View Full Version : Infected with Win32 Trojan downloader
Jackygor
2006-10-06, 06:07
New to the forum! tried to google how to get rid of the trojan which led me to this site.
When my computer starts, Spysweeper pops me an ad survey thingy.
Thanks in advance :heart:
Here is the Hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 9:03:07 PM, on 10/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O4 - HKCU\..\RunOnce: [SpySweeperUninstallSurvey] http://products.webroot.com/disp0201.php?pc=64021&rc=5025&ps=T&oc=33&mjv=5&mnv=0&bld=1608&cd=&dcc=&drc=&mo=&sid=1887542126&lang=en&loc=USA&opi=2&omj=5&omn=1&rsc=
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
Hello,
If you have not resolved the problem, we do have this sticky topic:
If you have waited four days for advice post here. (http://forums.spybot.info/showthread.php?p=4836#post4836)
LonnyRJones
2006-10-13, 08:48
Welcome
Start Hijackthis and place a check next to these items If there.
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O4 - HKCU\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
Optional fix >
O4 - HKCU\..\RunOnce: [SpySweeperUninstallSurvey] http://products.webroot.com/disp0201...j=5&omn=1&rsc=
====================================
Hit fix checked and close Hijackthis.
Restart the PC
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
What version of SpyBot S&D is it you have ?
Check for and fix any problems found with SpyBot S&D
Manualy delete C:\WINDOWS\system32\Microsoft.exe
Post a fresh hijackthis log please, be sure to mention any current problems.
Jackygor
2006-10-15, 05:51
I think i m using the newest spybot S&D since i just updated. Same problem occurs, when window starts with all the other programs that starts, that web page about survey thing will pop.
Here is a free Hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 8:51:22 PM, on 10/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O4 - HKCU\..\RunOnce: [SpySweeperUninstallSurvey] http://products.webroot.com/disp0201.php?pc=64021&rc=5025&ps=T&oc=33&mjv=5&mnv=0&bld=1608&cd=&dcc=&drc=&mo=&sid=1887542126&lang=en&loc=USA&opi=2&omj=5&omn=1&rsc=
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O18 - Protocol: bw+0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {83E29F66-D330-4383-80BD-0AA178096F75} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
LonnyRJones
2006-10-15, 09:09
Lets try again with adwatch completly off
You have ad-aware's ad-watch running on your machine.
But prior to doing the fix below with hijackthis it needs to be turned off.
Please do the following.
Open AdAware Se.
Go to AdWatch User Interface.
Go to Tools and Preferences.
At the bottom of the screen you can see two checkable items called Active and Automatic.
Active: This will turn Ad-Watch On\Off without closing it
Automatic: Suspicious activity will be blocked automatically
Uncheck those boxes.
Start Hijackthis and place a check next to these items If there.
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O4 - HKCU\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O4 - HKCU\..\RunOnce: [SpySweeperUninstallSurvey] http://products.webroot.com/disp0201...j=5&omn=1&rsc=
====================================
Hit fix checked and close Hijackthis.
Restart the PC
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
C:\WINDOWS\system32\Microsoft.exe < delete that file, did you ?
Post a fresh hijackthis log please, be sure to mention any current problems.
Jackygor
2006-10-17, 05:20
Sorry for the slow replies, i am busy with my mid terms. Anyways, i have turned off adware thing, and when i restart my computer, the website does not pop up anymore. I could not delete C:\WINDOWS\system32\Microsoft.exe because I could not find that file. And for some reason when i complelety turn off my computer then turn it on again, during the "Loading Windows" it says something along the lines of "Could not find C:\Program" or something.
Here is a fresh Hijackthis log
Logfile of HijackThis v1.99.1
Scan saved at 8:20:31 PM, on 10/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [SpySweeperUninstallSurvey] http://products.webroot.com/disp0201.php?pc=64021&rc=5025&ps=T&oc=33&mjv=5&mnv=0&bld=1608&cd=&dcc=&drc=&mo=&sid=1887542126&lang=en&loc=USA&opi=2&omj=5&omn=1&rsc=
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O18 - Protocol: bw+0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
thanks in advance!
LonnyRJones
2006-10-17, 06:37
Did you fix what i suggested ?
Is ad_watch turned off the way i suggested not just off from the tray (near clock)
Otherwise this would not return
O4 - HKCU\..\RunOnce: [SpySweeperUninstallSurvey]
Post a combofix log
1. Download this file - combofix.exe
http://download.bleepingcomputer.com/sUBs/combofix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
If the log is large You might need to post half in one reply half in another.
Jackygor
2006-10-17, 07:08
Yup, i have done everything you have suggested, except deleting C:\WINDOWS\system32\Microsoft.exe because i could not locate the file.
Here is the comboFix log:
User - 06-10-16 22:06:14.06 Service Pack 2
ComboFix 06.10.16 - Running from: "C:\Documents and Settings\User\Desktop"
((((((((((((((((((((((((((((((( Files Created from 2006-09-16 to 2006-10-16 ))))))))))))))))))))))))))))))))))
2006-10-16 01:56 118,784 -r------- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
2006-10-10 19:31 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-10-07 01:50 217,088 --a------ C:\WINDOWS\system32\libmySQL.dll
2006-10-07 01:50 102,400 --a------ C:\WINDOWS\system32\TrackerNET.dll
2006-10-06 16:44 118,784 -r------- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2006-10-06 16:43 68,992 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys
2006-10-06 16:43 52,992 --a------ C:\WINDOWS\system32\drivers\L8042MOU.SYS
2006-10-06 16:43 36,480 --a------ C:\WINDOWS\system32\drivers\LHidUsbK.sys
2006-10-06 16:42 49,152 --a------ C:\WINDOWS\KHALMNPR.Exe
2006-10-06 16:42 24,704 --a------ C:\WINDOWS\system32\drivers\LHidKE.Sys
2006-10-06 16:42 13,056 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.sys
2006-10-05 21:56 8,704 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2006-10-05 21:56 50,688 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2006-10-05 21:56 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll
2006-10-05 21:56 30,720 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2006-10-05 21:56 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2006-10-05 21:56 127,488 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2006-10-05 19:08 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-10-05 19:08 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-10-05 19:08 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-10-05 19:08 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-10-03 13:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2006-10-03 13:58 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2006-10-03 13:58 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2006-10-03 13:58 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2006-10-03 13:57 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2006-10-03 13:57 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2006-10-03 13:57 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2006-10-03 13:57 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2006-10-03 13:55 94,208 --a------ C:\WINDOWS\amcap.exe
2006-10-03 13:55 675,840 --a------ C:\WINDOWS\vsnp2std.exe
2006-10-03 13:55 61,440 --a------ C:\WINDOWS\vsnp2std.dll
2006-10-03 13:55 53,248 --a------ C:\WINDOWS\system32\csnp2std.dll
2006-10-03 13:55 349,472 --a------ C:\WINDOWS\WindowsXP-KB822603-x86.exe
2006-10-03 13:55 24,832 --a------ C:\WINDOWS\system32\drivers\sncamd.sys
2006-10-03 13:55 20,480 --a------ C:\WINDOWS\FixCamera.exe
2006-10-03 13:55 147,456 --a------ C:\WINDOWS\rsnp2std.dll
2006-10-03 13:55 114,688 --a------ C:\WINDOWS\tsnp2std.exe
2006-10-03 13:55 11,985,280 --a------ C:\WINDOWS\system32\drivers\snp2sxp.sys
2006-10-03 13:43 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2006-10-03 13:42 26,496 --a------ C:\WINDOWS\system32\drivers\USBSTOR.SYS
2006-09-26 08:17 45,056 --a------ C:\WINDOWS\system32\WMErrCHT.dll
2006-09-26 08:14 45,056 --a------ C:\WINDOWS\system32\WMErrCHS.dll
2006-09-26 08:11 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2006-09-26 08:05 778,656 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-09-26 08:05 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2006-09-26 08:05 4,992 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-09-26 08:05 4,288 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-09-26 08:05 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2006-09-26 08:05 27,904 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-09-26 08:05 23,424 --a------ C:\WINDOWS\system32\drivers\avgmfrs.sys
2006-09-26 08:00 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2006-09-26 08:00 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2006-09-26 08:00 65,536 -ra------ C:\WINDOWS\system32\a3d.dll
2006-09-26 08:00 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2006-09-26 08:00 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2006-09-26 08:00 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2006-09-26 08:00 53,248 --------- C:\WINDOWS\system32\wdmioctl.dll
2006-09-26 08:00 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2006-09-26 08:00 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2006-09-26 08:00 49,152 --a------ C:\WINDOWS\system32\DSndUp.exe
2006-09-26 08:00 45,056 --------- C:\WINDOWS\system32\CleanUp.exe
2006-09-26 08:00 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2006-09-26 08:00 393,088 -ra------ C:\WINDOWS\system32\drivers\senfilt.sys
2006-09-26 08:00 23,552 -ra------ C:\WINDOWS\system32\PostProc.dll
2006-09-26 08:00 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2006-09-26 08:00 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2006-09-26 08:00 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2006-09-26 08:00 141,312 -ra------ C:\WINDOWS\system32\drivers\ADIHdAud.sys
2006-09-26 08:00 127,872 -ra------ C:\WINDOWS\system32\drivers\aeaudio.sys
2006-09-26 08:00 1,285,632 --------- C:\WINDOWS\system32\SMMedia.dll
2006-09-26 07:59 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2006-09-26 07:59 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2006-09-26 07:59 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-09-26 07:59 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2006-09-26 07:57 78,976 --a------ C:\WINDOWS\system32\drivers\Rtenicxp.sys
2006-09-26 07:57 29,696 --------- C:\WINDOWS\system32\dev32.exe
2006-09-26 07:57 210,304 --a------ C:\WINDOWS\system32\drivers\m5288.sys
2006-09-26 07:57 167,936 --a------ C:\WINDOWS\system32\coin5288.dll
2006-09-26 07:56 307,200 -ra------ C:\WINDOWS\system32\atiiiexx.dll
2006-09-26 07:54 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2006-09-26 07:54 5,810 -ra------ C:\WINDOWS\system32\drivers\ASACPI.sys
2006-09-26 07:46 98,304 --a------ C:\WINDOWS\system32\msir3jp.dll
2006-09-26 07:46 9,216 --a------ C:\WINDOWS\system32\kbdnecAT.dll
2006-09-26 07:46 838,144 --a------ C:\WINDOWS\system32\chtbrkr.dll
2006-09-26 07:46 70,656 --a------ C:\WINDOWS\system32\korwbrkr.dll
2006-09-26 07:46 7,680 --a------ C:\WINDOWS\system32\kbdnecNT.dll
2006-09-26 07:46 7,168 --a------ C:\WINDOWS\system32\kbdnec95.dll
2006-09-26 07:46 7,168 --a------ C:\WINDOWS\system32\kbdibm02.dll
2006-09-26 07:46 7,168 --a------ C:\WINDOWS\system32\f3ahvoas.dll
2006-09-26 07:46 6,656 --a------ C:\WINDOWS\system32\kbdlk41a.dll
2006-09-26 07:46 6,656 --a------ C:\WINDOWS\system32\c_is2022.dll
2006-09-26 07:46 6,144 --a------ C:\WINDOWS\system32\kbdlk41j.dll
2006-09-26 07:46 6,144 --a------ C:\WINDOWS\system32\kbdax2.dll
2006-09-26 07:46 6,144 --a------ C:\WINDOWS\system32\kbd106n.dll
2006-09-26 07:46 6,144 --a------ C:\WINDOWS\system32\kbd101a.dll
2006-09-26 07:46 6,144 --a------ C:\WINDOWS\system32\kbd101.dll
2006-09-26 07:46 218,112 --a------ C:\WINDOWS\system32\c_g18030.dll
2006-09-26 07:46 1,677,824 --a------ C:\WINDOWS\system32\chsbrkr.dll
2006-09-26 07:45 811,064 --a------ C:\WINDOWS\system32\imjp81k.dll
2006-09-26 07:45 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2006-09-26 07:45 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll
2006-09-26 07:45 76,288 --a------ C:\WINDOWS\system32\uniime.dll
2006-09-26 07:45 6,144 --a------ C:\WINDOWS\system32\kbd106.dll
2006-09-26 07:45 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll
2006-09-26 07:45 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll
2006-09-26 07:45 5,632 --a------ C:\WINDOWS\system32\kbd103.dll
2006-09-26 07:36 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2006-09-26 07:36 0 -rahs---- C:\MSDOS.SYS
2006-09-26 07:36 0 -rahs---- C:\IO.SYS
2006-09-26 07:36 0 --a------ C:\CONFIG.SYS
2006-09-26 07:36 0 --a------ C:\AUTOEXEC.BAT
2006-09-26 07:34 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2006-09-26 07:34 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2006-09-26 07:34 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2006-09-26 07:34 465,176 --a------ C:\WINDOWS\system32\wuapi.dll
2006-09-26 07:34 41,240 --a------ C:\WINDOWS\system32\wups.dll
2006-09-26 07:34 194,328 --a------ C:\WINDOWS\system32\wuaueng1.dll
2006-09-26 07:34 173,536 --a------ C:\WINDOWS\system32\wuweb.dll
2006-09-26 07:34 172,312 --a------ C:\WINDOWS\system32\wuauclt1.exe
2006-09-26 07:34 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2006-09-26 07:34 127,256 --a------ C:\WINDOWS\system32\wucltui.dll
2006-09-26 07:34 124,184 --a------ C:\WINDOWS\system32\wuauclt.exe
2006-09-26 07:34 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2006-09-26 07:34 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2006-09-26 07:34 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll
2006-09-26 07:33 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2006-09-26 07:33 81,920 --a------ C:\WINDOWS\system32\ils.dll
Jackygor
2006-10-17, 07:09
2006-09-26 07:33 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2006-09-26 07:33 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2006-09-26 07:33 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2006-09-26 07:33 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-09-26 07:33 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2006-09-26 07:33 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2006-09-26 07:33 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2006-09-26 07:33 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2006-09-26 07:33 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2006-09-26 07:33 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2006-09-26 07:33 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2006-09-26 07:33 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2006-09-26 07:33 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2006-09-26 07:33 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2006-09-26 07:33 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2006-09-26 07:33 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2006-09-26 07:33 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2006-09-26 07:33 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2006-09-26 07:33 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2006-09-26 07:33 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2006-09-26 07:33 23,040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-09-26 07:33 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2006-09-26 07:33 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2006-09-26 07:33 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2006-09-26 07:33 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-09-26 07:33 128,896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2006-09-26 07:33 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2006-09-26 07:33 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2006-09-26 07:32 97,792 --a------ C:\WINDOWS\system32\comrepl.dll
2006-09-26 07:32 9,728 --a------ C:\WINDOWS\system32\reset.exe
2006-09-26 07:32 80,384 --a------ C:\WINDOWS\system32\charmap.exe
2006-09-26 07:32 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2006-09-26 07:32 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2006-09-26 07:32 56,832 --a------ C:\WINDOWS\system32\sol.exe
2006-09-26 07:32 55,296 --a------ C:\WINDOWS\system32\freecell.exe
2006-09-26 07:32 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2006-09-26 07:32 5,632 --a------ C:\WINDOWS\system32\write.exe
2006-09-26 07:32 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2006-09-26 07:32 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2006-09-26 07:32 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2006-09-26 07:32 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2006-09-26 07:32 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2006-09-26 07:32 33,792 --a------ C:\WINDOWS\system32\regini.exe
2006-09-26 07:32 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2006-09-26 07:32 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2006-09-26 07:32 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2006-09-26 07:32 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe
2006-09-26 07:32 20,992 --a------ C:\WINDOWS\system32\msg.exe
2006-09-26 07:32 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2006-09-26 07:32 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2006-09-26 07:32 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe
2006-09-26 07:32 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2006-09-26 07:32 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2006-09-26 07:32 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2006-09-26 07:32 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2006-09-26 07:32 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2006-09-26 07:32 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2006-09-26 07:32 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2006-09-26 07:32 14,848 --a------ C:\WINDOWS\system32\tscon.exe
2006-09-26 07:32 14,848 --a------ C:\WINDOWS\system32\shadow.exe
2006-09-26 07:32 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe
2006-09-26 07:32 126,976 --a------ C:\WINDOWS\system32\mshearts.exe
2006-09-26 07:32 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2006-09-26 07:32 114,688 --a------ C:\WINDOWS\system32\calc.exe
2006-09-26 07:32 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2006-09-26 07:31 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll
2006-09-26 07:31 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2006-09-26 07:31 91,136 --a------ C:\WINDOWS\system32\mtxoci.dll
2006-09-26 07:31 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2006-09-26 07:31 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2006-09-26 07:31 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2006-09-26 07:31 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2006-09-26 07:31 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll
2006-09-26 07:31 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2006-09-26 07:31 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2006-09-26 07:31 60,416 --a------ C:\WINDOWS\system32\colbact.dll
2006-09-26 07:31 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2006-09-26 07:31 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2006-09-26 07:31 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2006-09-26 07:31 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2006-09-26 07:31 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2006-09-26 07:31 538,624 --a------ C:\WINDOWS\system32\spider.exe
2006-09-26 07:31 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll
2006-09-26 07:31 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2006-09-26 07:31 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2006-09-26 07:31 407,552 --a------ C:\WINDOWS\system32\mstsc.exe
2006-09-26 07:31 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2006-09-26 07:31 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2006-09-26 07:31 347,136 --a------ C:\WINDOWS\system32\hypertrm.dll
2006-09-26 07:31 343,040 --a------ C:\WINDOWS\system32\mspaint.exe
2006-09-26 07:31 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2006-09-26 07:31 225,792 --a------ C:\WINDOWS\system32\catsrv.dll
2006-09-26 07:31 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2006-09-26 07:31 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2006-09-26 07:31 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2006-09-26 07:31 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2006-09-26 07:31 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2006-09-26 07:31 183,808 --a------ C:\WINDOWS\system32\accwiz.exe
2006-09-26 07:31 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2006-09-26 07:31 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2006-09-26 07:31 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2006-09-26 07:31 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2006-09-26 07:31 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2006-09-26 07:31 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe
2006-09-26 07:31 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2006-09-26 07:31 123,392 --a------ C:\WINDOWS\system32\mplay32.exe
2006-09-26 07:31 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2006-09-26 07:31 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2006-09-26 07:31 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2006-09-26 07:31 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2006-09-26 07:31 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe
2006-09-26 07:31 1,267,200 --a------ C:\WINDOWS\system32\comsvcs.dll
2006-09-26 00:19 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2006-09-26 00:19 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2006-09-26 00:18 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2006-09-26 00:17 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2006-09-26 00:17 8,704 --a------ C:\WINDOWS\system32\batt.dll
2006-09-26 00:17 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2006-09-26 00:17 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2006-09-26 00:17 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2006-09-26 00:17 69,120 --a------ C:\WINDOWS\NOTEPAD.EXE
2006-09-26 00:17 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2006-09-26 00:17 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2006-09-26 00:17 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2006-09-26 00:17 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2006-09-26 00:17 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2006-09-26 00:17 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2006-09-26 00:17 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2006-09-26 00:17 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2006-09-26 00:17 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2006-09-26 00:17 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2006-09-26 00:17 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2006-09-26 00:17 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2006-09-26 00:17 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2006-09-26 00:17 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2006-09-26 00:17 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2006-09-26 00:17 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2006-09-26 00:17 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdycc.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbduzb.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdur.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdtat.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdru1.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdru.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdkaz.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdbu.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdblr.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2006-09-26 00:17 5,632 -ra------ C:\WINDOWS\system32\kbdaze.dll
2006-09-26 00:17 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2006-09-26 00:17 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2006-09-26 00:17 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2006-09-26 00:17 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2006-09-26 00:17 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2006-09-26 00:17 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2006-09-24 07:03 172,032 --a------ C:\WINDOWS\system32\lame_enc.dll
2006-09-24 07:03 13,312 --a------ C:\WINDOWS\system32\Lame4VB.dll
Jackygor
2006-10-17, 07:09
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-10-16 21:46 -------- d-------- C:\Program Files\Mozilla Firefox
2006-10-16 15:47 -------- d-------- C:\Documents and Settings\User\Application Data\uTorrent
2006-10-16 01:36 -------- d---s---- C:\Documents and Settings\User\Application Data\Microsoft
2006-10-11 20:56 -------- d-------- C:\Program Files\SpywareBlaster
2006-10-09 22:51 -------- d-------- C:\Program Files\Personal Media Manager
2006-10-09 20:25 -------- d-------- C:\Documents and Settings\User\Application Data\AdobeUM
2006-10-09 20:25 -------- d-------- C:\Documents and Settings\User\Application Data\Adobe
2006-10-09 17:51 -------- d-------- C:\Program Files\Common Files\Adobe
2006-10-09 17:50 877 --a------ C:\Documents and Settings\User\Application Data\AdobeDLM.log
2006-10-09 17:50 0 --a------ C:\Documents and Settings\User\Application Data\dm.ini
2006-10-09 17:50 -------- d-------- C:\Program Files\Adobe
2006-10-09 17:40 -------- d-------- C:\Program Files\Common Files
2006-10-09 12:44 -------- d-------- C:\Program Files\Absolute MP3 Splitter
2006-10-07 02:12 -------- d-------- C:\Documents and Settings\User\Application Data\Apple Computer
2006-10-06 16:45 -------- d-------- C:\Documents and Settings\User\Application Data\Logitech
2006-10-06 16:44 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-06 16:44 -------- d-------- C:\Program Files\Logitech
2006-10-06 16:42 -------- d-------- C:\Program Files\Common Files\Logitech
2006-10-06 12:02 -------- d-------- C:\Documents and Settings\User\Application Data\vlc
2006-10-05 22:12 -------- d-------- C:\Documents and Settings\User\Application Data\Datalayer
2006-10-05 22:11 -------- d-------- C:\Documents and Settings\User\Application Data\Nokia
2006-10-05 22:03 -------- d-------- C:\Program Files\Nokia
2006-10-05 22:03 -------- d-------- C:\Program Files\DIFX
2006-10-05 22:03 -------- d-------- C:\Program Files\Common Files\PCSuite
2006-10-05 22:03 -------- d-------- C:\Program Files\Common Files\Nokia
2006-10-05 22:03 -------- d-------- C:\Documents and Settings\User\Application Data\PC Suite
2006-10-05 18:59 -------- d-------- C:\Program Files\System Security Suite 1.04
2006-10-05 17:10 -------- d-------- C:\Program Files\Grisoft
2006-10-04 22:21 -------- d-------- C:\Program Files\Microsoft Encarta
2006-10-04 22:20 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-10-04 18:42 -------- d-------- C:\Documents and Settings\User\Application Data\Lavasoft
2006-10-04 18:41 -------- d-------- C:\Program Files\Lavasoft RegHance
2006-10-04 18:41 -------- d-------- C:\Program Files\Lavasoft
2006-10-04 17:06 -------- d-------- C:\Program Files\SC
2006-10-03 18:13 -------- d-------- C:\Program Files\WinRAR
2006-10-03 16:43 -------- d-------- C:\Documents and Settings\User\Application Data\Sun
2006-10-03 16:42 -------- d-------- C:\Program Files\Java
2006-10-03 16:40 -------- d-------- C:\Program Files\Common Files\Java
2006-10-03 14:09 -------- d-------- C:\Program Files\MSN Messenger
2006-10-03 14:02 -------- d-------- C:\Documents and Settings\User\Application Data\Talkback
2006-10-03 14:02 -------- d-------- C:\Documents and Settings\User\Application Data\Mozilla
2006-10-03 13:55 -------- d-------- C:\Program Files\Common Files\snp2std
2006-10-03 01:13 -------- d-------- C:\Program Files\uTorrent
2006-10-03 00:56 -------- d-------- C:\Documents and Settings\User\Application Data\Macromedia
2006-10-03 00:55 -------- d-------- C:\Program Files\VideoLAN
2006-10-03 00:12 -------- d-------- C:\Program Files\EphPod
2006-10-02 23:26 -------- d-------- C:\Program Files\iTunes
2006-10-02 23:26 -------- d-------- C:\Program Files\iPod
2006-10-02 23:25 -------- d-------- C:\Program Files\QuickTime
2006-10-02 23:25 -------- d-------- C:\Program Files\Apple Software Update
2006-10-02 23:20 -------- d-------- C:\Program Files\Messenger
2006-10-02 23:19 -------- d-------- C:\Program Files\Windows Media Player
2006-10-02 23:19 -------- d-------- C:\Program Files\Internet Explorer
2006-10-02 23:16 -------- d-------- C:\Program Files\Outlook Express
2006-10-02 23:16 -------- d-------- C:\Program Files\Common Files\System
2006-09-26 08:09 -------- d-------- C:\Program Files\Microsoft.NET
2006-09-26 08:09 -------- d-------- C:\Program Files\Microsoft Works
2006-09-26 08:09 -------- d-------- C:\Program Files\Microsoft Visual Studio
2006-09-26 08:09 -------- d-------- C:\Program Files\Microsoft Office
2006-09-26 08:09 -------- d-------- C:\Program Files\Microsoft ActiveSync
2006-09-26 08:09 -------- d-------- C:\Program Files\Common Files\DESIGNER
2006-09-26 08:05 -------- d-------- C:\Documents and Settings\User\Application Data\AVG7
2006-09-26 08:00 -------- d-------- C:\Program Files\Analog Devices
2006-09-26 07:57 -------- d-------- C:\Program Files\Common Files\InstallShield
2006-09-26 07:57 -------- d-------- C:\Documents and Settings\User\Application Data\Help
2006-09-26 07:56 -------- d-------- C:\Program Files\ATI Technologies
2006-09-26 07:43 -------- d--h----- C:\Program Files\Uninstall Information
2006-09-26 07:43 -------- d-------- C:\Documents and Settings\User\Application Data\Identities
2006-09-26 07:36 -------- d-------- C:\Program Files\xerox
2006-09-26 07:36 -------- d-------- C:\Program Files\microsoft frontpage
2006-09-26 07:35 -------- d--h----- C:\Program Files\WindowsUpdate
2006-09-26 07:35 -------- d-------- C:\Program Files\Online Services
2006-09-26 07:34 -------- d-------- C:\Program Files\NetMeeting
2006-09-26 07:34 -------- d-------- C:\Program Files\Common Files\Services
2006-09-26 07:34 -------- d-------- C:\Program Files\Common Files\MSSoap
2006-09-26 07:33 -------- d-------- C:\Program Files\Movie Maker
2006-09-26 07:32 -------- d-------- C:\Program Files\Windows NT
2006-09-26 07:32 -------- d-------- C:\Program Files\MSN Gaming Zone
2006-09-26 07:32 -------- d-------- C:\Program Files\ComPlus Applications
2006-09-26 07:31 -------- d-------- C:\Program Files\MSN
2006-09-26 00:17 62 --ahs---- C:\Documents and Settings\User\Application Data\desktop.ini
2006-09-26 00:17 -------- d-------- C:\Program Files\Common Files\SpeechEngines
2006-09-26 00:17 -------- d-------- C:\Program Files\Common Files\ODBC
2006-09-12 22:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-08-25 08:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-16 04:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
2006-08-16 02:37 225664 --a------ C:\WINDOWS\system32\drivers\tcpip6.sys
2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll
2006-07-21 01:24 72704 --a------ C:\WINDOWS\system32\hlink.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"AWMON"="\"C:\\Program Files\\Lavasoft\\Ad-Aware SE Professional\\Ad-Watch.exe\""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"SpySweeperUninstallSurvey"="http://products.webroot.com/disp0201.php?pc=64021&rc=5025&ps=T&oc=33&mjv=5&mnv=0&bld=1608&cd=&dcc=&drc=&mo=&sid=1887542126&lang=en&loc=USA&opi=2&omj=5&omn=1&rsc="
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"MSPY2002"="\"C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe\" /SYNC"
"PHIME2002ASync"="\"C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE\" /SYNC"
"PHIME2002A"="\"C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE\" /IMEName"
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"High Definition Audio Property Page Shortcut"="HDAShCut.exe"
"SoundMAX"="\"C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe\" /tray"
"AVG7_CC"="\"C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe\" /STARTUP"
"SoundMAXPnP"="\"C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe\""
"FixCamera"="C:\\WINDOWS\\FixCamera.exe"
"tsnp2std"="C:\\WINDOWS\\tsnp2std.exe"
"snp2std"="C:\\WINDOWS\\vsnp2std.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe\""
"startkey"="C:\\WINDOWS\\system32\\Microsoft.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
backup-20061016-201402-770
O4 - HKCU\..\RunOnce: [SpySweeperUninstallSurvey] http://products.webroot.com/disp0201.php?pc=64021&rc=5025&ps=T&oc=33&mjv=5&mnv=0&bld=1608&cd=&dcc=&drc=&mo=&sid=1887542126&lang=en&loc=USA&opi=2&omj=5&omn=1&rsc=
backup-20061016-201402-136
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
backup-20061016-201402-990
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20061015-110844-927
O4 - HKCU\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
backup-20061015-110844-707
O4 - HKCU\..\RunOnce: [SpySweeperUninstallSurvey] http://products.webroot.com/disp0201.php?pc=64021&rc=5025&ps=T&oc=33&mjv=5&mnv=0&bld=1608&cd=&dcc=&drc=&mo=&sid=1887542126&lang=en&loc=USA&opi=2&omj=5&omn=1&rsc=
backup-20061015-110844-134
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
backup-20061014-204556-710
O4 - HKCU\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
backup-20061014-204556-730
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
backup-20061014-203147-293
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
backup-20061014-203147-514
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20061014-203147-597
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
Completion time: 06-10-16 22:06:45.81
C:\ComboFix.txt ... 06-10-16 22:06
LonnyRJones
2006-10-17, 07:58
Uninstall Ad-Aware for now, we can install it again later.
Post another hijackthis log after uninstalling ad-aware
Jackygor
2006-10-17, 09:07
Uninstalled Ad-aware and restarted computer
Hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 12:06:46 AM, on 10/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunes.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\HJT\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O18 - Protocol: bw+0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
LonnyRJones
2006-10-17, 09:20
Scan and fix this item with Hijackthis
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
=================
Check for updates with SpyBot then check for and fix and problems found, afterwards restart your PC and post a new hijackthis log
Jackygor
2006-10-18, 02:04
Checked on spybot and deleted the thing that it suggested. Deleted the thing you told me to with Hijackthis
Here is the new Hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 4:48:58 PM, on 10/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\HJT\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O18 - Protocol: bw+0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
Jackygor
2006-10-18, 02:10
Sorry, this is the actual Hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 4:48:58 PM, on 10/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\HJT\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O18 - Protocol: bw+0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
LonnyRJones
2006-10-18, 04:56
Download Pocket Killbox to the desktop (version 2.0.0.648)
http://www.downloads.subratam.org/KillBox.exe
If you already have killbox ensure it is the latest version. ?
Start Killbox place a tick next to [x]Delete on reboot Press the ALL Files button
Copy this whole list into the windows clipboard, all the Bolded below.
c:\WINDOWS\system32\plugin1.dat
C:\SysPr.prx
c:\WINDOWS\system32\SysPr.prx
C:\WINDOWS\system32\Microsoft.exe
Back in Killbox go > file > paste from clipboard,
Click the red highlighted X button and say yes to the prompt to restart the pc.
scan and fix this item with hijackthis
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
Post back with another log in about a day
Jackygor
2006-10-19, 03:20
here is a fresh hijackthis log !
Logfile of HijackThis v1.99.1
Scan saved at 6:18:22 PM, on 10/18/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\HJT\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{038D8B8B-95A3-4E6D-9823-AD167F665135}: NameServer = 192.168.0.1,192.168.89.1
O18 - Protocol: bw+0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {C1589B9A-6454-46A5-AD33-9C1900EC47CB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
LonnyRJones
2006-10-19, 03:24
Looks ok, any problems to mention ?
You can Re-Install Ad-Aware now
Jackygor
2006-10-19, 05:41
Nop! no problems now :bigthumb:
thanks for your help! :D:
LonnyRJones
2006-10-19, 07:47
Good
Think Prevention: Put in place a good hosts file
http://www.mvps.org/winhelp2002/hosts.htm
How To Download and Extract the HOSTS file:
http://www.mvps.org/winhelp2002/hosts2.htm
Repeat that proccess about once or twice a month
To help avoid reinfection see "So how did I get infected in the first place?"
http://forums.spybot.info/showthread.php?t=279
As the problem appears to be resolved this topic has been archived. :)
If you need it re-opened please send me or your helper a private message (pm) and provide a link to the thread; this applies only to the original topic starter.