Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Friday 29.8.2025 / 16:23
Search AfterDawn Forums:        In English   Suomeksi   Pĺ svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > hijak this scan
Show topics
 
Forums
Forums
Hijak This Scan
  Jump to:
 
Posted Message
Page:12Next >
bugzy113
Member
_ 		19. October 2006 @ 11:59 _ Link to this message    Send private message to this user   
Hey guys, Am i infected?

Logfile of HijackThis v1.99.1
Scan saved at 3:56:50 PM, on 10/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINNT\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\System32\hkcmd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\WINNT\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINNT\system32\ElkCtrl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\AOL\1160783433\ee\AOLSoftware.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINNT\system32\ctfmon.exe
C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\Rar$EX00.781\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/d.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/d...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customiz.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/d...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\about.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\about.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P23 "EPSON Stylus C84 Series" /O5 "LPT1:" /M "Stylus C84"
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINNT\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINNT\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1160783433\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [AllTracksGone] C:\Program Files\AllTracksGone\alltracksgone.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [XingtoneUpdate] °˙\Updater.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [WinFixer] C:\Program Files\WinFixer\WWFX5.exe /min
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\RunServicesOnce: [CCWC7I] C:\Program Files\MoleculeSoft\Cleaner77\idxl.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to filterlist (WebWasher) - http://-Web.Washer-/ie_add
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINNT\System32\shdocvw.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1133914325328
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O18 - Protocol: bw+0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINNT\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINNT\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
[ + quote]
Advertisement
_ 		__
Niobis
Senior Member
_ 		20. October 2006 @ 13:51 _ Link to this message    Send private message to this user   
Hello bugzy113, yes you are.

Go to Add/Remove Programs and uninstall:
WinFixer

Go here to download the trial version of AVG Anti-spyware.

Install and update AVGAS. Do not run a scan yet, will later in safe mode.

Run a scan only with HijackThis, check these:

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customiz.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\about.htm <--not bad but not needed.
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\about.htm <--not bad but not needed.
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present <--check only if you or the computers admin didn't set the restrictions.

Close all windows excpet HijackThis then click "Fix checked".

Note: Print or copy these instructions to Notepad and save them. You will be in safe mode and can't acces the internet.

Restart your computer in safe mode(press F8 upon boot, select "Safe Mode" from menu and press Enter).
Open AVG AS and click "Scanner".
Click "Complete System Scan".
When it finishes scanning, set all items to "Quarantine".
Click "Apply All Actions".
Click "Save Report".
Click "Save report as" and save it to the desktop.

Restart in normal mode and post back with the AVGAS report and a new HijackThis log.

[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related
bugzy113
Member
_ 		22. October 2006 @ 10:29 _ Link to this message    Send private message to this user   
Cool, Thanx alot. . . But u know wat? I went to add/remove rpograms and i don't have winfixer. Does that mean i got rid of it already???
[ + quote]

This message has been edited since posting. Last time this message was edited on 22. October 2006 @ 10:36
Niobis
Senior Member
_ 		22. October 2006 @ 12:37 _ Link to this message    Send private message to this user   
Doubt it. Post a new HijackThis log.
[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related
bugzy113
Member
_ 		22. October 2006 @ 13:44 _ Link to this message    Send private message to this user   
edit
[ + quote]

This message has been edited since posting. Last time this message was edited on 23. October 2006 @ 06:51
bugzy113
Member
_ 		22. October 2006 @ 13:46 _ Link to this message    Send private message to this user   
ok i followed ur instructions. . . let me know if i still have anything infected.

Logfile of HijackThis v1.99.1
Scan saved at 5:42:27 PM, on 10/22/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINNT\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\hkcmd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\WINNT\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINNT\system32\ElkCtrl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\AOL\1160783433\ee\aolsoftware.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINNT\system32\ctfmon.exe
C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINNT\system32\DllHost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customiz.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/d...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P23 "EPSON Stylus C84 Series" /O5 "LPT1:" /M "Stylus C84"
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINNT\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINNT\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1160783433\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [AllTracksGone] C:\Program Files\AllTracksGone\alltracksgone.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [XingtoneUpdate] °˙\Updater.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [WinFixer] C:\Program Files\WinFixer\WWFX5.exe /min
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\RunServicesOnce: [CCWC7I] C:\Program Files\MoleculeSoft\Cleaner77\idxl.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to filterlist (WebWasher) - http://-Web.Washer-/ie_add
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINNT\System32\shdocvw.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1133914325328
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O18 - Protocol: bw+0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINNT\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINNT\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe


[ + quote]
bugzy113
Member
_ 		22. October 2006 @ 13:47 _ Link to this message    Send private message to this user   
edit
[ + quote]

This message has been edited since posting. Last time this message was edited on 23. October 2006 @ 03:47
Niobis
Senior Member
_ 		22. October 2006 @ 15:13 _ Link to this message    Send private message to this user   
Still there.

Fix these with HijackThis.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customiz.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
O4 - HKCU\..\Run: [WinFixer] C:\Program Files\WinFixer\WWFX5.exe /min

Then, restart in safe mode and delete this folder:
C:\Program Files\WinFixer

Also, if you ran AVGAS, please post the report in your next reply with a new HijackThis log.
[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related
bugzy113
Member
_ 		23. October 2006 @ 03:44 _ Link to this message    Send private message to this user   
ok. . . will do once i get home from work. Thanx alot
[ + quote]

This message has been edited since posting. Last time this message was edited on 23. October 2006 @ 03:48
bugzy113
Member
_ 		23. October 2006 @ 06:14 _ Link to this message    Send private message to this user   
another thing, what the best antivirus program to get. . . I have norton, but is that the best to protect from spyware, virus', and hacking? or is there something better? also, is Firefox n e good? Thanx 4 ur help. . .
[ + quote]

This message has been edited since posting. Last time this message was edited on 23. October 2006 @ 07:49
Niobis
Senior Member
_ 		23. October 2006 @ 13:19 _ Link to this message    Send private message to this user   
There isn't a best anti-virus-one cannot do all. But on top the list would be NOD32, Kaspersky, AVG and Antivir. You just need to try some for yourself and choose which you like best. Personally, I like NOD32 or AVG. As for spyware, I like AVG Anti-spyware or SpySweeper. And hacking, get a good firewall such as Zone Alarm or Kerio.

Firefox is on top when it comes to browsers. Faster and much safer than IE. You can also look into Opera.

Let me know what happens with Winfixer.
[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related
bugzy113
Member
_ 		23. October 2006 @ 16:18 _ Link to this message    Send private message to this user   
let me know what you gather and thanx alot . . . Also, i didn't find winfixer n e where. . . hope its gone though. . . Thanx again. . .


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 6:48:28 PM 10/23/2006

+ Scan result:



C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP583\A0125038.sys -> Adware.Winfixer : No action taken.
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP583\A0125037.exe -> Trojan.Qhost.x : No action taken.


::Report end


Logfile of HijackThis v1.99.1
Scan saved at 8:16:47 PM, on 10/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINNT\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\hkcmd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\WINNT\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINNT\system32\ElkCtrl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\AOL\1160783433\ee\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINNT\system32\ctfmon.exe
C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/d...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P23 "EPSON Stylus C84 Series" /O5 "LPT1:" /M "Stylus C84"
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINNT\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINNT\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1160783433\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [AllTracksGone] C:\Program Files\AllTracksGone\alltracksgone.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [XingtoneUpdate] °˙\Updater.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\RunServicesOnce: [CCWC7I] C:\Program Files\MoleculeSoft\Cleaner77\idxl.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to filterlist (WebWasher) - http://-Web.Washer-/ie_add
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINNT\System32\shdocvw.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1133914325328
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O18 - Protocol: bw+0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINNT\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINNT\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe


[ + quote]
Niobis
Senior Member
_ 		23. October 2006 @ 16:33 _ Link to this message    Send private message to this user   
Good, Winfixer is gone, but still in System Restore folder.

First, go here and download ATF Cleaner.

Open ATF Cleaner.
Check "Select All".
Click "Empty Selected".
Close ATF Cleaner.

Turn off System Restore.
Right click My Computer > Properties > System Restore tab > check "Turn off System Restore".
Click Apply then OK.

Java is out of date.
Go here and download Java Runtime Environment 5.0 Update 9.
Uninstall all previous versions of JRE via Add/Remove Programs.
Restart, install Update 9.

Then, turn System Restore back on.
Should be ok after that, any problem?

Also, in the future, with AVGAS be sure to set any items found to Quarantine or Delete then click "Apply all actions".

Edit: Just to be safe, show hidden files and folders then look for WinFixer in Program Files.

To show hidden files and folders:
Control Panel > Folder Options > View tab > check "Show hidden files and folder".
Be sure to hide them again after looking for the folder.
[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related

This message has been edited since posting. Last time this message was edited on 23. October 2006 @ 16:37
bugzy113
Member
_ 		23. October 2006 @ 18:37 _ Link to this message    Send private message to this user   
O.k., Done. . . I still didn't find winfixer but i did what u told me to, so everything should be o.k. Again thanks for your time. I appreciate it. I did one more scan with HijackThis just to make sure we got everything. Again THANKS! ! !

Logfile of HijackThis v1.99.1
Scan saved at 10:32:54 PM, on 10/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINNT\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\hkcmd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\WINNT\system32\LVCOMSX.EXE
C:\WINNT\system32\ElkCtrl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\AOL\1160783433\ee\aolsoftware.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINNT\system32\ctfmon.exe
C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINNT\system32\msiexec.exe
C:\Program Files\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/d...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P23 "EPSON Stylus C84 Series" /O5 "LPT1:" /M "Stylus C84"
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINNT\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINNT\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [AllTracksGone] C:\Program Files\AllTracksGone\alltracksgone.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [XingtoneUpdate] °˙\Updater.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\RunServicesOnce: [CCWC7I] C:\Program Files\MoleculeSoft\Cleaner77\idxl.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to filterlist (WebWasher) - http://-Web.Washer-/ie_add
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINNT\System32\shdocvw.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1133914325328
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O18 - Protocol: bw+0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {147127E0-D086-4F11-8F8C-E9C899BBCE8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINNT\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINNT\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe


[ + quote]
Niobis
Senior Member
_ 		23. October 2006 @ 18:52 _ Link to this message    Send private message to this user   
Looks good. You're welcome! :)
[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related
bugzy113
Member
_ 		24. October 2006 @ 04:27 _ Link to this message    Send private message to this user   
Great! Thanks for your help. . .
[ + quote]
bugzy113
Member
_ 		26. October 2006 @ 13:05 _ Link to this message    Send private message to this user   
Ok, sorry to bug again but i have to know if one of my other computers is infected. (I gave This one to my sister so i'm sure it has infections). Sorry if its too much trouble. . .




Logfile of HijackThis v1.99.1
Scan saved at 5:02:28 PM, on 10/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\Program Files\Common Files\AOL\1139796764\ee\AOLSoftware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Plaxo\2.6.2.9\PlaxoHelper.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: (no name) - {9C8F347E-5803-662B-ED19-B6EFC0D6DC38} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1139796764\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.6.2.9\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - Startup: Text for the Day.lnk = C:\Program Files\TRU\Daytext.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Checkers - http://download.games.yahoo.com/games/clients/y/kt4_x.cab
O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/games/clients/y/zt3_x.cab
O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info.app...iTunesSetup.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5...b?1106544692796
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe


[ + quote]

This message has been edited since posting. Last time this message was edited on 26. October 2006 @ 13:05
Niobis
Senior Member
_ 		26. October 2006 @ 21:54 _ Link to this message    Send private message to this user   
Don't see any infections, just some things that need to be cleaned up.

Download this 018RegFix to the desktop. Do not open it yet, we will later.

Fix these with HjT.

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: (no name) - SOFTWARE - (no file)
O3 - Toolbar: (no name) - {9C8F347E-5803-662B-ED19-B6EFC0D6DC38} - (no file)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

Then extract the 018RegFix and open it. Click Yes when prompted to merge with the registry.

Post a new HjT log and are there any problems or symptoms?

[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related
bugzy113
Member
_ 		27. October 2006 @ 04:40 _ Link to this message    Send private message to this user   
Wow, It amazing it didn't have any infecetions. I thought it would because the main problem with this pc is that its running SOOO SLOW. I thought it was slow due to spyware and such. I'll do what you told me to. Also, i would like to know if it is better to delete whats found or to Quarantine the items. . . Thanx again. . .
[ + quote]

This message has been edited since posting. Last time this message was edited on 27. October 2006 @ 06:48
Niobis
Senior Member
_ 		27. October 2006 @ 12:04 _ Link to this message    Send private message to this user   
Quarantine first because some files may have an error during deletion.

Have you ran AVGAS? If so, what has it found(if anything)?

Go here and run Kaspersky Online Scanner.
Accept the terms.
After downloading, click "My Computer".
After scanning, click "Save report as".
Save as a text file and post it here along with an AVGAS log.
[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related
bugzy113
Member
_ 		28. October 2006 @ 11:24 _ Link to this message    Send private message to this user   
well, Kaspersky Online Scanner isn't working for some reason but here is the AVGAS log. Let me know what u think. . . Thanx. . .


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 3:15:43 PM 10/28/2006

+ Scan result:



C:\System Volume Information\_restore{6E1A2F0E-07CA-49C6-80E2-E91BA00FF7E3}\RP345\A0109186.dll -> Adware.BargainBuddy : Ignored.
C:\Documents and Settings\TaniaA\Start Menu\Programs\EARN -> Adware.eZula : Ignored.
C:\Documents and Settings\Administrator\Application Data\Hotbar -> Adware.HotBar : Ignored.
C:\Documents and Settings\Administrator\Application Data\Hotbar\IESkins -> Adware.HotBar : Ignored.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0 -> Adware.HotBar : Ignored.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\HostOI -> Adware.HotBar : Ignored.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\HostOI\dynamic -> Adware.HotBar : Ignored.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\HostOL -> Adware.HotBar : Ignored.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\HostOL\dynamic -> Adware.HotBar : Ignored.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\Hotbar -> Adware.HotBar : Ignored.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\Hotbar\dynamic -> Adware.HotBar : Ignored.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\Hotbar\static -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\IESkins -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\eskin -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0 -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\HostOI -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\HostOI\dynamic -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\HostOI\static -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\HostOL -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\HostOL\dynamic -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\HostOL\static -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\dynamic -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\dynamic\bstat -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\dynamic\hstat -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\dynamic\ustat -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\static -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\static\1 -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\static\2 -> Adware.HotBar : Ignored.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad -> Adware.HotBar : Ignored.
C:\System Volume Information\_restore{6E1A2F0E-07CA-49C6-80E2-E91BA00FF7E3}\RP345\A0109185.exe -> Adware.Sahat : Ignored.
C:\System Volume Information\_restore{6E1A2F0E-07CA-49C6-80E2-E91BA00FF7E3}\RP345\A0109181.exe/Save.exe -> Adware.SaveNow : Ignored.
C:\System Volume Information\_restore{6E1A2F0E-07CA-49C6-80E2-E91BA00FF7E3}\RP345\A0109181.exe/SaveUninst.exe -> Adware.SaveNow : Ignored.
C:\System Volume Information\_restore{6E1A2F0E-07CA-49C6-80E2-E91BA00FF7E3}\RP345\A0109181.exe/Search.exe -> Adware.SaveNow : Ignored.
C:\System Volume Information\_restore{6E1A2F0E-07CA-49C6-80E2-E91BA00FF7E3}\RP345\A0109181.exe/DnldStub.exe -> Downloader.Small.kl : Ignored.
:mozilla.304:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.305:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.306:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.307:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.330:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.310:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.312:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.321:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.322:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.75:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Atdmt : Ignored.
:mozilla.54:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.55:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.56:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.62:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Com : Ignored.
:mozilla.82:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Overture : Ignored.
:mozilla.331:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.332:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.333:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.334:C:\Documents and Settings\TaniaA.TANIASPC\Application Data\Mozilla\Firefox\Profiles\017zdxdw.default\cookies.txt -> TrackingCookie.Pointroll : Ignored.


::Report end




[ + quote]

This message has been edited since posting. Last time this message was edited on 28. October 2006 @ 11:49
Niobis
Senior Member
_ 		28. October 2006 @ 20:24 _ Link to this message    Send private message to this user   
Rescan with AVGAS in safe mode. This time make sure your set all items to Quarantine then, click Apply all actions. Then, click Save report.

After that, try running Kapsersky again. If you cannot, go here and run ActiveScan. Be sure to save the results.

Post back with the new AVGAS log and the online scan log.
[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related
bugzy113
Member
_ 		5. November 2006 @ 12:25 _ Link to this message    Send private message to this user   
Sorry i took so long to respond but here are those reports:

AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 6:58:52 AM 10/30/2006

+ Scan result:



C:\Documents and Settings\TaniaA\Start Menu\Programs\EARN -> Adware.eZula : Cleaned.
C:\Documents and Settings\Administrator\Application Data\Hotbar -> Adware.HotBar : Cleaned.
C:\Documents and Settings\Administrator\Application Data\Hotbar\IESkins -> Adware.HotBar : Cleaned.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0 -> Adware.HotBar : Cleaned.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\HostOI -> Adware.HotBar : Cleaned.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\HostOI\dynamic -> Adware.HotBar : Cleaned.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\HostOL -> Adware.HotBar : Cleaned.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\HostOL\dynamic -> Adware.HotBar : Cleaned.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\Hotbar -> Adware.HotBar : Cleaned.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\Hotbar\dynamic -> Adware.HotBar : Cleaned.
C:\Documents and Settings\Administrator\Application Data\Hotbar\v3.0\Hotbar\static -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\IESkins -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\eskin -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0 -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\HostOI -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\HostOI\dynamic -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\HostOI\static -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\HostOL -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\HostOL\dynamic -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\HostOL\static -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\dynamic -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\dynamic\bstat -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\dynamic\hstat -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\dynamic\ustat -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\static -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\static\1 -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\static\2 -> Adware.HotBar : Cleaned.
C:\Documents and Settings\TaniaA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad -> Adware.HotBar : Cleaned.


::Report end

And the online scanner one:



Incident Status Location

Potentially unwanted tool:application/mywebsearch Not disinfected c:\windows\system32\f3pssavr.scr
Adware:adware/sahagent Not disinfected c:\windows\downloaded program files\sporder_.dll
Spyware:spyware/betterinet Not disinfected c:\windows\inf\satmat.inf
Adware:adware/downloadware Not disinfected c:\windows\Digital Signature 20040914.htm
Adware:adware/ieplugin Not disinfected c:\windows\kwv2.dat
Adware:adware/twain-tech Not disinfected c:\windows\satmat.ini
Adware:adware/powerscan Not disinfected Windows Registry
Adware:adware/adlogix Not disinfected Windows Registry
Adware:adware/memorywatcher Not disinfected Windows Registry
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[1].txt
Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@276[2].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@2o7[2].txt
Spyware:Cookie/64.62.232 Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@64.62.232[2].txt
Spyware:Cookie/Abetterinternet Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@abetterinternet[2].txt
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ads.addynamix[2].txt
Spyware:Cookie/Gorillanation Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ads.gorillanation[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ads.pointroll[2].txt
Spyware:Cookie/PurityScan Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ads.valuead[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@advertising[2].txt
Spyware:Cookie/Adviva Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@adviva[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@as1.falkag[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@atdmt[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@atwola[1].txt
Spyware:Cookie/Lop Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ayb.lop[1].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@azjmp[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@bannerlandia.com[1].txt
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@bfast[2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@bluestreak[1].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@bravenet[2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@bs.serving-sys[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@casalemedia[1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ccbill[2].txt
Spyware:Cookie/CentrPort Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@centrport[2].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@cgi-bin[2].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@cgi-bin[4].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@cgi-bin[5].txt
Spyware:Cookie/Bridgetrack Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@citi.bridgetrack[2].txt
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@clickbank[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@com[1].txt
Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@data.coremetrics[1].txt
Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@desktop.kazaa[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@doubleclick[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ehg-dig.hitbox[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ehg-micron.hitbox[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ehg.hitbox[1].txt
Spyware:Cookie/Euniverseads Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@euniverseads[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@fastclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@fastclick[2].txt
Spyware:Cookie/Gator Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@gator[1].txt
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@gostats[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@go[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@hg1.hitbox[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@hitbox[2].txt
Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@hotlog[1].txt
Spyware:Cookie/Internetfuel Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@internetfuel[2].txt
Spyware:Cookie/Kount Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@kount[2].txt
Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@linksynergy[1].txt
Spyware:Cookie/Lop Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@lop[2].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@maxserving[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@mediaplex[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@overture[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@perf.overture[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@phg.hitbox[2].txt
Spyware:Cookie/QkSrv Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@qksrv[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@questionmarket[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@realmedia[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@realmedia[3].txt
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@revenue[1].txt
Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@rightmedia[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@servedby.advertising[1].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@server.iad.liveperson[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@serving-sys[1].txt
Spyware:Cookie/Santa Monica networks inc Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@smni[1].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@targetnet[1].txt
Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@tickle[2].txt
Spyware:Cookie/SaveNow Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@tracking.thunderdownloads[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@trafficmp[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@tribalfusion[1].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@valueclick[2].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@weborama[1].txt
Spyware:Cookie/Affiliate fuel Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@www.affiliatefuel[1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@www.burstbeacon[2].txt
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@www.myaffiliateprogram[1].txt
Spyware:Cookie/web-stat Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@www.web-stat[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@xiti[1].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@z1.adserver[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@zedo[1].txt
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\IExploreSkins.exe
Adware:Adware/StatBlaster Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\s21.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\sta31D.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\sta321.exe
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\tb_setup.exe
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\temp.cab
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\toolbar.dll
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\upd117.exe
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\upd118.exe
Adware:Adware/StatBlaster Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\update_1.exe
Adware:Adware/StatBlaster Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\WinWildApp.exe
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\WTA1\WinTA.cab[WToolsA.exe]
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\WToolsA.cab[WToolsA.exe]
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\WToolsA.exe
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~293435.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~306983.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~318146.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~356562.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~392031.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~409926.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~513832.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~521166.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~537182.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~541423.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~551875.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~551981.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~561307.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~575646.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~583958.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~592691.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~597181.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~599394.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~603541.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~625211.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~644600.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~648702.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~654221.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~717622.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~722406.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~754413.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~773125.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~778591.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~784244.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~793322.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~794123.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~804016.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~848679.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~875038.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~900649.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~916826.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~927781.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~932201.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~945568.tmp
Adware:Adware/nCase Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\07XJYAR5\AppWrap[1].exe
Virus:Trj/Downloader.FK Disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4J43C5QJ\stc[1].htm
Adware:Adware/Comet Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4XAZCPUN\dm_286[2].cab[CSSecure.dll]
Adware:Adware/Comet Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4XAZCPUN\dm_286[2].cab[dmfilemap.xml]
Adware:Adware/Comet Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4XAZCPUN\dm_286[2].cab[dmproxy.dll]
Adware:Adware/Comet Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4XAZCPUN\dm_286[2].cab[dmserver.exe]
Adware:Adware/Comet Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4XAZCPUN\dm_286[2].cab[DMUpdate.exe]
Adware:Adware/PortalScan Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4XAZCPUN\mwsvm[1].cab[mwsvm.exe]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4ZQRWJ2N\upd124[1].exe
Adware:Adware/NetPals Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\CPYRG9Q3\Ud3rT0n5[1].cab[ATPartners.inf]
Adware:Adware/Gator Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\FZ9NVHOO\hdplugin_1015_bundle33v0d12[2].cab[HDPlugin1015.dll]
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\GVOH0JWJ\fash[1].cab[fash.exe]
Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\HXV6X1LB\AppWrap[1].exe
Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\J8DD388O\AppWrap[1].exe
Spyware:Spyware/BetterInet Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\J8DD388O\AppWrap[2].exe
Adware:Adware/nCase Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\J8DD388O\AppWrap[4].exe
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\LJJGHUI6\upd118[1].exe
Adware:Adware/PortalScan Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\NR17F18W\ocx[1].cab
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\O3DN6Y35\DS3[2].cab[DS3.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\PK03P94D\upd117[1].exe
Spyware:Spyware/Searchcentrix Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\PK03P94D\weblz[2].CAB[somaticCAB.exe]
Virus:Trj/Imiserv.B Disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\PKWFPDCP\webplugin[2].cab
Spyware:Spyware/ClearSearch Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1E34DMJ\ClrSchP038[1].exe
Virus:Trj/Idly.A Disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1E34DMJ\IdleUI[1].dll
Adware:Adware/Popmon Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1E34DMJ\internetfeatures[1].exe
Adware:Adware/PortalScan Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1E34DMJ\loader[1].exe
Adware:Adware/PortalScan Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1E34DMJ\slmss[1].exe
Adware:Adware/PortalScan Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1E34DMJ\STC[1].exe
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1IJ8HAN\frsk[1].cab[frsk.exe]
Potentially unwanted tool:Application/FunWeb Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1IJ8HAN\SmileyCentralInitialSetup1.0.0.8[2].cab
Virus:Trj/Downloader.SJ Disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\ST2VKDIF\HP2[2].CHM
Hacktool:Exploit/Mhtredir.T Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\ST2VKDIF\hp2[2].htm
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\ST2VKDIF\upd121[1].exe
Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\Y5SPGZEH\AppWrap[1].exe
Adware:Adware/Sqwire Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\Y5SPGZEH\SQLoader3303[1].cab[SQLoader.exe]
Potentially unwanted tool:Application/HideWindow.A Not disinfected C:\hp\bin\FondleWindow.exe
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Potentially unwanted tool:Application/KillApp.A Not disinfected C:\hp\bin\Terminator.exe
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\E666CBC5-17AD-47CA-9E78-535BFD\233DD0F1-375A-4A9F-BEEB-59C157
Adware:Adware/Lop Not disinfected C:\Program Files\peakdupe\Mags 2.dll
Adware:Adware/Lop Not disinfected C:\Program Files\peakdupe\PingWin.dll
Hacktool:HackTool/SRunner.B Not disinfected C:\WINDOWS\system32\instsrv.exe

[ + quote]
bugzy113
Member
_ 		5. November 2006 @ 12:31 _ Link to this message    Send private message to this user   
-edit-

[ + quote]

This message has been edited since posting. Last time this message was edited on 5. November 2006 @ 12:57
Advertisement
_ 		__
 
_
bugzy113
Member
_ 		5. November 2006 @ 12:31 _ Link to this message    Send private message to this user   
-edit-
[ + quote]

This message has been edited since posting. Last time this message was edited on 5. November 2006 @ 12:57
 
Page:12Next >
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > hijak this scan
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2025 by AfterDawn Ltd.

  IDG TechNetwork