Hello and thanks in advance for taking a look at this problem on my PC. Has been driving me crazy.
About a week ago I got lot of automatic IE launches to various sites that TrendMicro blocked. I installed and ran spybot and it detected various Trojans. Cleaned it up, but next day IE launched automatically several time but to one site only <http://209.9.170.172/jump.php?wmid=6010&mid=MjI6Og==&lid=37&p=01&ctrid=POPUP> again blocked by TrendMicro. Each time I run spybot it detects Zlob.Downloader.vcd, remove it and it later reappears like an unwanted friend!
Okay here is the Kaspersky log.
Thursday, May 22, 2008 2:36:47 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 21/05/2008
Kaspersky Anti-Virus database records: 791626
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
E:\
F:\
Scan Statistics
Total number of scanned objects 93357
Number of viruses found 8
Number of infected objects 19
Number of suspicious objects 0
Duration of the scan process 02:05:53
Infected Object Name Virus Name Last Action
C:\aaff970b873b9c7bc6206f\admparse.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\admparse.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\advpack.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\advpack.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\browseui.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\corpol.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\custsat.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\dxtmsft.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\dxtrans.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\extmgr.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\extmgr.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\feeddisc.wav Object is locked skipped
C:\aaff970b873b9c7bc6206f\hmmapi.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\hmmapi.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\html.iec Object is locked skipped
C:\aaff970b873b9c7bc6206f\html.iec.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\icardie.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\icardie.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\icrav03.rat Object is locked skipped
C:\aaff970b873b9c7bc6206f\ie4uinit.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\ie4uinit.exe.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieakeng.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieakeng.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieakmmc.chm Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieaksie.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieaksie.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieakui.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieakui.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieapfltr.dat Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieapfltr.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\iedkcs32.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\iedkcs32.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\iedw.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\iedw.exe.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieencode.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieeula.chm Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieframe.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieframe.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\iepeers.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\iepeers.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieproxy.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\iernonce.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\iernonce.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\iertutil.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\iesetup.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\iesetup.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\iesupp.chm Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieudinit.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieui.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieui.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieuinit.inf Object is locked skipped
C:\aaff970b873b9c7bc6206f\ieunatt.exe.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\iexplore.chm Object is locked skipped
C:\aaff970b873b9c7bc6206f\iexplore.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\iexplore.exe.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\imgutil.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\inetcorp.iem Object is locked skipped
C:\aaff970b873b9c7bc6206f\inetcpl.cpl Object is locked skipped
C:\aaff970b873b9c7bc6206f\inetcpl.cpl.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\inetres.adm Object is locked skipped
C:\aaff970b873b9c7bc6206f\inetset.iem Object is locked skipped
C:\aaff970b873b9c7bc6206f\infobar.wav Object is locked skipped
C:\aaff970b873b9c7bc6206f\inseng.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\inseng.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\install.ins Object is locked skipped
C:\aaff970b873b9c7bc6206f\jscript.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\jsproxy.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\licmgr10.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\licmgr10.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\msfeeds.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\msfeeds.mof Object is locked skipped
C:\aaff970b873b9c7bc6206f\msfeedsbs.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\msfeedsbs.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\msfeedsbs.mof Object is locked skipped
C:\aaff970b873b9c7bc6206f\msfeedssync.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\mshta.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\mshta.exe.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\mshtml.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\mshtml.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\mshtml.tlb Object is locked skipped
C:\aaff970b873b9c7bc6206f\mshtmled.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\mshtmled.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\mshtmler.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\mshtmler.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\msls31.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\msrating.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\msrating.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\mstime.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\navstart.wav Object is locked skipped
C:\aaff970b873b9c7bc6206f\occache.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\occache.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\occache.ini Object is locked skipped
C:\aaff970b873b9c7bc6206f\pngfilt.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\popupblk.wav Object is locked skipped
C:\aaff970b873b9c7bc6206f\shdocvw.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\shlwapi.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\spmsg.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\spuninst.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\spupdsvc.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\tdc.ocx Object is locked skipped
C:\aaff970b873b9c7bc6206f\ticrf.rat Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\eula.rtf Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\idndl.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\ie7.cat Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\iecustom.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\iereseticons.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\iesetup.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\legitlibm.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\nlsdl.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\update.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\update.exe.manifest Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\update.inf Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\update.ver Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\updspapi.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\update\xmllitesetup.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\url.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\urlmon.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\urlmon.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\vbscript.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\vgx.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\webcheck.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\webcheck.dll.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\webcheck.ini Object is locked skipped
C:\aaff970b873b9c7bc6206f\winfxdocobj.exe Object is locked skipped
C:\aaff970b873b9c7bc6206f\winfxdocobj.exe.mui Object is locked skipped
C:\aaff970b873b9c7bc6206f\wininet.dll Object is locked skipped
C:\aaff970b873b9c7bc6206f\wininet.dll.mui Object is locked skipped
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012008052120080522\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012008052220080523\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\MPSampleSubmit\a0005069.exe.xor Infected: Trojan-Downloader.Win32.Zlob.jbe skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\MPSampleSubmit\a0008085.exe.xor Infected: Trojan-Downloader.Win32.Zlob.jbe skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\MPSampleSubmit\a0019984.dll.xor Infected: Trojan.Win32.Vapsup.fem skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\MPSampleSubmit\a0019986.dll.xor Infected: Trojan.Win32.Vapsup.fen skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\MPSampleSubmit\a0019987.dll.xor Infected: Trojan.Win32.Vapsup.fep skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\MPSampleSubmit\a0020080.dll.xor Infected: Trojan.Win32.Vapsup.fen skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\MPSampleSubmit\setup.exe.xor Infected: Trojan-Downloader.Win32.Zlob.jbe skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\MPSampleSubmit\vbgtorfd.dll.xor Infected: not-a-virus:AdWare.Win32.Vapsup.dal skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\My Documents\My Downloads\installer_abr.exe Infected: not-a-virus:FraudTool.Win32.SpywareIsolator.u skipped
C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Pure Networks\Log\logfile.nmapp_exe.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Pure Networks\Log\logfile.nmctxth_exe.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Pure Networks\Log\logfile.nmsrvc_exe.txt Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\BWDocMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\BWInfopakMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\chandir.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\chandir.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\chn.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\chn.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\inuse.txt Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\L0000002.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\main.log Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_die.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_die.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\storydb.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\storydb.idx Object is locked skipped
C:\Program Files\Steam\logs\connection_log.txt Object is locked skipped
C:\Program Files\Steam\Steam.log Object is locked skipped
C:\Program Files\Steam\steamapps\base source engine 2.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\half-life 2 deathmatch.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\portal content.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\portal english.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\portal the first slice.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\source 2007 binaries.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\source 2007 shared materials.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\source 2007 shared models.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\source 2007 shared sounds.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\source engine.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\source materials.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\source models.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\source sounds.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\sourceinit.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\winui.gcf Object is locked skipped
C:\RECYCLER\S-1-5-21-1614895754-2139871995-839522115-500\Dc46\Elby CloneDVD 2.4.5.4\Crack\Keygen.exe Infected: Trojan-Dropper.Win32.Delf.fd skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{25D095DD-B3DD-44DE-B608-C38DA09063F2}\RP25\A0010379.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped
C:\System Volume Information\_restore{25D095DD-B3DD-44DE-B608-C38DA09063F2}\RP25\A0010379.exe RAR: infected - 1 skipped
C:\System Volume Information\_restore{25D095DD-B3DD-44DE-B608-C38DA09063F2}\RP25\A0010380.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped
C:\System Volume Information\_restore{25D095DD-B3DD-44DE-B608-C38DA09063F2}\RP25\A0010380.exe RAR: infected - 1 skipped
C:\System Volume Information\_restore{25D095DD-B3DD-44DE-B608-C38DA09063F2}\RP84\A0018884.dll Infected: not-a-virus:AdWare.Win32.Vapsup.dal skipped
C:\System Volume Information\_restore{25D095DD-B3DD-44DE-B608-C38DA09063F2}\RP86\A0019986.dll Infected: Trojan.Win32.Vapsup.fen skipped
C:\System Volume Information\_restore{25D095DD-B3DD-44DE-B608-C38DA09063F2}\RP86\A0019987.dll Infected: Trojan.Win32.Vapsup.fep skipped
C:\System Volume Information\_restore{25D095DD-B3DD-44DE-B608-C38DA09063F2}\RP87\A0020080.dll Infected: Trojan.Win32.Vapsup.fen skipped
C:\System Volume Information\_restore{25D095DD-B3DD-44DE-B608-C38DA09063F2}\RP95\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\mpfanvqg.dll Infected: Trojan.Win32.Vapsup.fep skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
Here is the Hijack This log.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:20:26 PM, on 22/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAMP.EXE
C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SEC\MagicTune3.6\GammaTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\My Documents\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: pvnsmfor - {89175504-FC6D-43A2-BB07-E3247659C95A} - C:\WINDOWS\pvnsmfor.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [DVD43] C:\Program Files\DVD Region+CSS Free\DVD43.exe /hidden
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX650 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAMP.EXE /P31 "EPSON Stylus Photo RX650 Series" /O6 "USB001" /M "Stylus Photo RX650"
O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Color Calibration.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: MagicTune 3.6.lnk = ?
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase9563.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1209086766671
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O16 - DPF: {F1D54B0B-B6EA-43B5-BD26-A79D3DBF47E3} (Multidownx Control) - http://bigpondmusic.com/activex/multidownx.cab
O18 - Protocol: bw+0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {FAB6F3EF-6E91-4AF0-92F3-D3E051A3D0E4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: mpfanvqg - {59188D69-1569-46F5-BE2C-AEA1A9EC9D4C} - C:\WINDOWS\mpfanvqg.dll
O21 - SSODL: vbksrofa - {20635C82-35E9-404C-821E-A0911F85E4D6} - C:\WINDOWS\vbksrofa.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
--
End of file - 21794 bytes
I hope I followed the instructions correctly. If not please let me know what else I have to do.
Thanks again.