.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
pajgpx.dll
Program path & name:
c:\windows\system32\pajgpx.dll"
Enabled: [V]
Program:
"AVG Control Center"
Publisher:
"(Not verified) GRISOFT s.r.o."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
AVG7_CC
Program path & name:
"c:\program files\grisoft\avg7\avgcc.exe"
Enabled: [V]
Program:
"RealNetworks Scheduler"
Publisher:
"(Verified) RealNetworks Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
TkBellExe
Program path & name:
"c:\program files\common files\real\update_ob\realsched.exe"
Enabled: [V]
Program:
"Fly Device Monitor"
Publisher:
"(Verified) LeapFrog Enterprises Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
FlyMonitor
Program path & name:
"c:\program files\leapfrog\flyworld\bin\flymonitor.exe"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
d04fc48e
Program path & name:
c:\windows\system32\ihcsngwf.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw+0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw+0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw-0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw-0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw00
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw00s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw10
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw10s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw20
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw20s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw30
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw30s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw40
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw40s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw50
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw50s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw60
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw60s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw70
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw70s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw80
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw80s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw90
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw90s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwa0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwa0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwb0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwb0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwc0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwc0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwd0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwd0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwe0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwe0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwf0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwf0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwfile-8876480
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\gaplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwg0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwg0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwh0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwh0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwi0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwi0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwj0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwj0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwk0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwk0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwl0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwl0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwm0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwm0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwn0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwn0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwo0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwo0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwp0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwp0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwq0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwq0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwr0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwr0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bws0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bws0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwt0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwt0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwu0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwu0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwv0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwv0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bww0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bww0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwx0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwx0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwy0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwy0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwz0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwz0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"Microsoft® InfoTech Storage System Library"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
ms-its51
Program path & name:
"c:\program files\common files\microsoft shared\information retrieval\itss51.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
offline-8876480
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
Entry name:
0
Program path & name:
File not found: http://www.larasanctuary.com/wallpapers/trlr/002.jpg"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
Entry name:
1
Program path & name:
File not found: about:Home"
Enabled: [V]
Program:
"Orbit Downloader"
Publisher:
"(Not verified) Orbitdownloader.com"
Entry path:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Entry name:
Orbit.lnk
Program path & name:
"c:\program files\orbitdownloader\orbitdm.exe"
Enabled: [V]
Program:
"TimeLeft"
Publisher:
"(Verified) NesterSoft Inc."
Entry path:
C:\Documents and Settings\Rat Boy\Start Menu\Programs\Startup
Entry name:
TimeLeft.lnk
Program path & name:
"c:\program files\timeleft3\timeleft.exe"
Enabled: [V]
Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Google Update
Program path & name:
"c:\documents and settings\rat boy\local settings\application data\google\update\googleupdate.exe"
Enabled: [V]
Program:
"EXETender Player"
Publisher:
"(Not verified) Exent Technologies Ltd."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Exetender
Program path & name:
"c:\program files\free ride games\gplayer.exe"
Enabled: [V]
Program:
"Yahoo! Messenger"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Yahoo! Pager
Program path & name:
"c:\program files\yahoo!\messenger\yahoomessenger.exe"
Enabled: [V]
Program:
"TuneUp OneClick Starter"
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
Task Scheduler
Entry name:
1-Click Maintenance.job
Program path & name:
"c:\program files\tuneup utilities 2008\oneclickstarter.exe"
Enabled: [V]
Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
Task Scheduler
Entry name:
GoogleUpdateTaskUserS-1-5-21-2000478354-1801674531-682003330-1004.job
Program path & name:
"c:\documents and settings\rat boy\local settings\application data\google\update\googleupdate.exe"
Enabled: [V]
Program:
"Orbitcth"
Publisher:
"(Not verified) Orbitdownloader.com"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Octh Class
Program path & name:
"c:\program files\orbitdownloader\orbitcth.dll"
Enabled: [V]
Program:
"Yahoo! Toolbar"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Yahoo! Toolbar Helper
Program path & name:
"c:\program files\yahoo!\companion\installs\cpn\yt.dll"
Enabled: [V]
Program:
"Adobe PDF Helper for Internet Explorer"
Publisher:
"(Verified) Adobe Systems Incorporated"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Adobe PDF Reader Link Helper
Program path & name:
"c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll"
Enabled: [V]
Program:
"RealPlayer Download and Record Plugin for Internet Explorer"
Publisher:
"(Verified) RealNetworks Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
RealPlayer Download and Record Plugin for Internet Explorer
Program path & name:
"c:\program files\real\realplayer\rpbrowserrecordplugin.dll"
Enabled: [V]
Program:
"Desktop Sidebar"
Publisher:
"(Not verified) Idea2"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Idea2 SidebarBrowserMonitor Class
Program path & name:
"c:\program files\desktop sidebar\sbhelp.dll"
Enabled: [V]
Program:
"MegaUpload Toolbar "
Publisher:
"(Verified) Megaupload Limited"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Megaupload Toolbar
Program path & name:
"c:\program files\megauploadtoolbar\megauploadtoolbar.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
{5243b9c8-768c-417d-b76f-e6f4a5dc8ece}
Program path & name:
c:\windows\system32\pajgpx.dll"
Enabled: [V]
Program:
"Bad download blocker"
Publisher:
"(Verified) Safer Networking Ltd."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
{53707962-6F74-2D53-2644-206D7942484F}
Program path & name:
"c:\program files\spybot - search & destroy\sdhelper.dll"
Enabled: [V]
Program:
"Yahoo! IE Services"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Yahoo! IE Services Button
Program path & name:
"c:\program files\yahoo!\common\yiesrvc.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
Program path & name:
c:\windows\system32\awttttqh.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
{71E78DD0-1DE0-4942-8B35-56FA09C792F9}
Program path & name:
c:\windows\system32\pmnkhyrl.dll"
Enabled: [V]
Program:
"Java(TM) 2 Platform Standard Edition binary"
Publisher:
"(Verified) Sun Microsystems Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
SSVHelper Class
Program path & name:
"c:\program files\java\jre1.5.0_10\bin\ssv.dll"
Enabled: [V]
Program:
"NIS Shell Extension"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
CNisExtBho Class
Program path & name:
"c:\program files\common files\symantec shared\adblocking\nisshext.dll"
Enabled: [V]
Program:
"GoogleToolbarNotifier"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Google Toolbar Notifier BHO
Program path & name:
"c:\program files\google\googletoolbarnotifier\4.1.805.4472\sw g.dll"
Enabled: [V]
Program:
"Mega Manager IE Click Catcher"
Publisher:
"(Not verified) Megaupload Limited"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
IeMonitorBho Class
Program path & name:
"c:\program files\megaupload\mega manager\megaiemn.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
FDMIECookiesBHO Class
Program path & name:
c:\program files\free download manager\iefdm2.dll"
Enabled: [V]
Program:
"YSidebarIEBHO Module"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
SidebarAutoLaunch Class
Program path & name:
"c:\program files\yahoo!\browser\ysidebariebho.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellExecuteHooks
Entry name:
awttttqh.dll
Program path & name:
c:\windows\system32\awttttqh.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Display Panning CPL Extension
Program path & name:
File not found: deskpan.dll"
Enabled: [V]
Program:
"YMMAPI Module"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Yahoo! Mail
Program path & name:
"c:\program files\yahoo!\common\ymmapi.dll"
Enabled: [V]
Program:
"RealPlayer Shell Extensions"
Publisher:
"(Verified) RealNetworks Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Shell Extensions for RealOne Player
Program path & name:
"c:\program files\real\realplayer\rpshell.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
WinRAR shell extension
Program path & name:
c:\program files\winrar\rarext.dll"
Enabled: [V]
Program:
"iTunes Mini Player DLL"
Publisher:
"(Not verified) Apple Computer Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
iTunes
Program path & name:
"c:\program files\itunes\itunesminiplayer.dll"
Enabled: [V]
Program:
"NVIDIA Desktop Explorer
Publisher:
Version 111.32 "
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Desktop Explorer
Program path & name:
"(Not verified) NVIDIA Corporation""c:\windows\system32\nvshell.dll"
Enabled: [V]
Program:
"NVIDIA Desktop Explorer
Publisher:
Version 111.32 "
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Desktop Explorer Menu
Program path & name:
"(Not verified) NVIDIA Corporation""c:\windows\system32\nvshell.dll"
Enabled: [V]
Program:
"NVIDIA Desktop Explorer
Publisher:
Version 111.32 "
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
nView Desktop Context Menu
Program path & name:
"(Not verified) NVIDIA Corporation""c:\windows\system32\nvshell.dll"
Enabled: [V]
Program:
"Desktop Sidebar"
Publisher:
"(Not verified) Idea2"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Idea2 SidebarIconHandler Class
Program path & name:
"c:\program files\desktop sidebar\sbhelp.dll"
Enabled: [V]
Program:
"WindowBlinds 6.0 UI"
Publisher:
"(Not verified) Stardock Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
WindowBlinds CPL Extension
Program path & name:
"c:\program files\stardock\object desktop\windowblinds\wbui.dll"
Enabled: [V]
Program:
"DSShellExtHandler"
Publisher:
"(Not verified) DeskShare"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
DSShellExtension
Program path & name:
"c:\program files\deskshare\digital media converter\dsshellexthandler.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
UnlockerShellExtension
Program path & name:
c:\program files\unlocker\unlockercom.dll"
Enabled: [V]
Program:
"TuneUp Theme Extension"
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
TuneUp Theme Extension
Program path & name:
"c:\windows\system32\uxtuneup.dll"
Enabled: [V]
Program:
"TuneUp Shredder Shell Extension"
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
TuneUp Shredder Shell Extension
Program path & name:
"c:\program files\tuneup utilities 2008\sdshelex-win32.dll"
Enabled: [V]
Program:
"AVG Shell Extension"
Publisher:
"(Not verified) GRISOFT s.r.o."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
AVG7 Shell Extension
Program path & name:
"c:\program files\grisoft\avg7\avgse.dll"
Enabled: [V]
Program:
"AVG Shell Extension"
Publisher:
"(Not verified) GRISOFT s.r.o."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
AVG7 Find Extension
Program path & name:
"c:\program files\grisoft\avg7\avgse.dll"
Enabled: [V]
Program:
"PDF Shell Extension"
Publisher:
"(Not verified) Adobe Systems Inc."
Entry path:
HKLM\Software\Classes\Folder\Shellex\ColumnHandler s
Entry name:
PDF Shell Extension
Program path & name:
"c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
Enabled: [V]
Program:
"Yahoo! Toolbar"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
Entry name:
yt.dll
Program path & name:
"c:\program files\yahoo!\companion\installs\cpn\yt.dll"
Enabled: [V]
Program:
"Yahoo! Toolbar"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
yt.dll
Program path & name:
"c:\program files\yahoo!\companion\installs\cpn\yt.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Extensions
Entry name:
Acez.com - Download Free Screen Savers
Program path & name:
c:\windows\acezlink.htm"
Enabled: [V]
OH NOES!!! I was just browsing the forum and this site popped up! http://www.registrydefender.com/l/indexsg.asp?utm_source=CD458&utm_medium=cntx&utm_campaign=RD&utm_term=partnerid_keyword&kwd=partnerid_keyword
freeze10108
28-01-09, 01:15
You've run scans with anti-spyware right? If not (and you don't have any), run Spybot S&D (http://www.spybot.info) and Ad-Aware (http://www.download.com/Ad-Aware-Anniversary-Edition/3000-8022_4-10045910.html?part=dl-ad-aware&subj=dl&tag=top5&cdlPid=10998841). I'll sift through the ARdiag and see what's there too (I may overlook a few things though).
EDIT:
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
jgameenp
Program path & name:
File not found: C:\DOCUME~1\RATBOY~1\LOCALS~1\Temp\jgameenp.sys"
Enabled: [V] ***DELETE***
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
awttttQH
Program path & name:
c:\windows\system32\awttttqh.dll"
Enabled: [V] ***DELETE***
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authenti cation Packages
Entry name:
C:\WINDOWS\system32\pmnkHYRl
Program path & name:
c:\windows\system32\pmnkhyrl.dll"
Enabled: [V] SUSPICIOUS
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
pajgpx.dll
Program path & name:
c:\windows\system32\pajgpx.dll"
Enabled: [V] SUSPICIOUS
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
{5243b9c8-768c-417d-b76f-e6f4a5dc8ece}
Program path & name:
c:\windows\system32\pajgpx.dll"
Enabled: [V] SUSPICIOUS
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
Program path & name:
c:\windows\system32\awttttqh.dll"
Enabled: [V] ***DELETE***
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
{71E78DD0-1DE0-4942-8B35-56FA09C792F9}
Program path & name:
c:\windows\system32\pmnkhyrl.dll"
Enabled: [V] SUSPICIOUS
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellExecuteHooks
Entry name:
awttttqh.dll
Program path & name:
c:\windows\system32\awttttqh.dll"
Enabled: [V] ***DELETE***
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Extensions
Entry name:
Acez.com - Download Free Screen Savers
Program path & name:
c:\windows\acezlink.htm"
Enabled: [V] ***DELETE***The ones I marked as delete you should deletehttp://www.freesmileys.org/smileys/smiley-violent027.gif. The ones marked suspicious, I'm not sure about (sorryhttp://i43.tinypic.com/fymvd3.jpg)
1. Download Autoruns (http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx).
2. Boot in Safe Mode.
3. Run Autoruns, let it scan and then kill all entries of the following list:
Program:
"Manages the scheduling of Automatic LiveUpdate sessions"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Automatic LiveUpdate Scheduler
Program path & name:
"c:\program files\symantec\liveupdate\aluschedulersvc.exe"
Enabled: [V]
Program:
"Event propagation and logging service"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ccEvtMgr
Program path & name:
"c:\program files\common files\symantec shared\ccevtmgr.exe"
Enabled: [V]
Program:
"Symantec Proxy Service"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ccProxy
Program path & name:
"c:\program files\common files\symantec shared\ccproxy.exe"
Enabled: [V]
Program:
"Settings storage and management service"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ccSetMgr
Program path & name:
"c:\program files\common files\symantec shared\ccsetmgr.exe"
Enabled: [V]
Program:
"Symantec Licensing Detect Internet Connection"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
DJSNETCN
Program path & name:
"c:\program files\common files\symantec shared\djsnetcn.exe"
Enabled: [V]
Program:
"gusvc"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
gusvc
Program path & name:
"c:\program files\google\common\google updater\googleupdaterservice.exe"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
RegManServ
Program path & name:
c:\program files\registry defragmentation\regmanserv.exe"
Enabled: [V]
Program:
"Symantec Core LC"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Symantec Core LC
Program path & name:
"c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe"
Enabled: [V]
Program:
"Helps manage PC security and overall health by providing virus and spyware monitoring
Publisher:
firewall backup and other services. If this service is stopped this computer might be at risk from viruses and other threats."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
winss
Program path & name:
"File not found: C:\Program Files\Microsoft Windows OneCare Live\winss.exe"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
jgameenp
Program path & name:
File not found: C:\DOCUME~1\RATBOY~1\LOCALS~1\Temp\jgameenp.sys"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
LMouKE
Program path & name:
File not found: System32\Drivers\LMouKE.sys"
Enabled: [V]
Program:
"NPF Driver - TME extensions"
Publisher:
"(Not verified) Politecnico di Torino"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NPF
Program path & name:
"c:\windows\system32\drivers\npf.sys"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Pcouffin
Program path & name:
File not found: System32\Drivers\Pcouffin.sys"
Enabled: [V]
Program:
"SPBBC Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SPBBCDrv
Program path & name:
"c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys"
Enabled: [V]
Program:
"Symantec Event Library"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SymEvent
Program path & name:
"c:\program files\symantec\symevent.sys"
Enabled: [V]
Program:
"IDS Core Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SYMIDSCO
Program path & name:
"c:\program files\common files\symantec shared\symcdata\idsdefs\20050901.036\symidsco.sys"
Enabled: [V]
Program:
"Network Dispatch Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SYMTDI
Program path & name:
"c:\windows\system32\drivers\symtdi.sys"
Enabled: [V]
Program:
"X4HSX32Ex Kernel Mode Driver"
Publisher:
"(Verified) Exent Technologies Ltd."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
X4HSX32Ex
Program path & name:
"c:\program files\free ride games\x4hsx32ex.sys"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
awttttQH
Program path & name:
c:\windows\system32\awttttqh.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authenti cation Packages
Entry name:
C:\WINDOWS\system32\pmnkHYRl
Program path & name:
c:\windows\system32\pmnkhyrl.dll"
Enabled: [V]
Program:
"Google Desktop"
Publisher:
"(Not verified) Google"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
Program path & name:
"c:\program files\google\google desktop search\googledesktopnetwork3.dll"
Enabled: [V]
Program:
"Google Desktop"
Publisher:
"(Not verified) Google"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
Program path & name:
"c:\program files\google\google desktop search\googledesktopnetwork3.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
pajgpx.dll
Program path & name:
c:\windows\system32\pajgpx.dll"
Enabled: [V]
Program:
"Fly Device Monitor"
Publisher:
"(Verified) LeapFrog Enterprises Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
FlyMonitor
Program path & name:
"c:\program files\leapfrog\flyworld\bin\flymonitor.exe"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
d04fc48e
Program path & name:
c:\windows\system32\ihcsngwf.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw+0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw+0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw-0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw-0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw00
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw00s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw10
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw10s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw20
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw20s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw30
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw30s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw40
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw40s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw50
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw50s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw60
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw60s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw70
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw70s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw80
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw80s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw90
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bw90s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwa0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwa0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwb0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwb0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwc0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwc0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwd0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwd0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwe0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwe0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwf0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwf0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwfile-8876480
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\gaplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwg0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwg0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwh0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwh0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwi0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwi0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwj0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwj0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwk0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwk0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwl0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwl0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwm0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwm0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwn0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwn0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwo0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwo0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwp0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwp0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwq0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwq0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwr0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwr0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bws0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bws0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwt0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwt0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwu0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwu0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwv0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwv0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bww0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bww0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwx0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwx0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwy0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwy0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwz0
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
bwz0s
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
"BackWeb Runner Application "
Publisher:
"(Not verified) BackWeb Technologies Inc. "
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
offline-8876480
Program path & name:
"c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
Entry name:
0
Program path & name:
File not found: http://www.larasanctuary.com/wallpapers/trlr/002.jpg"
Enabled: [V]
Program:
"Orbit Downloader"
Publisher:
"(Not verified) Orbitdownloader.com"
Entry path:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Entry name:
Orbit.lnk
Program path & name:
"c:\program files\orbitdownloader\orbitdm.exe"
Enabled: [V]
Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Google Update
Program path & name:
"c:\documents and settings\rat boy\local settings\application data\google\update\googleupdate.exe"
Enabled: [V]
Program:
"EXETender Player"
Publisher:
"(Not verified) Exent Technologies Ltd."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Exetender
Program path & name:
"c:\program files\free ride games\gplayer.exe"
Enabled: [V]
Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
Task Scheduler
Entry name:
GoogleUpdateTaskUserS-1-5-21-2000478354-1801674531-682003330-1004.job
Program path & name:
"c:\documents and settings\rat boy\local settings\application data\google\update\googleupdate.exe"
Enabled: [V]
Program:
"Orbitcth"
Publisher:
"(Not verified) Orbitdownloader.com"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Octh Class
Program path & name:
"c:\program files\orbitdownloader\orbitcth.dll"
Enabled: [V]
Program:
"Yahoo! Toolbar"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Yahoo! Toolbar Helper
Program path & name:
"c:\program files\yahoo!\companion\installs\cpn\yt.dll"
Enabled: [V]
Program:
"Desktop Sidebar"
Publisher:
"(Not verified) Idea2"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Idea2 SidebarBrowserMonitor Class
Program path & name:
"c:\program files\desktop sidebar\sbhelp.dll"
Enabled: [V]
Program:
"MegaUpload Toolbar "
Publisher:
"(Verified) Megaupload Limited"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Megaupload Toolbar
Program path & name:
"c:\program files\megauploadtoolbar\megauploadtoolbar.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
{5243b9c8-768c-417d-b76f-e6f4a5dc8ece}
Program path & name:
c:\windows\system32\pajgpx.dll"
Enabled: [V]
Program:
"Yahoo! IE Services"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Yahoo! IE Services Button
Program path & name:
"c:\program files\yahoo!\common\yiesrvc.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
Program path & name:
c:\windows\system32\awttttqh.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
{71E78DD0-1DE0-4942-8B35-56FA09C792F9}
Program path & name:
c:\windows\system32\pmnkhyrl.dll"
Enabled: [V]
Program:
"NIS Shell Extension"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
CNisExtBho Class
Program path & name:
"c:\program files\common files\symantec shared\adblocking\nisshext.dll"
Enabled: [V]
Program:
"GoogleToolbarNotifier"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Google Toolbar Notifier BHO
Program path & name:
"c:\program files\google\googletoolbarnotifier\4.1.805.4472\sw g.dll"
Enabled: [V]
Program:
"Mega Manager IE Click Catcher"
Publisher:
"(Not verified) Megaupload Limited"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
IeMonitorBho Class
Program path & name:
"c:\program files\megaupload\mega manager\megaiemn.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
FDMIECookiesBHO Class
Program path & name:
c:\program files\free download manager\iefdm2.dll"
Enabled: [V]
Program:
"YSidebarIEBHO Module"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
SidebarAutoLaunch Class
Program path & name:
"c:\program files\yahoo!\browser\ysidebariebho.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellExecuteHooks
Entry name:
awttttqh.dll
Program path & name:
c:\windows\system32\awttttqh.dll"
Enabled: [V]
Program:
"Yahoo! Toolbar"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
Entry name:
yt.dll
Program path & name:
"c:\program files\yahoo!\companion\installs\cpn\yt.dll"
Enabled: [V]
Program:
"Yahoo! Toolbar"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
yt.dll
Program path & name:
"c:\program files\yahoo!\companion\installs\cpn\yt.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Extensions
Entry name:
Acez.com - Download Free Screen Savers
Program path & name:
c:\windows\acezlink.htm"
Enabled: [V]
So I downloaded Autoruns and I am deleting those processes atm...
But I have now been getting even more messages from AVG saying that they are finding trojans in my system32 file! *panics*
1. Don't forget to kill entries while in Safe mode.
2. AVG can have false positives. Can you post a screenshot of it's message?
I stopped getting AVG messages and I ran Spybot again and I got rid of the viruses and I immunized. Now all of a sudden this random site pops up again! http://82.98.235.111/dot.gif/?ver=120&cmp=profiling4&uid=7EB355B8EBEA11DD84DF176587CFFFFF&guid=BC612C3B56BF47AC8D68AF5E6E046CA7&affid=176587&rid=zdez&m=ish6&revid=10070&lid=www.google.com%2Fsearch%3Fq=50+cent+bulletproo f+ps2+cheats+codes%26ie=utf-8%26oe=utf-8%26aq=t%26rls=com.google%3Aen-US%3Aofficial%26client=firefox-a&uqs=456&s=0&c1=456&c2=0&uid_track=75f6c5be-bbdc-4e75-8001-de02bb62105a&br=firefox
I booted in safe mode this afternoon and wiped out all those processes.
vBulletin® v3.8.4, Copyright ©2000-2010, Jelsoft Enterprises Ltd.