Clickspring.PurityScan

F

Frog

New member
I was recently very stupid and downloaded a Diablo II crack (exe) from a questionable website. Around this time I started to receive warnings from AVG/Windwos regarding adware known as Win32/ClickSpring.PuritySCAN. I constantly receive pop-ups, am unknowningly dl'ing random software, seeing high CPU usage and the like. No matter how many times I attempt to delete/quarantine with AVG, the adware always seems to return on reboot. I've seen many others with this problem, so a little help would be nice :).

Here's a scan:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:18:41 PM, on 8/22/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Windows\Dit.exe
C:\Windows\DitExp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\AIM6\aim6.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 151.204.41.29:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SetPoint] C:\Program Files\Logitech\SetPoint\SetPoint.EXE
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Cmaudio8788] RunDll32 cmicnfgp.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [spm.exe] C:\Program Files\Serial Port Mapper\spm.exe /silent
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [avp] C:\Windows\avp.exe
O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
 
Wednesday, August 22, 2007 10:41:25 PM
Operating System: Microsoft Windows Vista Professional, (Build 6000)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 23/08/2007
Kaspersky Anti-Virus database records: 387396
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
G:\
Z:\
Scan Statistics
Total number of scanned objects 132597
Number of viruses found 8
Number of infected objects 16
Number of suspicious objects 0
Duration of the scan process 00:42:24

Infected Object Name Virus Name Last Action
C:\Program Files\DAEMON Tools\SetupDTSB.exe Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\BWDocMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\BWInfopakMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\chandir.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\chandir.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\chn.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\chn.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\inuse.txt Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\L0000002.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\main.log Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\prs.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\prs.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\prs_die.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\prs_die.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\storydb.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\owner\Data\storydb.idx Object is locked skipped
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.621 skipped
C:\Program Files\Stardock\Object Desktop\DeskScapes\keygen.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.lm skipped
C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.68.Crwl Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.68.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.ci Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wsb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001E.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010022.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010026.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy143.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\Ntf65E3.tmp Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\Ntf65E4.tmp Object is locked skipped
C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv01.tmp Object is locked skipped
C:\ProgramData\Microsoft\Windows\DRM\drmstore.hds Object is locked skipped
C:\ProgramData\Microsoft\Windows Defender\Support\MPLog-11022006-050107.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\Users\owner\AppData\Local\AOL OCP\AIM\Storage\All Users\localStorage\common.cls Object is locked skipped
C:\Users\owner\AppData\Local\AOL OCP\AIM\Storage\data\owner\localStorage\common.cls Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007082220070823\index.dat Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N2B0EKRJ\!update-4395[1].0000 Infected: Trojan-Downloader.Win32.PurityScan.dx skipped
C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QXUFDJ0O\mp94[1].htm Infected: Trojan-Downloader.JS.Agent.kd skipped
C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RL37MK6B\mp94[1].htm Infected: Trojan-Downloader.JS.Agent.kd skipped
C:\Users\owner\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Windows\UsrClass.dat{2d49de48-1753-11dc-989d-001a4d4368bb}.TM.blf Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Windows\UsrClass.dat{2d49de48-1753-11dc-989d-001a4d4368bb}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Windows\UsrClass.dat{2d49de48-1753-11dc-989d-001a4d4368bb}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Windows Defender\FileTracker\{4BECDE21-CBC4-40B9-9847-7666A6AED4CD} Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini Object is locked skipped
C:\Users\owner\AppData\Local\Microsoft\Zune\CurrentDatabase_365.wmdb Object is locked skipped
 
C:\Users\owner\AppData\Local\Temp\!update.exe Infected: Trojan-Downloader.Win32.PurityScan.dx skipped
C:\Users\owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt Object is locked skipped
C:\Users\owner\AppData\Local\Temp\gos3A81.tmp Infected: Trojan.Win32.Dialer.qn skipped
C:\Users\owner\AppData\Local\Temp\VVSNInst.exe Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Users\owner\AppData\Local\Temp\win171F.tmp.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.lk skipped
C:\Users\owner\AppData\Local\Temp\win2BBA.tmp.exe Infected: Trojan.Win32.Dialer.qn skipped
C:\Users\owner\AppData\Local\Temp\wnd2AA9.tmp Infected: Trojan.Win32.Dialer.qn skipped
C:\Users\owner\AppData\Local\Temp\wndFAA4.tmp Infected: Trojan.Win32.Dialer.qn skipped
C:\Users\owner\AppData\Local\Temp\~DFE78.tmp Object is locked skipped
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped
C:\Users\owner\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped
C:\Users\owner\Documents\АppPatch\ntvdm.exe Infected: Trojan-Downloader.Win32.PurityScan.dx skipped
C:\Users\owner\NTUSER.DAT Object is locked skipped
C:\Users\owner\ntuser.dat.LOG1 Object is locked skipped
C:\Users\owner\ntuser.dat.LOG2 Object is locked skipped
C:\Users\owner\NTUSER.DAT{0f69446c-6a70-11db-8eb3-985e31beb686}.TxR.0.regtrans-ms Object is locked skipped
C:\Users\owner\NTUSER.DAT{0f69446c-6a70-11db-8eb3-985e31beb686}.TxR.1.regtrans-ms Object is locked skipped
C:\Users\owner\NTUSER.DAT{0f69446c-6a70-11db-8eb3-985e31beb686}.TxR.2.regtrans-ms Object is locked skipped
C:\Users\owner\NTUSER.DAT{0f69446c-6a70-11db-8eb3-985e31beb686}.TxR.blf Object is locked skipped
C:\Users\owner\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf Object is locked skipped
C:\Users\owner\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\owner\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\CSC\v2.0.6\pq Object is locked skipped
C:\Windows\Debug\PASSWD.LOG Object is locked skipped
C:\Windows\Debug\sam.log Object is locked skipped
C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped
C:\Windows\mgrs.exe~ Infected: Trojan-Downloader.Win32.Alphabet.p skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WindowsUpdate.log Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2 Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{0f694465-6a70-11db-8eb3-985e31beb686}.TM.blf Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{0f694465-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{0f694465-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2 Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{0f694461-6a70-11db-8eb3-985e31beb686}.TM.blf Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{0f694461-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{0f694461-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\catroot2\edb.log Object is locked skipped
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\config\COMPONENTS Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped
C:\Windows\System32\config\DEFAULT Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped
C:\Windows\System32\config\RegBack\COMPONENTS Object is locked skipped
C:\Windows\System32\config\RegBack\DEFAULT Object is locked skipped
C:\Windows\System32\config\RegBack\SAM Object is locked skipped
C:\Windows\System32\config\RegBack\SECURITY Object is locked skipped
C:\Windows\System32\config\RegBack\SOFTWARE Object is locked skipped
C:\Windows\System32\config\RegBack\SYSTEM Object is locked skipped
C:\Windows\System32\config\SAM Object is locked skipped
C:\Windows\System32\config\SAM.LOG1 Object is locked skipped
C:\Windows\System32\config\SAM.LOG2 Object is locked skipped
C:\Windows\System32\config\SECURITY Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped
C:\Windows\System32\config\SOFTWARE Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped
C:\Windows\System32\config\SYSTEM Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.blf Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\System32\drivers\sptd.sys Object is locked skipped
C:\Windows\System32\drvbuw.dll Infected: Trojan.Win32.Dialer.qn skipped
C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped
C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTm.blf Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000001 Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000002 Object is locked skipped
C:\Windows\System32\spm-err.log Object is locked skipped
C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped
C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped
C:\Windows\System32\wbem\Repository\INDEX.BTR Object is locked skipped
C:\Windows\System32\wbem\Repository\MAPPING1.MAP Object is locked skipped
C:\Windows\System32\wbem\Repository\MAPPING2.MAP Object is locked skipped
C:\Windows\System32\wbem\Repository\OBJECTS.DATA Object is locked skipped
C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.002 Object is locked skipped
C:\Windows\System32\wfp\wfpdiag.etl Object is locked skipped
C:\Windows\System32\winevt\Logs\ACEEventLog.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Media Center.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped
C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped
C:\Windows\Temp\HPSLPS000.log Object is locked skipped
C:\Windows\WindowsUpdate.log Object is locked skipped
Scan process completed.
 
Hi Frog3

Your HijackThis log is incomplete.

Please post a complete HijackThis log next :)
 
Wow, that was a lame mistake I pulled.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:53:04 PM, on 8/27/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Windows\Dit.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\DitExp.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\wuauclt.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Users\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 151.204.41.29:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SetPoint] C:\Program Files\Logitech\SetPoint\SetPoint.EXE
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Cmaudio8788] RunDll32 cmicnfgp.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [spm.exe] C:\Program Files\Serial Port Mapper\spm.exe /silent
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [avp] C:\Windows\avp.exe
O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [Magicantispy] C:\Program Files\Magicantispy\Magicantispy.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/sdcCommon/download/FIOS/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
O18 - Protocol: bw+0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
 
O18 - Protocol: bwn0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F9E4D494-4E21-4968-A2FA-4D063FE9D854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DesktopControlPanel.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\Windows\System32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
O23 - Service: Spyware Doctor Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing)
O23 - Service: Serial Port Mapper service (spmsrv) - FabulaTech, Inc. - C:\Windows\system32\spmsrv.exe

--
End of file - 21080 bytes
 
Hi

To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:

uninstall-man.jpg


5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply.



Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
  1. Close all applications and windows.
  2. Double-click on dss.exe to run it, and follow the prompts.
  3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
  4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post. in your reply

Post:

- a fresh HijackThis log
- dss logs
- uninstall list
 
Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
 
You must log in or register to reply here.
Back
Top