TheHijackedOne
2009-05-20, 20:45
Hi. I have some problems with trojans.
Software I already used: Avast; Spybot
They didn't notice anything during scans.
Well, something bad began to happen. The firewall of my Windows XP was turned off, with no way to turn it back in. It even didn't sent me any notice that I'm unprotected. I noticed it when he sound was somehow disabled (like if there were no devices nor drivers), but I can eneble this one in Services manualy; I also started to get "Generic Host Process for Win32 Services". My windows of programs sometimes get the very simplistic, archaic look too.
Then I tried to fight and search for trojans etc. (helping myself with the list of "system starting points" if I translate it correctly).
I write this all, because I possibly deleted some, since the "Generic Host Process for Win32 Services" didn't appear last time I restarted my computer. I'm only worried if I did it in the right way.
Anyway, since I was firewall-less I downloaded PC Tools Firewall and Spy Doctor. The latter found following infections:
-lots of adware
-Trojan Generic - twice
-Trojan-Downloader.Obfuscated.N - once
-Worm Autorun.DHA - five times
I don't know how to fight them now, hence my ask for your help.
I followed the instructions and used ERUNT.
Now here's the log from the HijackedThis:
==============================================
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:42:57, on 2009-05-20
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\PC Tools Firewall Plus\FWService.exe
D:\Program Files\CyberLink\Shared Files\RichVideo.exe
D:\Program Files\Spyware Doctor\pctsAuxs.exe
D:\Program Files\Spyware Doctor\pctsSvc.exe
D:\WINDOWS\System32\snmp.exe
d:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\wdfmgr.exe
D:\WINDOWS\system32\vmnat.exe
D:\Program Files\VMware\VMware Player\vmware-authd.exe
D:\WINDOWS\system32\vmnetdhcp.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\lg_fwupdate\fwupdate.exe
D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
D:\Program Files\Nero\Nero 7\InCD\InCD.exe
D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\VMware\VMware Player\hqtray.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
D:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
D:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\Spyware Doctor\pctsTray.exe
D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
D:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
D:\Program Files\Common Files\Teleca Shared\Generic.exe
D:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
D:\PROGRA~1\NEOSTR~1\NeostradaTP.exe
D:\PROGRA~1\NEOSTR~1\ComComp.exe
D:\PROGRA~1\NEOSTR~1\Watch.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\wscntfy.exe
d:\progra~1\common~1\instal~1\update~1\isuspm.exe
D:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - D:\Program Files\free-downloads.net\tbfree.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - D:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - D:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - D:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - D:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NVRTCLK] D:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [PathNvidiaTV] D:\Program Files\Gigabyte\Nvidia\patchnvidiaTVout.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [VGAUtil] D:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [EasyTuneV] D:\Program Files\Gigabyte\ET5\GUI.exe
O4 - HKLM\..\Run: [LGODDFU] "D:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "D:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DialerKiller] D:\Program Files\Dialer Killer\DialKill.exe -h
O4 - HKLM\..\Run: [VMware hqtray] "D:\Program Files\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] D:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] D:\Program Files\Corel\Corel Graphics 12\Languages\PL\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=052209 serial=DR12WEN-2506111-JSP lang=PL
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "D:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "D:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "D:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [LogitechSetup] H:\Setup\Setup.exe /start /restart /l:enu
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [00PCTFW] "D:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [ISTray] "D:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] D:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [PeerGuardian] D:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [InternetCalls] "D:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
O4 - HKCU\..\Run: [HEXelon MAX] "D:\Documents and Settings\Admin\Pulpit\HEXelonMAX_pack\HEXelonMAX6\hexelon.exe" /auto
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AllerCalc] "D:\Program Files\AllerCalc\AllerCalc.exe" /i
O4 - HKCU\..\Run: [Gadu-Gadu] "D:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - Startup: ERUNT AutoBackup.lnk = D:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: OpenOffice.org 3.0.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Rejestrowanie produktów Corela.lnk = D:\Program Files\Corel\Graphics9\Register\Remind32.exe
O4 - Global Startup: DSLMON.lnk = D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\program files\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: d:\program files\vmware\vmware player\vsocklib.dll
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1231266424937
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.6.0_11) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{AE797DFA-BF7E-4490-BA76-9CF39BBD10CB}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: bw+0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - D:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - D:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - D:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - D:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - D:\Program Files\VMware\VMware Player\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - D:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - D:\WINDOWS\system32\vmnat.exe
--
End of file - 28249 bytes
==============================================
Thanks in advance for any help :alien:
Uh... I meant "Generic Host Process for Win32 Services" error, of course - sorry.
Software I already used: Avast; Spybot
They didn't notice anything during scans.
Well, something bad began to happen. The firewall of my Windows XP was turned off, with no way to turn it back in. It even didn't sent me any notice that I'm unprotected. I noticed it when he sound was somehow disabled (like if there were no devices nor drivers), but I can eneble this one in Services manualy; I also started to get "Generic Host Process for Win32 Services". My windows of programs sometimes get the very simplistic, archaic look too.
Then I tried to fight and search for trojans etc. (helping myself with the list of "system starting points" if I translate it correctly).
I write this all, because I possibly deleted some, since the "Generic Host Process for Win32 Services" didn't appear last time I restarted my computer. I'm only worried if I did it in the right way.
Anyway, since I was firewall-less I downloaded PC Tools Firewall and Spy Doctor. The latter found following infections:
-lots of adware
-Trojan Generic - twice
-Trojan-Downloader.Obfuscated.N - once
-Worm Autorun.DHA - five times
I don't know how to fight them now, hence my ask for your help.
I followed the instructions and used ERUNT.
Now here's the log from the HijackedThis:
==============================================
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:42:57, on 2009-05-20
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\PC Tools Firewall Plus\FWService.exe
D:\Program Files\CyberLink\Shared Files\RichVideo.exe
D:\Program Files\Spyware Doctor\pctsAuxs.exe
D:\Program Files\Spyware Doctor\pctsSvc.exe
D:\WINDOWS\System32\snmp.exe
d:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\wdfmgr.exe
D:\WINDOWS\system32\vmnat.exe
D:\Program Files\VMware\VMware Player\vmware-authd.exe
D:\WINDOWS\system32\vmnetdhcp.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\lg_fwupdate\fwupdate.exe
D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
D:\Program Files\Nero\Nero 7\InCD\InCD.exe
D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\VMware\VMware Player\hqtray.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
D:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
D:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\Spyware Doctor\pctsTray.exe
D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
D:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
D:\Program Files\Common Files\Teleca Shared\Generic.exe
D:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
D:\PROGRA~1\NEOSTR~1\NeostradaTP.exe
D:\PROGRA~1\NEOSTR~1\ComComp.exe
D:\PROGRA~1\NEOSTR~1\Watch.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\wscntfy.exe
d:\progra~1\common~1\instal~1\update~1\isuspm.exe
D:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - D:\Program Files\free-downloads.net\tbfree.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - D:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - D:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - D:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - D:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NVRTCLK] D:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [PathNvidiaTV] D:\Program Files\Gigabyte\Nvidia\patchnvidiaTVout.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [VGAUtil] D:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [EasyTuneV] D:\Program Files\Gigabyte\ET5\GUI.exe
O4 - HKLM\..\Run: [LGODDFU] "D:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "D:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DialerKiller] D:\Program Files\Dialer Killer\DialKill.exe -h
O4 - HKLM\..\Run: [VMware hqtray] "D:\Program Files\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] D:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] D:\Program Files\Corel\Corel Graphics 12\Languages\PL\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=052209 serial=DR12WEN-2506111-JSP lang=PL
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "D:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "D:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "D:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [LogitechSetup] H:\Setup\Setup.exe /start /restart /l:enu
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [00PCTFW] "D:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [ISTray] "D:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] D:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [PeerGuardian] D:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [InternetCalls] "D:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
O4 - HKCU\..\Run: [HEXelon MAX] "D:\Documents and Settings\Admin\Pulpit\HEXelonMAX_pack\HEXelonMAX6\hexelon.exe" /auto
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AllerCalc] "D:\Program Files\AllerCalc\AllerCalc.exe" /i
O4 - HKCU\..\Run: [Gadu-Gadu] "D:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - Startup: ERUNT AutoBackup.lnk = D:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: OpenOffice.org 3.0.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Rejestrowanie produktów Corela.lnk = D:\Program Files\Corel\Graphics9\Register\Remind32.exe
O4 - Global Startup: DSLMON.lnk = D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\program files\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: d:\program files\vmware\vmware player\vsocklib.dll
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1231266424937
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.6.0_11) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{AE797DFA-BF7E-4490-BA76-9CF39BBD10CB}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: bw+0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D0DB11A3-C96B-495D-A88D-52B411CFB5DC} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - D:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - D:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - D:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - D:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - D:\Program Files\VMware\VMware Player\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - D:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - D:\WINDOWS\system32\vmnat.exe
--
End of file - 28249 bytes
==============================================
Thanks in advance for any help :alien:
Uh... I meant "Generic Host Process for Win32 Services" error, of course - sorry.