Troj.Printspool

I don't know why, but I can't post my cureit log...

Here's my HJT Log though:

Logfile of HijackThis v1.99.1
Scan saved at 10:52:39 AM, on 6/13/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\program files\steam\steam.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\Help\aolsw.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\qnnvfbor.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [qnnvfbor] C:\WINDOWS\System32\qnnvfbor.exe
O4 - HKLM\..\RunServices: [qnnvfbor] C:\WINDOWS\System32\qnnvfbor.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180565052203
O18 - Protocol: bw+0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: AOL Spy Watch (LD-AOL-Spy_Watchv1) - Unknown owner - C:\WINDOWS\Help\aolsw.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Print Spooler Service (u9i5uuoyxak3qeu) - Unknown owner - C:\WINDOWS\System32\qnnvfbor.exe
 
Hi

"I don't know why, but I can't post my cureit log..."

What error message it gives you?

Open HijackThis, click do a system scan only and checkmark these:

O4 - HKLM\..\Run: [qnnvfbor] C:\WINDOWS\System32\qnnvfbor.exe
O4 - HKLM\..\RunServices: [qnnvfbor] C:\WINDOWS\System32\qnnvfbor.exe
O23 - Service: Print Spooler Service (u9i5uuoyxak3qeu) - Unknown owner - C:\WINDOWS\System32\qnnvfbor.exe


Close all windows inclluding browser and press fix checked.

Please run Killbox.

Select "Delete on Reboot" and "All files"

Copy the file names below to the clipboard by highlighting them and pressing Control-C:

C:\WINDOWS\system32\qnnvfbor.exe
C:\WINDOWS\system32\odbtnj.exe
C:\WINDOWS\system32\jcmqiqjur.exe
C:\WINDOWS\system32\olpb.exe
C:\WINDOWS\system32\xf.exe
C:\WINDOWS\system32\xnwozhwyx.exe
C:\WINDOWS\system32\ctplimu.exe
C:\WINDOWS\system32\ffx.exe
C:\WINDOWS\system32\jjh.exe
C:\WINDOWS\system32\emzlvzjw.exe
C:\WINDOWS\system32\udix.exe
C:\WINDOWS\system32\luqyediyynnm.exe
C:\WINDOWS\system32\quzdnvgaunjk.exe
C:\WINDOWS\system32\py.exe
C:\WINDOWS\system32\otueczblcmab.exe
C:\WINDOWS\system32\dpzkkn.exe
C:\WINDOWS\system32\sd.exe
C:\WINDOWS\system32\cfxfhlwkp.exe
C:\WINDOWS\system32\ca.exe
C:\WINDOWS\system32\alhn.exe
C:\WINDOWS\system32\ww.exe
C:\WINDOWS\system32\guvckfm.exe
C:\WINDOWS\system32\skuedcoe.exe

Go to the File menu, and choose "Paste from Clipboard".

Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run TheKillbox, click here to download and run missingfilesetup.exe. Then try TheKillbox again..

If your computer does not restart automatically, please restart it manually.

Re-run combofix

Post:

- a fresh HijackThis log
- combofix report
 
Sorry for being such a hassle to you

Here's my HJT Log:

Logfile of HijackThis v1.99.1
Scan saved at 11:11:15 AM, on 6/13/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\program files\steam\steam.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\Help\aolsw.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\imapi.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180565052203
O18 - Protocol: bw+0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: AOL Spy Watch (LD-AOL-Spy_Watchv1) - Unknown owner - C:\WINDOWS\Help\aolsw.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Print Spooler Service (u9i5uuoyxak3qeu) - Unknown owner - C:\WINDOWS\System32\qnnvfbor.exe (file missing)

And if I am being a hassle then you can stop helping me. Its okay, and ill go and just reformat my computer.
 
My Combofix Log:

ComboFix 07-06-13.3 - C:\Documents and Settings\Jeremy\Desktop\ComboFix.exe
"Jeremy" - 2007-06-13 11:06:53 - Service Pack 1 NTFS


((((((((((((((((((((((((( Files Created from 2007-05-13 to 2007-06-13 )))))))))))))))))))))))))))))))


2007-06-13 10:47 <DIR> d-------- C:\DOCUME~1\Jeremy\APPLIC~1\Uniblue
2007-06-12 22:05 <DIR> d-------- C:\DOCUME~1\Jeremy\DoctorWeb
2007-06-12 21:43 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-10 09:44 <DIR> d-------- C:\!KillBox
2007-06-09 10:36 1,157 --a------ C:\WINDOWS\mozver.dat
2007-06-09 10:36 <DIR> d-------- C:\DOCUME~1\Jeremy\APPLIC~1\Snapfish
2007-06-08 16:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
2007-06-08 11:50 593,408 --a------ C:\WINDOWS\system32\h323msp.dll
2007-06-08 11:50 548,352 --a------ C:\WINDOWS\system32\rtcdll.dll
2007-06-08 11:50 439,808 --a------ C:\WINDOWS\system32\ipnathlp.dll
2007-06-08 11:50 26,112 --a------ C:\WINDOWS\system32\xpsp1hfm.exe
2007-06-08 11:49 233,984 --a------ C:\WINDOWS\system32\tapisrv.dll
2007-06-07 21:08 <DIR> d-------- C:\EPSON
2007-06-07 21:07 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2007-06-07 21:07 <DIR> d-------- C:\WINDOWS\system32\bits
2007-06-07 21:07 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-06-07 21:07 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2007-06-07 21:07 <DIR> d-------- C:\Program Files\Common Files\AOL
2007-06-07 21:07 <DIR> d-------- C:\DOCUME~1\Jeremy\APPLIC~1\Viewpoint
2007-06-07 21:05 <DIR> d-------- C:\DOCUME~1\Jeremy\Shared
2007-06-07 20:48 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-06-07 20:06 <DIR> d-------- C:\WINDOWS\pss
2007-06-07 19:46 991,232 --a------ C:\WINDOWS\system32\esent.dll
2007-06-05 15:29 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2007-06-03 19:16 212,480 --a------ C:\WINDOWS\pcdlib32.dll
2007-06-03 19:16 163,840 --a------ C:\WINDOWS\system32\PhotoImpression Screen Saver.scr
2007-06-03 19:16 <DIR> d-------- C:\Program Files\ArcSoft
2007-06-03 19:15 96,768 --a------ C:\WINDOWS\SlantAdj.dll
2007-06-03 19:15 73,216 --a------ C:\WINDOWS\ADE.DLL
2007-06-03 19:15 708,696 --a------ C:\WINDOWS\system32\python21.dll
2007-06-03 19:15 57,344 --a------ C:\WINDOWS\system32\PyWinTypes21.dll
2007-06-03 19:15 3,136 --a------ C:\WINDOWS\Ade001.bin
2007-06-03 19:15 290,919 --a------ C:\WINDOWS\system32\pythoncom21.dll
2007-06-03 19:15 <DIR> d-------- C:\Program Files\Common Files\Python
2007-06-03 19:14 65,536 --a------ C:\WINDOWS\system32\EEBUtil.dll
2007-06-03 19:14 65,536 --a------ C:\WINDOWS\system32\EBAPI.dll
2007-06-03 19:14 54,272 --a------ C:\WINDOWS\system32\EEBSDKIF.dll
2007-06-03 19:14 139,264 --a------ C:\WINDOWS\system32\EBAPI2.dll
2007-06-03 19:14 122,880 --a------ C:\WINDOWS\system32\EEBAPI.dll
2007-06-03 19:14 102,400 --a------ C:\WINDOWS\system32\EEBDSCVR.dll
2007-06-03 19:14 <DIR> d-------- C:\Program Files\Common Files\EPSON
2007-06-03 19:13 90,112 --a------ C:\WINDOWS\system32\epcomdd.dll
2007-06-03 19:13 86,016 --a------ C:\WINDOWS\system32\epfb5cpl.dll
2007-06-03 19:13 77,824 --a------ C:\WINDOWS\system32\Esintpl.dll
2007-06-03 19:13 53,248 --a------ C:\WINDOWS\system32\esicm.dll
2007-06-03 19:13 47,104 --a------ C:\WINDOWS\system32\escimgn.dll
2007-06-03 19:13 47,104 --a------ C:\WINDOWS\system32\escimgd.dll
2007-06-03 19:13 35,840 --a------ C:\WINDOWS\system32\escwian.dll
2007-06-03 19:13 33,280 --a------ C:\WINDOWS\system32\esccm.dll
2007-06-03 19:13 32,256 --a------ C:\WINDOWS\system32\escwiad.dll
2007-06-03 19:13 32,256 --a------ C:\WINDOWS\system32\escwiab.dll
2007-06-03 19:13 27,648 --a------ C:\WINDOWS\system32\escimg.dll
2007-06-03 19:13 23,552 --a------ C:\WINDOWS\system32\esccmn.dll
2007-06-03 19:13 22,528 --a------ C:\WINDOWS\system32\esccmd.dll
2007-06-03 19:13 184,320 --a------ C:\WINDOWS\system32\esdtr.dll
2007-06-03 19:13 14,208 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-06-03 19:13 126,976 --a------ C:\WINDOWS\system32\Esint23.dll
2007-06-03 19:13 <DIR> d-------- C:\Program Files\EPSON
2007-06-02 23:13 344,064 --a------ C:\WINDOWS\system32\msvcr70.dll
2007-06-02 23:13 <DIR> d-------- C:\Program Files\AIM
2007-06-02 09:11 <DIR> d-------- C:\Program Files\Steam
2007-06-01 16:43 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-06-01 16:29 66,560 --a------ C:\WINDOWS\system32\jsqypn.exe
2007-05-30 15:46 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-05-30 15:45 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2007-05-30 15:45 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2007-05-30 15:45 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2007-05-30 15:45 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-05-30 15:44 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-05-30 15:44 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2007-05-30 15:44 33,624 --a------ C:\WINDOWS\system32\wups.dll
2007-05-30 15:44 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-05-30 15:44 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-05-29 19:17 <DIR> d-------- C:\DOCUME~1\Jeremy\APPLIC~1\Aim
2007-05-29 16:59 <DIR> d-------- C:\Program Files\AOD
2007-05-29 16:59 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
2007-05-28 20:47 <DIR> d-------- C:\WINDOWS\ShellNew
2007-05-28 20:44 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2007-05-28 20:44 <DIR> d-------- C:\Program Files\Microsoft Works Suite 2006
2007-05-28 20:41 24,960 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-05-28 20:40 28,160 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-05-28 19:59 <DIR> d-------- C:\DOCUME~1\Jeremy\Incomplete
2007-05-28 19:59 <DIR> d-------- C:\DOCUME~1\Jeremy\APPLIC~1\LimeWire
2007-05-22 15:40 <DIR> d---s---- C:\DOCUME~1\Jeremy\UserData
2007-05-21 16:21 <DIR> d-------- C:\DOCUME~1\Jeremy\APPLIC~1\Logitech
2007-05-21 16:20 51,072 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys
2007-05-21 16:20 23,424 --a------ C:\WINDOWS\system32\drivers\kbdclass.sys
2007-05-21 16:20 22,016 --a------ C:\WINDOWS\system32\drivers\mouclass.sys
2007-05-21 16:20 118,784 -r------- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2007-05-21 16:20 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-05-21 16:19 89,088 --a------ C:\WINDOWS\system32\atl71.dll
2007-05-21 16:19 68,992 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys
2007-05-21 16:19 52,992 --a------ C:\WINDOWS\system32\drivers\L8042mou.Sys
2007-05-21 16:19 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-05-21 16:19 348,160 --------- C:\WINDOWS\system32\msvcr71.dll
2007-05-21 16:19 13,056 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.sys
2007-05-21 16:19 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2007-05-21 16:19 1,047,552 --a------ C:\WINDOWS\system32\MFC71u.dll
2007-05-21 16:19 <DIR> d-------- C:\Program Files\Logitech
2007-05-21 16:19 <DIR> d-------- C:\Program Files\Common Files\Logitech


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-08 23:40:38 -------- d-----w C:\Program Files\Messenger
2007-06-08 03:51:13 -------- d-----w C:\Program Files\Common Files\InstallShield
2007-06-04 02:16:16 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-05-30 22:44:38 -------- d--h--w C:\Program Files\WindowsUpdate
2007-05-13 01:53:12 -------- d-----w C:\Program Files\Realtek
2007-05-13 01:50:47 -------- d-----w C:\Program Files\NVIDIA Corporation
2007-05-13 01:50:16 -------- d-----w C:\DOCUME~1\Jeremy\APPLIC~1\InstallShield
2007-05-13 01:42:21 -------- d-----w C:\Program Files\microsoft frontpage
2007-05-13 01:42:13 0 --sha-r C:\MSDOS.SYS
2007-05-13 01:42:13 0 --sha-r C:\IO.SYS
2007-05-13 01:42:13 0 ----a-w C:\CONFIG.SYS
2007-05-13 01:42:13 0 ----a-w C:\AUTOEXEC.BAT
2007-05-13 01:41:12 -------- d-----w C:\Program Files\Movie Maker
2007-05-13 01:40:41 -------- d-----w C:\Program Files\Common Files\MSSoap
2007-05-13 01:40:12 21,640 ----a-w C:\WINDOWS\system32\emptyregdb.dat
2007-05-13 01:40:09 -------- d-----w C:\Program Files\Online Services
2007-05-13 01:40:02 -------- d-----w C:\Program Files\MSN Gaming Zone
2007-05-13 01:39:59 -------- d-----w C:\Program Files\Windows NT
2007-05-12 18:35:17 -------- d-----w C:\Program Files\Common Files\ODBC
2007-05-12 18:35:15 -------- d-----w C:\Program Files\Common Files\SpeechEngines
2007-04-17 05:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-17 05:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-17 05:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-17 05:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{53707962-6F74-2D53-2644-206D7942484F}=C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 01:04]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-05-21 16:20]
"Steam"="c:\program files\steam\steam.exe" [2007-06-02 09:11]
"AIM"="C:\Program Files\AIM\aim.exe" [2003-09-25 04:28]
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [2004-11-15 16:18]
"Uniblue RegistryBooster2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []

*Newly Created Service* - SPUPDSVC

**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-13 11:07:46
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-13 11:08:17
C:\ComboFix2.txt ... 2007-06-13 10:02
C:\ComboFix3.txt ... 2007-06-12 21:44

--- E O F ---
 
Hi

Great it seemed to work :bigthumb:

No, you are not pain to me, your infection was just a very difficult one(it mutated).

Please click Start > Run and type in: services.msc
Click OK
In the Services window find: Print Spooler Service (u9i5uuoyxak3qeu)
Select/highlight and right click the entry, and choose: Properties
On the General tab, under Service Status click the Stop button
Beside: Startup Type, in the drop menu, select: Disabled
Click Apply, then OK

Now, go to Start > Run, and copy/paste the following into the Open box:
sc delete u9i5uuoyxak3qeu
Click: OK

Reboot

Post a fresh HijackThis log.
 
Thank you for all you're help so far, and I really appreciate it. :)

Here's my fresh HJT Log:

Logfile of HijackThis v1.99.1
Scan saved at 2:11:10 PM, on 6/14/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\vheuyykgyxou.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\program files\steam\steam.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\Help\aolsw.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [vheuyykgyxou] C:\WINDOWS\System32\vheuyykgyxou.exe
O4 - HKLM\..\RunServices: [vheuyykgyxou] C:\WINDOWS\System32\vheuyykgyxou.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180565052203
O18 - Protocol: bw+0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: AOL Spy Watch (LD-AOL-Spy_Watchv1) - Unknown owner - C:\WINDOWS\Help\aolsw.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Print Spooler Service (u9i5uuoyxak3qeu) - Unknown owner - C:\WINDOWS\System32\vheuyykgyxou.exe
 
Hi

It's back :sad:

It's essential that you keep computer disconnected from internet as much as possible or we won't get you cleaned.

Re-run combofix

Post:

- a fresh HijackThis log
- combofix report
 
Isn't it that if you disconnect the computer from the internet then I don't get to go online ? Or do I have to keep unplugging and plugging my modem ? Am I suppose to be running in safe mode ?


Here's my Combofix Log:

ComboFix 07-06-13.3 - C:\Documents and Settings\Jeremy\Desktop\ComboFix.exe
"Jeremy" - 2007-06-15 10:10:58 - Service Pack 1 NTFS


((((((((((((((((((((((((( Files Created from 2007-05-15 to 2007-06-15 )))))))))))))))))))))))))))))))


2007-06-13 22:47 148,480 --a------ C:\WINDOWS\system32\vheuyykgyxou.exe
2007-06-13 10:47 <DIR> d-------- C:\DOCUME~1\Jeremy\APPLIC~1\Uniblue
2007-06-12 22:05 <DIR> d-------- C:\DOCUME~1\Jeremy\DoctorWeb
2007-06-12 21:43 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-10 09:44 <DIR> d-------- C:\!KillBox
2007-06-09 10:36 1,157 --a------ C:\WINDOWS\mozver.dat
2007-06-09 10:36 <DIR> d-------- C:\DOCUME~1\Jeremy\APPLIC~1\Snapfish
2007-06-08 16:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
2007-06-08 11:50 593,408 --a------ C:\WINDOWS\system32\h323msp.dll
2007-06-08 11:50 548,352 --a------ C:\WINDOWS\system32\rtcdll.dll
2007-06-08 11:50 439,808 --a------ C:\WINDOWS\system32\ipnathlp.dll
2007-06-08 11:50 26,112 --a------ C:\WINDOWS\system32\xpsp1hfm.exe
2007-06-07 21:08 <DIR> d-------- C:\EPSON
2007-06-07 21:07 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2007-06-07 21:07 <DIR> d-------- C:\WINDOWS\system32\bits
2007-06-07 21:07 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-06-07 21:07 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2007-06-07 21:07 <DIR> d-------- C:\Program Files\Common Files\AOL
2007-06-07 21:07 <DIR> d-------- C:\DOCUME~1\Jeremy\APPLIC~1\Viewpoint
2007-06-07 21:05 <DIR> d-------- C:\DOCUME~1\Jeremy\Shared
2007-06-07 20:48 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-06-07 20:06 <DIR> d-------- C:\WINDOWS\pss
2007-06-07 19:46 991,232 --a------ C:\WINDOWS\system32\esent.dll
2007-06-05 15:29 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2007-06-03 19:16 212,480 --a------ C:\WINDOWS\pcdlib32.dll
2007-06-03 19:16 163,840 --a------ C:\WINDOWS\system32\PhotoImpression Screen Saver.scr
2007-06-03 19:16 <DIR> d-------- C:\Program Files\ArcSoft
2007-06-03 19:15 96,768 --a------ C:\WINDOWS\SlantAdj.dll
2007-06-03 19:15 73,216 --a------ C:\WINDOWS\ADE.DLL
2007-06-03 19:15 708,696 --a------ C:\WINDOWS\system32\python21.dll
2007-06-03 19:15 57,344 --a------ C:\WINDOWS\system32\PyWinTypes21.dll
2007-06-03 19:15 3,136 --a------ C:\WINDOWS\Ade001.bin
2007-06-03 19:15 290,919 --a------ C:\WINDOWS\system32\pythoncom21.dll
2007-06-03 19:15 <DIR> d-------- C:\Program Files\Common Files\Python
2007-06-03 19:14 65,536 --a------ C:\WINDOWS\system32\EEBUtil.dll
2007-06-03 19:14 65,536 --a------ C:\WINDOWS\system32\EBAPI.dll
2007-06-03 19:14 54,272 --a------ C:\WINDOWS\system32\EEBSDKIF.dll
2007-06-03 19:14 139,264 --a------ C:\WINDOWS\system32\EBAPI2.dll
2007-06-03 19:14 122,880 --a------ C:\WINDOWS\system32\EEBAPI.dll
2007-06-03 19:14 102,400 --a------ C:\WINDOWS\system32\EEBDSCVR.dll
2007-06-03 19:14 <DIR> d-------- C:\Program Files\Common Files\EPSON
2007-06-03 19:13 90,112 --a------ C:\WINDOWS\system32\epcomdd.dll
2007-06-03 19:13 86,016 --a------ C:\WINDOWS\system32\epfb5cpl.dll
2007-06-03 19:13 77,824 --a------ C:\WINDOWS\system32\Esintpl.dll
2007-06-03 19:13 53,248 --a------ C:\WINDOWS\system32\esicm.dll
2007-06-03 19:13 47,104 --a------ C:\WINDOWS\system32\escimgn.dll
2007-06-03 19:13 47,104 --a------ C:\WINDOWS\system32\escimgd.dll
2007-06-03 19:13 35,840 --a------ C:\WINDOWS\system32\escwian.dll
2007-06-03 19:13 33,280 --a------ C:\WINDOWS\system32\esccm.dll
2007-06-03 19:13 32,256 --a------ C:\WINDOWS\system32\escwiad.dll
2007-06-03 19:13 32,256 --a------ C:\WINDOWS\system32\escwiab.dll
2007-06-03 19:13 27,648 --a------ C:\WINDOWS\system32\escimg.dll
2007-06-03 19:13 23,552 --a------ C:\WINDOWS\system32\esccmn.dll
2007-06-03 19:13 22,528 --a------ C:\WINDOWS\system32\esccmd.dll
2007-06-03 19:13 184,320 --a------ C:\WINDOWS\system32\esdtr.dll
2007-06-03 19:13 14,208 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-06-03 19:13 126,976 --a------ C:\WINDOWS\system32\Esint23.dll
2007-06-03 19:13 <DIR> d-------- C:\Program Files\EPSON
2007-06-02 23:13 344,064 --a------ C:\WINDOWS\system32\msvcr70.dll
2007-06-02 23:13 <DIR> d-------- C:\Program Files\AIM
2007-06-02 09:11 <DIR> d-------- C:\Program Files\Steam
2007-06-01 16:43 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-06-01 16:29 66,560 --a------ C:\WINDOWS\system32\jsqypn.exe
2007-05-30 15:46 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-05-30 15:45 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2007-05-30 15:45 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2007-05-30 15:45 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2007-05-30 15:45 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-05-30 15:44 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-05-30 15:44 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2007-05-30 15:44 33,624 --a------ C:\WINDOWS\system32\wups.dll
2007-05-30 15:44 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-05-30 15:44 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-05-29 19:17 <DIR> d-------- C:\DOCUME~1\Jeremy\APPLIC~1\Aim
2007-05-29 16:59 <DIR> d-------- C:\Program Files\AOD
2007-05-29 16:59 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
2007-05-28 20:47 <DIR> d-------- C:\WINDOWS\ShellNew
2007-05-28 20:44 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2007-05-28 20:44 <DIR> d-------- C:\Program Files\Microsoft Works Suite 2006
2007-05-28 20:41 24,960 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-05-28 20:40 28,160 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-05-28 19:59 <DIR> d-------- C:\DOCUME~1\Jeremy\Incomplete
2007-05-28 19:59 <DIR> d-------- C:\DOCUME~1\Jeremy\APPLIC~1\LimeWire
2007-05-22 15:40 <DIR> d---s---- C:\DOCUME~1\Jeremy\UserData
2007-05-21 16:21 <DIR> d-------- C:\DOCUME~1\Jeremy\APPLIC~1\Logitech
2007-05-21 16:20 51,072 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys
2007-05-21 16:20 23,424 --a------ C:\WINDOWS\system32\drivers\kbdclass.sys
2007-05-21 16:20 22,016 --a------ C:\WINDOWS\system32\drivers\mouclass.sys
2007-05-21 16:20 118,784 -r------- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2007-05-21 16:20 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-05-21 16:19 89,088 --a------ C:\WINDOWS\system32\atl71.dll
2007-05-21 16:19 68,992 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys
2007-05-21 16:19 52,992 --a------ C:\WINDOWS\system32\drivers\L8042mou.Sys
2007-05-21 16:19 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-05-21 16:19 348,160 --------- C:\WINDOWS\system32\msvcr71.dll
2007-05-21 16:19 13,056 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.sys
2007-05-21 16:19 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2007-05-21 16:19 1,047,552 --a------ C:\WINDOWS\system32\MFC71u.dll
2007-05-21 16:19 <DIR> d-------- C:\Program Files\Logitech
2007-05-21 16:19 <DIR> d-------- C:\Program Files\Common Files\Logitech


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-08 23:40:38 -------- d-----w C:\Program Files\Messenger
2007-06-08 03:51:13 -------- d-----w C:\Program Files\Common Files\InstallShield
2007-06-04 02:16:16 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-05-30 22:44:38 -------- d--h--w C:\Program Files\WindowsUpdate
2007-05-13 01:53:12 -------- d-----w C:\Program Files\Realtek
2007-05-13 01:50:47 -------- d-----w C:\Program Files\NVIDIA Corporation
2007-05-13 01:50:16 -------- d-----w C:\DOCUME~1\Jeremy\APPLIC~1\InstallShield
2007-05-13 01:42:21 -------- d-----w C:\Program Files\microsoft frontpage
2007-05-13 01:42:13 0 --sha-r C:\MSDOS.SYS
2007-05-13 01:42:13 0 --sha-r C:\IO.SYS
2007-05-13 01:42:13 0 ----a-w C:\CONFIG.SYS
2007-05-13 01:42:13 0 ----a-w C:\AUTOEXEC.BAT
2007-05-13 01:41:12 -------- d-----w C:\Program Files\Movie Maker
2007-05-13 01:40:41 -------- d-----w C:\Program Files\Common Files\MSSoap
2007-05-13 01:40:12 21,640 ----a-w C:\WINDOWS\system32\emptyregdb.dat
2007-05-13 01:40:09 -------- d-----w C:\Program Files\Online Services
2007-05-13 01:40:02 -------- d-----w C:\Program Files\MSN Gaming Zone
2007-05-13 01:39:59 -------- d-----w C:\Program Files\Windows NT
2007-05-12 18:35:17 -------- d-----w C:\Program Files\Common Files\ODBC
2007-05-12 18:35:15 -------- d-----w C:\Program Files\Common Files\SpeechEngines
2007-04-17 05:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-17 05:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-17 05:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-17 05:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{53707962-6F74-2D53-2644-206D7942484F}=C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 01:04]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-05-21 16:20]
"Steam"="c:\program files\steam\steam.exe" [2007-06-02 09:11]
"AIM"="C:\Program Files\AIM\aim.exe" [2003-09-25 04:28]
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [2004-11-15 16:18]
"Uniblue RegistryBooster2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"vheuyykgyxou"=C:\WINDOWS\System32\vheuyykgyxou.exe

*Newly Created Service* - U9I5UUOYXAK3QEU

**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-15 10:11:20
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-15 10:11:46
C:\ComboFix2.txt ... 2007-06-13 11:08
C:\ComboFix3.txt ... 2007-06-13 10:02

--- E O F ---
 
Hi

"Or do I have to keep unplugging and plugging my modem ?"

Yes

Open HijackThis, click do a system scan only and checkmark these:

O4 - HKLM\..\Run: [vheuyykgyxou] C:\WINDOWS\System32\vheuyykgyxou.exe
O4 - HKLM\..\RunServices: [vheuyykgyxou] C:\WINDOWS\System32\vheuyykgyxou.exe
O23 - Service: AOL Spy Watch (LD-AOL-Spy_Watchv1) - Unknown owner - C:\WINDOWS\Help\aolsw.exe
O23 - Service: Print Spooler Service (u9i5uuoyxak3qeu) - Unknown owner - C:\WINDOWS\System32\vheuyykgyxou.exe


Close all windows including browser and press fix checked.

Please run Killbox.

Select "Delete on Reboot" and "All files"

Copy the file names below to the clipboard by highlighting them and pressing Control-C:

C:\WINDOWS\System32\vheuyykgyxou.exe
C:\WINDOWS\Help\aolsw.exe
C:\WINDOWS\system32\jsqypn.exe

Go to the File menu, and choose "Paste from Clipboard".

Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run TheKillbox, click here to download and run missingfilesetup.exe. Then try TheKillbox again..

If your computer does not restart automatically, please restart it manually.

Post a fresh HijackThis log.
 
Sorry if its taking to long to clean my computer :(


Here's my fresh HJT Log:

Logfile of HijackThis v1.99.1
Scan saved at 10:30:45 AM, on 6/15/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\program files\steam\steam.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\Help\aolsw.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180565052203
O18 - Protocol: bw+0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: AOL Spy Watch (LD-AOL-Spy_Watchv1) - Unknown owner - C:\WINDOWS\Help\aolsw.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Print Spooler Service (u9i5uuoyxak3qeu) - Unknown owner - C:\WINDOWS\System32\vheuyykgyxou.exe (file missing)
 
Hi

Partial success

1. Please download The Avenger by Swandog46 to your Desktop.
  • Click on Avenger.zip to open the file
  • Extract avenger.exe to your desktop

2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Files to delete:
C:\WINDOWS\Help\aolsw.exe

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.


3. Now, start The Avenger program by clicking on its icon on your desktop.
  • Under "Script file to execute" choose "Input Script Manually".
  • Now click on the Magnifying Glass icon which will open a new window titled "View/edit script"
  • Paste the text copied to clipboard into this window by pressing (Ctrl+V).
  • Click Done
  • Now click on the Green Light to begin execution of the script
  • Answer "Yes" twice when prompted.
4. The Avenger will automatically do the following:
  • It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
5. Please copy/paste the content of c:\avenger.txt into your reply along with a fresh HJT log by using Add/Reply
 
Here's my avenger Log:

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\xtssxiew

*******************

Script file located at: \??\C:\Program Files\rekapxhi.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\Help\aolsw.exe deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

Here's my fresh HJT Log:

Logfile of HijackThis v1.99.1
Scan saved at 12:41:04 PM, on 6/15/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\program files\steam\steam.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180565052203
O18 - Protocol: bw+0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: AOL Spy Watch (LD-AOL-Spy_Watchv1) - Unknown owner - C:\WINDOWS\Help\aolsw.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Print Spooler Service (u9i5uuoyxak3qeu) - Unknown owner - C:\WINDOWS\System32\vheuyykgyxou.exe (file missing)
 
Hi

Looking better :)

Please click Start > Run and type in: services.msc
Click OK
In the Services window find: AOL Spy Watch (LD-AOL-Spy_Watchv1)
Select/highlight and right click the entry, and choose: Properties
On the General tab, under Service Status click the Stop button
Beside: Startup Type, in the drop menu, select: Disabled
Click Apply, then OK

Repeat step for Print Spooler Service (u9i5uuoyxak3qeu).

Now, go to Start > Run, and copy/paste the following into the Open box:
sc delete LD-AOL-Spy_Watchv1
Click: OK

Repeat step for u9i5uuoyxak3qeu.

Reboot.

Post a fresh HijackThis log.
 
Here's my fresh HJT Log:

Logfile of HijackThis v1.99.1
Scan saved at 10:42:40 AM, on 6/16/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\program files\steam\steam.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180565052203
O18 - Protocol: bw+0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
 
Hi

Now some progress :)

Please do an online scan with Kaspersky Online Scanner. You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then start to download the latest definition files.
  • Once the scanner is installed and the definitions downloaded, click Next.
  • Now click on Scan Settings
  • In the scan settings make sure that the following are selected:

    o Scan using the following Anti-Virus database:

    + Extended (If available otherwise Standard)

    o Scan Options:

    + Scan Archives
    + Scan Mail Bases
  • Click OK
  • Now under select a target to scan select My Computer
  • The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Post:

- a fresh HijackThis log
- kaspersky report
 
Here is my Kaspersky Scan results:

Saturday, June 16, 2007 3:24:08 PM
Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 16/06/2007
Kaspersky Anti-Virus database records: 326036
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
Scan Statistics
Total number of scanned objects 49030
Number of viruses found 1
Number of infected objects 57
Number of suspicious objects 0
Duration of the scan process 03:44:34

Infected Object Name Virus Name Last Action
C:\!KillBox\bhh.exe Infected: Trojan.Win32.Agent.ame skipped
C:\!KillBox\citzavrgrg.exe Infected: Trojan.Win32.Agent.ame skipped
C:\!KillBox\dfhcy.exe Infected: Trojan.Win32.Agent.ame skipped
C:\!KillBox\flm.exe Infected: Trojan.Win32.Agent.ame skipped
C:\!KillBox\iafsoaie.exe Infected: Trojan.Win32.Agent.ame skipped
C:\!KillBox\llorpyp.exe Infected: Trojan.Win32.Agent.ame skipped
C:\!KillBox\nmi.exe Infected: Trojan.Win32.Agent.ame skipped
C:\!KillBox\thiwzeohhbmo.exe Infected: Trojan.Win32.Agent.ame skipped
C:\!KillBox\vguxkqmgan.exe Infected: Trojan.Win32.Agent.ame skipped
C:\!KillBox\xmvzx.exe Infected: Trojan.Win32.Agent.ame skipped
C:\!KillBox\ycdhvnic.exe Infected: Trojan.Win32.Agent.ame skipped
C:\!KillBox\zticvyml.exe Infected: Trojan.Win32.Agent.ame skipped
C:\Documents and Settings\Jeremy\Application Data\Aim\rejrejx\cert8.db Object is locked skipped
C:\Documents and Settings\Jeremy\Application Data\Aim\rejrejx\key3.db Object is locked skipped
C:\Documents and Settings\Jeremy\Application Data\Mozilla\Firefox\Profiles\5n63gdli.default\cert8.db Object is locked skipped
C:\Documents and Settings\Jeremy\Application Data\Mozilla\Firefox\Profiles\5n63gdli.default\GoogleToolbarData\googlesafebrowsing.db Object is locked skipped
C:\Documents and Settings\Jeremy\Application Data\Mozilla\Firefox\Profiles\5n63gdli.default\history.dat Object is locked skipped
C:\Documents and Settings\Jeremy\Application Data\Mozilla\Firefox\Profiles\5n63gdli.default\key3.db Object is locked skipped
C:\Documents and Settings\Jeremy\Application Data\Mozilla\Firefox\Profiles\5n63gdli.default\parent.lock Object is locked skipped
C:\Documents and Settings\Jeremy\Application Data\Mozilla\Firefox\Profiles\5n63gdli.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Jeremy\Application Data\Mozilla\Firefox\Profiles\5n63gdli.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Jeremy\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Jeremy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Jeremy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Jeremy\Local Settings\Application Data\Mozilla\Firefox\Profiles\5n63gdli.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Jeremy\Local Settings\Application Data\Mozilla\Firefox\Profiles\5n63gdli.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Jeremy\Local Settings\Application Data\Mozilla\Firefox\Profiles\5n63gdli.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Jeremy\Local Settings\Application Data\Mozilla\Firefox\Profiles\5n63gdli.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Jeremy\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jeremy\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jeremy\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Jeremy\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\BWDocMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\BWInfopakMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\chandir.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\chandir.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\chn.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\chn.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\inuse.txt Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\L0000002.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\main.log Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_die.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_die.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\storydb.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\storydb.idx Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\access_log Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\error.log Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\error_log Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\ssl_request_log Object is locked skipped
C:\Program Files\Steam\Steam.log Object is locked skipped
C:\Program Files\Steam\steamapps\counter-strike.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\half-life engine.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\half-life.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\platform.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\sourceinit.gcf Object is locked skipped
C:\Program Files\Steam\steamapps\winui.gcf Object is locked skipped
C:\Program Files\Steam\SteamLogs\SteamStats.log Object is locked skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033578.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033579.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033580.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033581.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033582.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033583.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033584.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033585.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033586.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033587.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033588.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033589.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP145\change.log Object is locked skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP35\A0017595.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP35\A0017712.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP35\A0018830.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP36\A0019000.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP36\A0019064.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP36\A0019181.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP36\A0020299.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP37\A0020331.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP37\A0020358.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP37\A0020423.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP37\A0020540.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP37\A0021658.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0021673.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0021680.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0021692.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0021719.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0021784.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0021901.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0023019.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP69\A0028164.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029795.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029796.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029907.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029910.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029924.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029925.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029926.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029927.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029932.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029933.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029976.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0030092.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0031197.exe Infected: Trojan.Win32.Agent.ame skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
 
Here's my fresh HJT Log:

Logfile of HijackThis v1.99.1
Scan saved at 3:28:12 PM, on 6/16/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\program files\steam\steam.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Program Files\internet explorer\iexplore.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180565052203
O18 - Protocol: bw+0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
 
Hi

Looks like we're close to victory :bigthumb:

Empty this folder:

C:\!KillBox\

Empty Recycle Bin

Re-scan with kaspersky

Post:

- a fresh HijackThis log
- kaspersky report
 
Dang Shaba you are to cool :cool:

Here's my Kaspersky Scan Log:

Sunday, June 17, 2007 5:01:31 PM
Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 17/06/2007
Kaspersky Anti-Virus database records: 326213
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
Scan Statistics
Total number of scanned objects 48227
Number of viruses found 1
Number of infected objects 57
Number of suspicious objects 0
Duration of the scan process 03:27:41

Infected Object Name Virus Name Last Action
C:\Documents and Settings\Jeremy\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Jeremy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Jeremy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Jeremy\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jeremy\Local Settings\History\History.IE5\MSHist012007061720070618\index.dat Object is locked skipped
C:\Documents and Settings\Jeremy\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jeremy\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Jeremy\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\BWDocMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\BWInfopakMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\chandir.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\chandir.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\chn.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\chn.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\inuse.txt Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\L0000002.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\main.log Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_die.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_die.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\storydb.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jeremy\Data\storydb.idx Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\access_log Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\error.log Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\error_log Object is locked skipped
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\ssl_request_log Object is locked skipped
C:\Program Files\Steam\Steam.log Object is locked skipped
C:\Program Files\Steam\steamapps\winui.gcf Object is locked skipped
C:\Program Files\Steam\SteamLogs\SteamStats.log Object is locked skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033578.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033579.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033580.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033581.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033582.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033583.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033584.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033585.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033586.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033587.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033588.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP133\A0033589.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP146\A0035501.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP146\A0035506.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP146\A0035508.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP146\A0035514.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP146\A0035516.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP146\A0035522.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP146\A0035525.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP146\A0035537.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP146\A0035541.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP146\A0035544.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP146\A0035546.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP146\A0035548.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP146\change.log Object is locked skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP35\A0017595.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP35\A0017712.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP35\A0018830.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP36\A0019000.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP36\A0019064.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP36\A0019181.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP36\A0020299.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP37\A0020331.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP37\A0020358.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP37\A0020423.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP37\A0020540.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP37\A0021658.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0021673.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0021680.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0021692.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0021719.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0021784.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0021901.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP38\A0023019.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP69\A0028164.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029795.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029796.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029907.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029910.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029924.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029925.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029926.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029927.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029932.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029933.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0029976.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0030092.exe Infected: Trojan.Win32.Agent.ame skipped
C:\System Volume Information\_restore{31F8EA36-5AAF-453D-BAD5-6B0B3086B1DB}\RP71\A0031197.exe Infected: Trojan.Win32.Agent.ame skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
 
Here's my fresh HJT Log:

Logfile of HijackThis v1.99.1
Scan saved at 5:03:48 PM, on 6/17/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\program files\steam\steam.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Program Files\Ventrilo\Ventrilo -m.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180565052203
O18 - Protocol: bw+0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E4F7CEC1-85DA-4E9E-8F36-56A9C2388562} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
 
Back
Top