Results 1 to 6 of 6

Thread: Windows.RedirectedHosts - Disables Spybot

  1. 2006-09-25, 03:33 #1
    ChadTHX1138
    ChadTHX1138 is offline
    Junior Member
    Join Date
    Sep 2006
    Posts
    5

    Default Windows.RedirectedHosts - Disables Spybot

    Hi gang!

    My wife picked up a nasty redirect which wants you to buy thier software to fix the problem etc. Yeah right! the company calls itself "adarmor" by Tenebril
    (pointed out by Tashi)

    Anyway Spy Bot detects it all right but when it comes to repairing it, an ERROR message comes up.

    ERROR

    (cannot create file "C:\WINNT\system32\drivers\etc\hosts

    it says another program is running the same thing so it cannot fix the problem then Spybot locks up and you have to End Spybot.


    Anyway i saved a report...but it is HUGEMONGEOUS should I paste it here or narrow my options?

    Thanks again fellers and keep Fightin the good fight.
  2. 2006-09-25, 04:15 #2
    tashi
    tashi is online now
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,965

    Default

    Hi there.

    I gave the instructions for posting in this forum here:
    http://forums.spybot.info/showthread.php?t=7579

    But you have only repeated your first post.

    Please follow the instructions in this sticky topic:
    "BEFORE you POST" -Preliminary Steps

    Then a helper will advise you as soon as available.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016
  3. 2006-09-25, 07:09 #3
    ChadTHX1138
    ChadTHX1138 is offline
    Junior Member
    Join Date
    Sep 2006
    Posts
    5

    Default Hijack this log

    I will go and get the logs for the online scanners.

    my wife ran Hijackthis, here's the log info...

    Logfile of HijackThis v1.99.1
    Scan saved at 12:00:22 AM, on 9/25/2006
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\NavNT\defwatch.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\system32\hidserv.exe
    c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\NavNT\rtvscan.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\System32\pctspk.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\Program Files\Norton Speed Disk\nopdb.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\Explorer.EXE
    C:\WINNT\System32\mspmspsv.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\MsgSys.EXE
    C:\Program Files\NavNT\vptray.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\WINNT\system32\LVCOMSX.EXE
    E:\bigfight\HijackThis.exe
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\ElkCtrl.exe
    C:\Program Files\Yahoo!\browser\ybrwicon.exe
    C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe
    C:\Program Files\2Wire\2PortalMon.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.5.0\bin\jusched.exe
    C:\PROGRA~1\AWS\WEATHE~1\Weather.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R3 - Default URLSearchHook is missing
    O1 - Hosts: 1223167118 0-0sex.com
    O1 - Hosts: 1223167118 www.0-0sex.com
    O1 - Hosts: 1223167118 1-800-pussy.com
    O1 - Hosts: 1223167118 www.1-800-pussy.com
    O1 - Hosts: 1223167118 1000galeriasporno.com.ar
    O1 - Hosts: 1223167118 www.1000galeriasporno.com.ar
    O1 - Hosts: 1223167118 1000hornysluts.com
    O1 - Hosts: 1223167118 www.1000hornysluts.com
    O1 - Hosts: 1223167118 1000pix.com
    O1 - Hosts: 1223167118 www.1000pix.com
    O1 - Hosts: 1223167118 1001movies.com
    O1 - Hosts: 1223167118 www.1001movies.com
    O1 - Hosts: 1223167118 100orgasms.com
    O1 - Hosts: 1223167118 www.100orgasms.com
    O1 - Hosts: 1223167118 100pour100sexe.com
    O1 - Hosts: 1223167118 www.100pour100sexe.com
    O1 - Hosts: 1223167118 101cumlovers.com
    O1 - Hosts: 1223167118 www.101cumlovers.com
    O1 - Hosts: 1223167118 101pornstars.com
    O1 - Hosts: 1223167118 www.101pornstars.com
    O1 - Hosts: 1223167118 101stars.com
    O1 - Hosts: 1223167118 www.101stars.com
    O1 - Hosts: 1223167118 101teen.com
    O1 - Hosts: 1223167118 www.101teen.com
    O1 - Hosts: 1223167118 11shemales.com
    O1 - Hosts: 1223167118 www.11shemales.com
    O1 - Hosts: 1223167118 121av.com
    O1 - Hosts: 1223167118 www.121av.com
    O1 - Hosts: 1223167118 18enne.com
    O1 - Hosts: 1223167118 www.18enne.com
    O1 - Hosts: 1223167118 18hentai.com
    O1 - Hosts: 1223167118 www.18hentai.com
    O1 - Hosts: 1223167118 18hut.com
    O1 - Hosts: 1223167118 www.18hut.com
    O1 - Hosts: 1223167118 18moviethumbs.com
    O1 - Hosts: 1223167118 www.18moviethumbs.com
    O1 - Hosts: 1223167118 18plusgalleries.com
    O1 - Hosts: 1223167118 www.18plusgalleries.com
    O1 - Hosts: 1223167118 18post.com
    O1 - Hosts: 1223167118 www.18post.com
    O1 - Hosts: 1223167118 18sexbox.com
    O1 - Hosts: 1223167118 www.18sexbox.com
    O1 - Hosts: 1223167118 18tease.com
    O1 - Hosts: 1223167118 www.18tease.com
    O1 - Hosts: 1223167118 18to19.com
    O1 - Hosts: 1223167118 www.18to19.com
    O1 - Hosts: 1223167118 18turnwhores.com
    O1 - Hosts: 1223167118 www.18turnwhores.com
    O1 - Hosts: 1223167118 18yearoldpussy.com
    O1 - Hosts: 1223167118 www.18yearoldpussy.com
    O1 - Hosts: 1223167118 18young.com
    O1 - Hosts: 1223167118 www.18young.com
    O1 - Hosts: 1223167118 1bigthumbup.com
    O1 - Hosts: 1223167118 www.1bigthumbup.com
    O1 - Hosts: 1223167118 1free-porn-finder.com
    O1 - Hosts: 1223167118 www.1free-porn-finder.com
    O1 - Hosts: 1223167118 1freepicsgallery.com
    O1 - Hosts: 1223167118 www.1freepicsgallery.com
    O1 - Hosts: 1223167118 1hardcoreporn.com
    O1 - Hosts: 1223167118 www.1hardcoreporn.com
    O1 - Hosts: 1223167118 1on3sex.com
    O1 - Hosts: 1223167118 www.1on3sex.com
    O1 - Hosts: 1223167118 1sexlinks.com
    O1 - Hosts: 1223167118 www.1sexlinks.com
    O1 - Hosts: 1223167118 1stchoicepornlinks.com
    O1 - Hosts: 1223167118 www.1stchoicepornlinks.com
    O1 - Hosts: 1223167118 1stmovieclub.net
    O1 - Hosts: 1223167118 www.1stmovieclub.net
    O1 - Hosts: 1223167118 2000nakedgirls.com
    O1 - Hosts: 1223167118 www.2000nakedgirls.com
    O1 - Hosts: 1223167118 24-7balckbooty.com
    O1 - Hosts: 1223167118 www.24-7balckbooty.com
    O1 - Hosts: 1223167118 247freeassmovies.com
    O1 - Hosts: 1223167118 www.247freeassmovies.com
    O1 - Hosts: 1223167118 2hotpictures.com
    O1 - Hosts: 1223167118 www.2hotpictures.com
    O1 - Hosts: 1223167118 2hotvideos.com
    O1 - Hosts: 1223167118 www.2hotvideos.com
    O1 - Hosts: 1223167118 2jizz.com
    O1 - Hosts: 1223167118 www.2jizz.com
    O1 - Hosts: 1223167118 2naughty.net
    O1 - Hosts: 1223167118 www.2naughty.net
    O1 - Hosts: 1223167118 2so2.com
    O1 - Hosts: 1223167118 www.2so2.com
    O1 - Hosts: 1223167118 2teens.net
    O1 - Hosts: 1223167118 www.2teens.net
    O1 - Hosts: 1223167118 30galleries.com
    O1 - Hosts: 1223167118 www.30galleries.com
    O1 - Hosts: 1223167118 310exotics.com
    O1 - Hosts: 1223167118 www.310exotics.com
    O1 - Hosts: 1223167118 345blastave.com
    O1 - Hosts: 1223167118 www.345blastave.com
    O1 - Hosts: 1223167118 3mpeg4u.us
    O1 - Hosts: 1223167118 www.3mpeg4u.us
    O1 - Hosts: 1223167118 3pic.com
    O1 - Hosts: 1223167118 www.3pic.com
    O1 - Hosts: 1223167118 3pixxx.com
    O1 - Hosts: 1223167118 www.3pixxx.com
    O1 - Hosts: 1223167118 3xtrem.com
    O1 - Hosts: 1223167118 www.3xtrem.com
    O1 - Hosts: 1223167118 40galleries.com
    O2 - BHO: Yahoo! Companion BHO -
  4. 2006-09-25, 07:10 #4
    ChadTHX1138
    ChadTHX1138 is offline
    Junior Member
    Join Date
    Sep 2006
    Posts
    5

    Default 2nd half

    {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
    O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
    O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINNT\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINNT\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
    O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"
    O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\2PortalMon.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
    O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
    O9 - Extra button: Point Alert - {16BF42FD-CA0A-4f48-819D-B0343254DD67} - C:\WINNT\system32\shdocvw.dll (HKCU)
    O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
    O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} - http://wdownload.weatherbug.com/mini...ansporter.cab?
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info...TunesSetup.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1156474633987
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/40...02/Coupons.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
    O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
    O16 - DPF: {E922EBC9-50D4-4B53-B454-73376453E98D} (LOSActiveX.MainForm) - https://www.xpertonline.net/losactivex/LOSActiveX.CAB
    O18 - Protocol: bw+0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {C3F46953-E965-4A9E-8091-98048E9D3C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: NavLogon - C:\WINNT\System32\NavLogon.dll
    O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
    O23 - Service: W2K PCtel speaker phone (Pctspk) - PCtel, Inc. - C:\WINNT\System32\pctspk.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\Program Files\Norton Speed Disk\nopdb.exe
  5. 2006-10-01, 00:29 #5
    LonnyRJones
    LonnyRJones is offline
    Security Expert-Emeritus
    Join Date
    Oct 2005
    Posts
    5,025

    Default

    Hello

    Replace the file called Hosts , instructions are provided here
    http://www.mvps.org/winhelp2002/hosts.htm
    How To Download and Extract the HOSTS file:
    http://www.mvps.org/winhelp2002/hosts2.htm
    Repeat that proccess about once or twice a month


    How old is your Norton program and is it still able to update ?

    Post another hijackthis log.

    Post a panda report
    Panda ActiveScan-Free online scanner,
    http://www.pandasoftware.com/products/activescan.htm
    Do a full scan > Click the my computer button
    After the scan click see report then Save the report and post it back here please.
    ~~~~~~~~~~~~~~~~~~~~~~~
    Microsoft MVP Windows-Security 2006
  6. 2006-10-09, 08:05 #6
    tashi
    tashi is online now
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,965

    Default

    This topic has been archived.

    If you need it re-opened please send me a private message (pm) and provide a link to the thread.
    Applies only to the original topic starter.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules