Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Scan Trying To Install At Start Up


  • Please log in to reply
29 replies to this topic

#1 shell5

shell5

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 20 January 2006 - 03:00 AM

Well I'm back again, have followed all steps from your instructions page.
My problem is a windows installer trying in install a "scan" at every start up, can only be stopped using task manager.
Thanks in advance cause I know I'll get great easy to follow advice

shell5




Logfile of HijackThis v1.99.1
Scan saved at 6:51:53 PM, on 20/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\system32\HpSrvUI.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Telstra\Toolbar\bpumTray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\USB Storage RW\shwicon.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\VOB\INSTAN~1\IWCTRL.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\LVComS.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com.au/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com.au/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:1796
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: ActivateBand Class - {4C7B6DE1-99A4-4CF1-8B44-68889900E1D0} - C:\Program Files\Telstra\Toolbar\bpumToolBand.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: BigPond Toolbar - {7A431EC4-CC21-4DF7-9DB1-A2CF74C4CC98} - C:\Program Files\Telstra\Toolbar\bpumToolBand.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [BigPond Toolbar] "C:\Program Files\Telstra\Toolbar\bpumTray.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\NORTON~3\WinFax\WFXSWTCH.exe
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [mswspl] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IW Controlcenter] C:\PROGRA~1\VOB\INSTAN~1\IWCTRL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP CD-DVD\Umbrella\DVDBitSet.exe" /noui
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/as...rl/LSSupCtl.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://www.gamenow.com.au/res/exent/classes/exentCtl.ocx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1124324165703
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37320.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab
O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - http://scripts.downloadv3.com/binaries/IA/...svc32_EN_XP.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab
O16 - DPF: {D8B94E9A-A34B-4253-BF48-C7CB7F2CFDB0} - http://scripts.downloadv3.com/binaries/P2E..._1046_EN_XP.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} - http://scripts.downloadv3.com/binaries/EGD...ESS_1072_XP.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36998656-CBC2-4C33-B458-4A855A3312EE}: NameServer = 61.9.192.14,61.9.192.15
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = nsw.bigpond.net.au
O17 - HKLM\System\CS1\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = nsw.bigpond.net.au
O17 - HKLM\System\CS2\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = nsw.bigpond.net.au
O18 - Protocol: bw+0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

:thumbsup: :flowers: :huh:

BC AdBot (Login to Remove)

 


m

#2 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 21 January 2006 - 05:31 PM

Add remove programs - remov logitech desktop messenger

======

Can you give more details as you have a lot running at startup
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#3 shell5

shell5
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 21 January 2006 - 07:54 PM

I have removed logitech desktop messenger as requested.
Not sure what extra details I can give you, is very slow to start up and then tries to install some scan which can only be stopped via task manager. Computer has also turned itself off a couple of times while programs are running, I have had this problem before and resolved it with instructions from you guys.
Sorry doesn't seem to be much extra info...

#4 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 22 January 2006 - 10:42 AM

<<install some scan>>

What scan - what are you stopping via task mgr

You have to give details - I can't see what you can
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#5 shell5

shell5
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 22 January 2006 - 05:00 PM

Have just started up my computer again to give you a detailed explantion of what I see...

Windows Installer small box comes up
'Preparing to Install Scan',
' Wait while Windows Configures Scan',
Then asks for the 'Scan Disk" to be inserted to continue,
when you hit cancel in comes up with
'error 1706. No valid sourse'
then it starts all over again,
thats when I end task within Task Manager.

#6 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 22 January 2006 - 05:12 PM

Sounds like windows installer trying to load something

Give it you Office disk if you have one or give it your XP disk
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#7 shell5

shell5
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 22 January 2006 - 07:16 PM

I have tried Office disk and any other disk I can think of, but with no luck, I do not have a XP disk to try, sorry

#8 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 22 January 2006 - 07:34 PM

What task are you killing
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#9 shell5

shell5
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 22 January 2006 - 09:55 PM

I don't know. Nothing that I am doing on purpose.

Last time I had this exact same problem I thought it was from some sort of virus/trojan, as it was fixed by following removal instructions from this web site, which is why I posted my hijack log in the first place, can you see anything obvious in my log?

#10 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 22 January 2006 - 09:58 PM

Log is fine - you said you are killing a task in task manager - which one
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#11 shell5

shell5
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 22 January 2006 - 10:00 PM

Just shows in task manager as 'scan'

#12 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 22 January 2006 - 10:06 PM

Go to the link below and download the trial version of SpySweeper:

SpySweeper http://www.webroot.com/consumer/products/s...&rc=4129&ac=tsg

* Click the Free Trial link under "SpySweeper" to download the program.
* Install it. Once the program is installed, it will open.
* It will prompt you to update to the latest definitions, click Yes.
* Once the definitions are installed, click Options on the left side.
* Click the Sweep Options tab.
* Under What to Sweep please put a check next to the following:
o Sweep Memory
o Sweep Registry
o Sweep Cookies
o Sweep All User Accounts
o Enable Direct Disk Sweeping
o Sweep Contents of Compressed Files
o Sweep for Rootkits

o Please UNCHECK Do not Sweep System Restore Folder.

* Click Sweep Now on the left side.
* Click the Start button.
* When it's done scanning, click the Next button.
* Make sure everything has a check next to it, then click the Next button.
* It will remove all of the items found.
* Click Session Log in the upper right corner, copy everything in that window.
* Click the Summary tab and click Finish.
* Paste the contents of the session log you copied into your next reply.
Also post a new Hijack This log.
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#13 shell5

shell5
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 22 January 2006 - 11:27 PM

Installed and used SpySweeper, lots of stuff found, see log to follow, will then send new HJT log.



********
2:15 PM: | Start of Session, Monday, 23 January 2006 |
2:15 PM: Spy Sweeper started
2:15 PM: Sweep initiated using definitions version 604
2:15 PM: Starting Memory Sweep
2:21 PM: Memory Sweep Complete, Elapsed Time: 00:05:35
2:21 PM: Starting Registry Sweep
2:21 PM: Found Adware: blazefind
2:21 PM: HKLM\software\microsoft\windows\currentversion\run\ || mswspl (ID = 104532)
2:21 PM: Found Adware: captaincodetoolbar
2:21 PM: HKCR\typelib\{75191760-d673-46f4-8a55-1e2d90f4ed72}\ (9 subtraces) (ID = 105356)
2:21 PM: HKLM\software\classes\typelib\{75191760-d673-46f4-8a55-1e2d90f4ed72}\ (9 subtraces) (ID = 105362)
2:22 PM: Found Adware: cws_analyzeie
2:22 PM: HKCR\clsid\{60d75c7f-d119-4a89-b3b3-d8aa07ef3300}\ (ID = 116873)
2:22 PM: HKLM\software\classes\clsid\{60d75c7f-d119-4a89-b3b3-d8aa07ef3300}\ (ID = 116895)
2:22 PM: Found Adware: hotbar
2:22 PM: HKCR\clsid\{204f937e-519e-4597-96fa-8f1f59f3cb6d}\ (3 subtraces) (ID = 127250)
2:22 PM: HKCR\interface\{20d21e02-8c1c-41fe-9826-dab4c223436c}\ (8 subtraces) (ID = 127333)
2:22 PM: HKCR\interface\{66291bef-c867-43c0-a7b4-d13393814bcd}\ (8 subtraces) (ID = 127342)
2:22 PM: HKLM\software\classes\clsid\{204f937e-519e-4597-96fa-8f1f59f3cb6d}\ (3 subtraces) (ID = 127413)
2:22 PM: HKLM\software\classes\interface\{20d21e02-8c1c-41fe-9826-dab4c223436c}\ (8 subtraces) (ID = 127498)
2:22 PM: HKLM\software\classes\interface\{66291bef-c867-43c0-a7b4-d13393814bcd}\ (8 subtraces) (ID = 127506)
2:22 PM: HKLM\software\classes\typelib\{5ba32d9e-f1bd-476c-ad42-97c9379a57a4}\ (ID = 127538)
2:22 PM: HKCR\typelib\{5ba32d9e-f1bd-476c-ad42-97c9379a57a4}\ (ID = 127636)
2:22 PM: Found Adware: instant access
2:22 PM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/egdhtml_1027.dll\ (2 subtraces) (ID = 128800)
2:22 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\egdhtml_1027.dll (ID = 128821)
2:22 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\ia.dll (ID = 128825)
2:22 PM: Found Adware: richfind
2:22 PM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/basis.xml\ (2 subtraces) (ID = 139921)
2:22 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\basis.xml (ID = 139931)
2:22 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\nav.bmp (ID = 139932)
2:22 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\toolbar.crc (ID = 139933)
2:22 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\version.txt (ID = 139934)
2:22 PM: Found Adware: 2search
2:22 PM: HKCR\stoplite.stoplitectrl.1\ (3 subtraces) (ID = 832751)
2:22 PM: HKCR\clsid\{20048bb4-db68-11cf-9caf-00aa006cb425}\ (3 subtraces) (ID = 832777)
2:22 PM: HKCR\typelib\{20048bb0-db68-11cf-9caf-00aa006cb425}\ (9 subtraces) (ID = 832781)
2:22 PM: HKLM\software\classes\stoplite.stoplitectrl.1\ (3 subtraces) (ID = 832804)
2:22 PM: HKLM\software\classes\clsid\{20048bb4-db68-11cf-9caf-00aa006cb425}\ (3 subtraces) (ID = 832830)
2:22 PM: HKLM\software\classes\typelib\{20048bb0-db68-11cf-9caf-00aa006cb425}\ (9 subtraces) (ID = 832834)
2:22 PM: HKCR\clsid\{d8b94e9a-a34b-4253-bf48-c7cb7f2cfdb0}\ (3 subtraces) (ID = 835930)
2:22 PM: HKLM\software\classes\clsid\{d8b94e9a-a34b-4253-bf48-c7cb7f2cfdb0}\ (3 subtraces) (ID = 835934)
2:22 PM: Found Adware: systemprocess
2:22 PM: HKLM\software\system process\ (8 subtraces) (ID = 860391)
2:22 PM: HKLM\software\system process\ || modid (ID = 860392)
2:22 PM: HKLM\software\system process\ || started (ID = 860395)
2:22 PM: HKLM\software\system process\ || installed (ID = 860396)
2:22 PM: HKLM\software\system process\ || lastupdatetime (ID = 860398)
2:22 PM: HKLM\software\system process\files\ (3 subtraces) (ID = 860399)
2:22 PM: HKLM\software\system process\files\ || system.dat (ID = 860400)
2:22 PM: HKLM\software\system process\files\ || ustart.exe (ID = 860402)
2:22 PM: HKLM\software\system process\files\ || p.dat (ID = 860403)
2:22 PM: HKCR\clsid\{b2b0aedf-7cdf-4792-bb67-7654ad1e1b13}\ (3 subtraces) (ID = 888967)
2:22 PM: HKLM\software\classes\clsid\{b2b0aedf-7cdf-4792-bb67-7654ad1e1b13}\ (3 subtraces) (ID = 888971)
2:22 PM: HKU\S-1-5-21-3305781904-3999868759-2749077437-1003\software\microsoft\internet explorer\extensions\cmdmapping\ || {34a44fcf-50e3-63a5-a8da-7835752b9571} (ID = 105357)
2:22 PM: HKU\S-1-5-21-3305781904-3999868759-2749077437-1003\software\microsoft\internet explorer\toolbar\shellbrowser\ || {b195b3b3-8a05-11d3-97a4-0004aca6948e} (ID = 127585)
2:22 PM: HKU\S-1-5-21-3305781904-3999868759-2749077437-1003\software\egdhtml\ (2 subtraces) (ID = 128787)
2:22 PM: HKU\S-1-5-21-3305781904-3999868759-2749077437-1003\software\system process\ (1 subtraces) (ID = 860389)
2:22 PM: HKU\S-1-5-21-3305781904-3999868759-2749077437-1003\software\system process\ || lastptime (ID = 860390)
2:22 PM: Registry Sweep Complete, Elapsed Time:00:01:02
2:22 PM: Starting Cookie Sweep
2:22 PM: Found Spy Cookie: yieldmanager cookie
2:22 PM: owner@ad.yieldmanager[1].txt (ID = 3751)
2:22 PM: Found Spy Cookie: belnk cookie
2:22 PM: owner@belnk[1].txt (ID = 2292)
2:22 PM: Found Spy Cookie: 2o7.net cookie
2:22 PM: owner@bigpond.122.2o7[1].txt (ID = 1958)
2:22 PM: Found Spy Cookie: burstnet cookie
2:22 PM: owner@burstnet[2].txt (ID = 2336)
2:22 PM: owner@burstnet[3].txt (ID = 2336)
2:22 PM: Found Spy Cookie: clickbank cookie
2:22 PM: owner@clickbank[2].txt (ID = 2398)
2:22 PM: owner@cnetaustralia.122.2o7[1].txt (ID = 1958)
2:22 PM: owner@dist.belnk[2].txt (ID = 2293)
2:22 PM: Found Spy Cookie: screensavers.com cookie
2:22 PM: owner@i.screensavers[1].txt (ID = 3298)
2:22 PM: Found Spy Cookie: nuker cookie
2:22 PM: owner@nuker[2].txt (ID = 3085)
2:22 PM: Found Spy Cookie: overture cookie
2:22 PM: owner@overture[1].txt (ID = 3105)
2:22 PM: owner@perf.overture[1].txt (ID = 3106)
2:22 PM: Found Spy Cookie: qksrv cookie
2:22 PM: owner@qksrv[2].txt (ID = 3213)
2:22 PM: Found Spy Cookie: realmedia cookie
2:22 PM: owner@realmedia[1].txt (ID = 3235)
2:22 PM: Found Spy Cookie: starware.com cookie
2:22 PM: owner@starware[2].txt (ID = 3441)
2:22 PM: Found Spy Cookie: reliablestats cookie
2:22 PM: owner@stats1.reliablestats[2].txt (ID = 3254)
2:22 PM: Found Spy Cookie: tripod cookie
2:22 PM: owner@tripod[1].txt (ID = 3591)
2:22 PM: Found Spy Cookie: burstbeacon cookie
2:22 PM: owner@www.burstbeacon[2].txt (ID = 2335)
2:22 PM: owner@www.screensavers[1].txt (ID = 3298)
2:22 PM: Found Spy Cookie: adserver cookie
2:22 PM: owner@z1.adserver[1].txt (ID = 2142)
2:22 PM: Cookie Sweep Complete, Elapsed Time: 00:00:01
2:22 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:22 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:22 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:22 PM: Warning: Failed to read MFT entry 369
2:22 PM: Starting File Sweep
2:22 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:22 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:22 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read MFT entry 752
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read MFT entry 1593
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:23 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:24 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read MFT entry 1976
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:25 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:26 PM: Warning: Failed to read MFT entry 2358
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:27 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read MFT entry 2741
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:28 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:29 PM: Warning: Failed to read MFT entry 3123
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:30 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:31 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:31 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:31 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:31 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:31 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:31 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:31 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:31 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:31 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:31 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:31 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:31 PM: Warning: Failed to read from disk: Data error (cyclic redundancy check)
2:31 PM: Warning: Failed to read MFT entry 3506
2:31 PM: Found Adware: whenu savenow
2:31 PM: c:\program files\vvsn (ID = -2147480376)
2:32 PM: Warning: Failed to open file "c:\system volume information\_restore{025b975b-fbd3-4de0-899e-8e330f2e4991}(2)\rp29\a0000836.ini". Data error (cyclic redundancy check)
2:34 PM: Warning: Failed to open file "c:\system volume information\_restore{025b975b-fbd3-4de0-899e-8e330f2e4991}(2)\fifoed\a0000551.lnk". Data error (cyclic redundancy check)
2:34 PM: a0000849.dll (ID = 132845)
2:34 PM: sysinetsvc32.dll (ID = 185437)
2:35 PM: ustart.exe (ID = 161346)
2:39 PM: Found Adware: 180search assistant/zango
2:39 PM: saap.log (ID = 70593)
2:39 PM: Found Adware: marketscore
2:39 PM: rkinstaller.exe (ID = 188829)
2:54 PM: a0001798.dll (ID = 158351)
2:55 PM: Found Adware: ezula ilookup
2:55 PM: ezpopstub.exe (ID = 60508)
2:55 PM: Warning: Failed to open file "c:\system volume information\_restore{025b975b-fbd3-4de0-899e-8e330f2e4991}(2)\rp29\change.log.1". Data error (cyclic redundancy check)
2:59 PM: rk.exe (ID = 158645)
3:05 PM: sysinetsvc32.inf (ID = 185438)
3:05 PM: Found Adware: webhancer
3:05 PM: a0011625.ini (ID = 188794)
3:05 PM: a0013015.inf (ID = 144824)
3:05 PM: a0013016.inf (ID = 144824)
3:05 PM: a0013017.inf (ID = 144824)
3:05 PM: a0013014.inf (ID = 107282)
3:05 PM: bridgex.inf (ID = 51445)
3:05 PM: Found Adware: directrevenue-abetterinternet
3:05 PM: satmat.ini (ID = 83499)
3:05 PM: satmat.inf (ID = 83498)
3:07 PM: Warning: Invalid file - not a PKZip file
3:08 PM: Warning: Invalid Stream
3:08 PM: Warning: Invalid file - not a PKZip file
3:08 PM: Warning: Invalid file - not a PKZip file
3:08 PM: Warning: Invalid file - not a PKZip file
3:08 PM: Warning: Invalid file - not a PKZip file
3:08 PM: Warning: Invalid file - not a PKZip file
3:08 PM: Warning: Invalid file - not a PKZip file
3:08 PM: Warning: Invalid file - not a PKZip file
3:08 PM: Warning: Invalid file - not a PKZip file
3:09 PM: File Sweep Complete, Elapsed Time: 00:46:30
3:09 PM: Full Sweep has completed. Elapsed time 00:53:27
3:09 PM: Traces Found: 199
3:20 PM: Removal process initiated
3:21 PM: Quarantining All Traces: 180search assistant/zango
3:21 PM: Quarantining All Traces: cws_analyzeie
3:21 PM: Quarantining All Traces: directrevenue-abetterinternet
3:21 PM: Quarantining All Traces: 2search
3:21 PM: Quarantining All Traces: blazefind
3:21 PM: Quarantining All Traces: hotbar
3:21 PM: Quarantining All Traces: marketscore
3:21 PM: Quarantining All Traces: captaincodetoolbar
3:21 PM: Quarantining All Traces: ezula ilookup
3:21 PM: Quarantining All Traces: instant access
3:21 PM: Quarantining All Traces: richfind
3:21 PM: Quarantining All Traces: systemprocess
3:21 PM: Quarantining All Traces: webhancer
3:21 PM: Quarantining All Traces: 2o7.net cookie
3:21 PM: Quarantining All Traces: adserver cookie
3:21 PM: Quarantining All Traces: belnk cookie
3:21 PM: Quarantining All Traces: burstbeacon cookie
3:21 PM: Quarantining All Traces: burstnet cookie
3:21 PM: Quarantining All Traces: clickbank cookie
3:21 PM: Quarantining All Traces: nuker cookie
3:21 PM: Quarantining All Traces: overture cookie
3:21 PM: Quarantining All Traces: qksrv cookie
3:21 PM: Quarantining All Traces: realmedia cookie
3:21 PM: Quarantining All Traces: reliablestats cookie
3:21 PM: Quarantining All Traces: screensavers.com cookie
3:21 PM: Quarantining All Traces: starware.com cookie
3:21 PM: Quarantining All Traces: tripod cookie
3:21 PM: Quarantining All Traces: whenu savenow
3:21 PM: Quarantining All Traces: yieldmanager cookie
3:22 PM: Removal process completed. Elapsed time 00:01:18
********
2:13 PM: | Start of Session, Monday, 23 January 2006 |
2:13 PM: Spy Sweeper started
2:14 PM: Your spyware definitions have been updated.
2:15 PM: | End of Session, Monday, 23 January 2006 |

#14 shell5

shell5
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 22 January 2006 - 11:31 PM

New log as reqeusted, have fun



Logfile of HijackThis v1.99.1
Scan saved at 3:28:47 PM, on 23/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Windows\system32\HpSrvUI.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\Telstra\Toolbar\bpumTray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\USB Storage RW\shwicon.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\VOB\INSTAN~1\IWCTRL.EXE
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Telstra\BigPond Assist\assist.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com.au/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:1796
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: ActivateBand Class - {4C7B6DE1-99A4-4CF1-8B44-68889900E1D0} - C:\Program Files\Telstra\Toolbar\bpumToolBand.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: BigPond Toolbar - {7A431EC4-CC21-4DF7-9DB1-A2CF74C4CC98} - C:\Program Files\Telstra\Toolbar\bpumToolBand.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [BigPond Toolbar] "C:\Program Files\Telstra\Toolbar\bpumTray.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\NORTON~3\WinFax\WFXSWTCH.exe
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IW Controlcenter] C:\PROGRA~1\VOB\INSTAN~1\IWCTRL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP CD-DVD\Umbrella\DVDBitSet.exe" /noui
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ecc] C:\Program Files\Telstra\BigPond Assist\assist.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/as...rl/LSSupCtl.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://www.gamenow.com.au/res/exent/classes/exentCtl.ocx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1124324165703
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37320.cab
O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/binaries/IA/...svc32_EN_XP.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab
O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - http://scripts.downloadv3.com/binaries/IA/...svc32_EN_XP.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab
O16 - DPF: {D8B94E9A-A34B-4253-BF48-C7CB7F2CFDB0} - http://scripts.downloadv3.com/binaries/P2E..._1046_EN_XP.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} - http://scripts.downloadv3.com/binaries/EGD...ESS_1072_XP.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36998656-CBC2-4C33-B458-4A855A3312EE}: NameServer = 61.9.192.14,61.9.192.15
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = nsw.bigpond.net.au
O17 - HKLM\System\CS1\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = nsw.bigpond.net.au
O17 - HKLM\System\CS2\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = nsw.bigpond.net.au
O18 - Protocol: bw+0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {69B0A5DB-0CAE-4BCB-98C2-CDD9FE6ADE64} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#15 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 23 January 2006 - 09:17 AM

You need do do this - START - RUN - CHKDSK /f

I'd say you system is corrupt and without an OS CD we cannot fix it
"Nothing could be finer than to be in South Carolina ............"

Member ASAP




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users