1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: lots of error messages..and freezing..

Discussion in 'Windows XP' started by Ca33, Aug 8, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. Ca33

    Ca33 Thread Starter

    Joined:
    Jun 18, 2005
    Messages:
    50
    Hi
    For the last few weeks, everytime I turn on my computer, about 10 error messages come up. It's the same error message that looks like this:

    [​IMG]
    *If you want to read what the error message says, click the photo and then click the expand button in the bottom right corner to read it*

    I would click "close" and the message would keep popping up but then disappear after a while.
    My computer has also been acting very slow while on the internet, sometimes it would freeze and I wouldn't be able to click anything. While it freezes, it would make this beeping noise repeatedly until it unfreezes too.

    Is my computer infected with a virus? What does the error message mean? How can I solve these problems and what do you think all of this is caused from?

    Thanks!

    Computer info: Sony Viao Windows XP desktop
     
  2. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    - http://www.visualtour.com/downloads/

    Scroll down to get XP Fix
    =================
    Click here to download HJTsetup.exe:

    http://www.thespykiller.co.uk/forum/index.php?action=tpmod;dl=item5
    Scroll down to the download section

    Save HJTsetup.exe to your desktop.

    Double click on the HJTsetup.exe icon on your desktop.
    By default it will install to C:\Program Files\Hijack This.
    Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
    Put a check by Create a desktop icon then click Next again.
    Continue to follow the rest of the prompts from there.
    At the final dialogue box click Finish and it will launch Hijack This.
    Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
    Click Save to save the log file and then the log will open in notepad.
    Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    Come back here to this thread and Paste the log in your next reply.
    DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
     
  3. Ca33

    Ca33 Thread Starter

    Joined:
    Jun 18, 2005
    Messages:
    50
    Here it is:

    Logfile of HijackThis v1.99.1
    Scan saved at 3:14:58 PM, on 8/8/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2

    (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Adobe\Photoshop Elements

    4.0\PhotoshopElementsFileAgent.exe
    C:\WINDOWS\Explorer.exe
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\program files\zango\zango.exe
    C:\WINDOWS\system32\tcpcheck.exe
    C:\WINDOWS\etb\pokapoka79.exe
    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\LogitechDesktopMesseng

    er.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\Kodak\Kodak EasyShare

    software\bin\EasyShare.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Sony\USBSircs\usbsircs.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\OpenOffice.org

    2.0\program\soffice.exe
    C:\Program Files\OpenOffice.org

    2.0\program\soffice.BIN
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\ScsiAccess.EXE
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sony\VAIO Media Music

    Server\SSSvr.exe
    C:\Program Files\Sony\Photo

    Server\appsrv\PhotoAppSrv.exe
    C:\Program Files\Sony\Giga Pocket\GPVSvr.exe
    C:\Program Files\Common Files\Sony Shared\VAIO

    Media Platform\sv_httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO

    Media Platform\SV_Httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO

    Media Platform\SV_Httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO

    Media Platform\UPnPFramework.exe
    C:\Program Files\Common Files\Sony Shared\VAIO

    Media Platform\UPnPFramework.exe
    C:\Program Files\Common Files\Sony Shared\VAIO

    Media Platform\UPnPFramework.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\udpcheck.exe
    C:\Program Files\Hijackthis\HijackThis.exe
    C:\WINDOWS\system32\tcpcheck.exe

    R1 - HKCU\Software\Microsoft\Internet

    Explorer,SearchURL =

    http://www.eza1netsearch.com/sp2.php
    R1 - HKCU\Software\Microsoft\Internet

    Explorer\Main,Default_Search_URL =

    http://www.hotsearchbox.com/ie/
    R1 - HKCU\Software\Microsoft\Internet

    Explorer\Main,Search Bar =

    http://www.sfeuzdcxyuqo.com/r96rMtWbuzxp9mDlrApb

    XqRPanQGT8TwGxboyXNFUlIdr2djRhwLeN7DYUxnLl/H.asp
    R1 - HKCU\Software\Microsoft\Internet

    Explorer\Main,Search Page =

    http://websearch.drsnsrch.com/sidesearch.cgi?id=
    R1 - HKCU\Software\Microsoft\Internet

    Explorer\Main,SearchURL =

    http://www.hotsearchbox.com/ie/
    R1 - HKLM\Software\Microsoft\Internet

    Explorer\Main,Default_Page_URL =

    http://www.hispeed.rogers.com
    R1 - HKLM\Software\Microsoft\Internet

    Explorer\Main,Search Bar =

    http://websearch.drsnsrch.com/sidesearch.cgi?id=
    R1 - HKLM\Software\Microsoft\Internet

    Explorer\Main,Search Page =

    http://websearch.drsnsrch.com/sidesearch.cgi?id=
    R0 - HKLM\Software\Microsoft\Internet

    Explorer\Search,SearchAssistant =

    http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7

    AfA98Gm4Me69ZMbubcD6jnrmkc3gR10D4vlXGM5QL0oLtWi2

    DTpyV8cdrI/lD8OgpS/40FZkUGUPupQmkcyp2FrBvO1lQiWu

    COaQ02/7jdqddtPTyXfUTCrsF897Day0tbWieD1DM8sYH6s9

    J/9MWh9Tj4/RLdrprPBpPbrKUs73A9pzLcUeGaotEIpQy850

    wnYQBAuhmU2Nmx2rLfuTBKPmSObTXA=
    R0 - HKLM\Software\Microsoft\Internet

    Explorer\Search,CustomizeSearch =

    http://websearch.drsnsrch.com/sidesearch.cgi?id=
    R1 - HKCU\Software\Microsoft\Internet

    Explorer\SearchURL,(Default) =

    websearch.drsnsrch.com/q.cgi?q=
    R1 - HKCU\Software\Microsoft\Internet

    Explorer\Main,Window Title = Microsoft Internet

    Explorer provided by Rogers Hi-Speed Internet
    R1 -

    HKCU\Software\Microsoft\Windows\CurrentVersion\I

    nternet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet

    Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) -

    _{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - (no

    file)
    R3 - URLSearchHook: (no name) -

    {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - (no

    file)
    R3 - URLSearchHook: SweetIM For Internet

    Explorer -

    {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} -

    C:\Program

    Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    F2 - REG:system.ini: Shell=Explorer.exe

    C:\WINDOWS\Nail.exe
    F2 - REG:system.ini:

    UserInit=C:\WINDOWS\System32\Userinit.exe
    O2 - BHO: Zango Search Assistant Helper

    /fleok=1D8A83A5C7E119799CA875760EA83FA5EF80752B9

    4E3D7785E7A452B3BC7 -

    {56F1D444-11BF-4879-A12B-79CF0177F038} -

    c:\program files\zango\zangohook.dll
    O2 - BHO: Google Toolbar Helper -

    {AA58ED58-01DD-4d91-8333-CF10577473F7} -

    c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google -

    {2318C2B1-4965-11d4-9B18-009027A5CD4F} -

    c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [VAIO Recovery]

    C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program

    Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [IgfxTray]

    C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program

    Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program

    Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [zango] "c:\program

    files\zango\zango.exe"
    O4 - HKLM\..\Run: [zhblhx]

    C:\WINDOWS\system32\zgdsfzs.exe r
    O4 - HKLM\..\Run: [tcp checker] tcpcheck.exe
    O4 - HKLM\..\Run: [System service79]

    C:\WINDOWS\etb\pokapoka79.exe
    O4 - HKLM\..\RunServices: [CTHelper]

    cthelper.exe
    O4 - HKLM\..\RunServices: [View Manager]

    viewmgr.exe
    O4 - HKLM\..\RunServices: [tcp checker]

    tcpcheck.exe
    O4 - HKLM\..\RunServices: [The Intranet]

    intranet.exe
    O4 - HKCU\..\Run: [LDM] C:\Program

    Files\Logitech\Desktop

    Messenger\8876480\Program\LogitechDesktopMesseng

    er.exe
    O4 - HKCU\..\Run: [Name Creative]

    C:\DOCUME~1\SALVAT~1\APPLIC~1\CHICID~1\extraglue

    cdrom.exe
    O4 - HKCU\..\Run: [tcp checker] tcpcheck.exe
    O4 - HKCU\..\RunServices: [tcp checker]

    tcpcheck.exe
    O4 - HKCU\..\RunServices: [View Manager]

    viewmgr.exe
    O4 - Startup: MyWebSearch Email Plugin.lnk =

    C:\Program

    Files\MyWebSearch\bar\6.bin\MWSOEMON.EXE
    O4 - Startup: OpenOffice.org 2.0.lnk =

    C:\Program Files\OpenOffice.org

    2.0\program\quickstart.exe
    O4 - Startup: PowerReg Scheduler V3.exe
    O4 - Global Startup: Kodak EasyShare

    software.lnk = C:\Program Files\Kodak\Kodak

    EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: KODAK Software Updater.lnk

    = C:\Program Files\Kodak\KODAK Software

    Updater\7288971\Program\backWeb-7288971.exe
    O4 - Global Startup: Quicken Scheduled

    Updates.lnk = C:\Program

    Files\Quicken\bagent.exe
    O4 - Global Startup: Quicken Startup.lnk =

    C:\Program Files\Quicken\QWDLLS.EXE
    O4 - Global Startup: Remocon Driver.lnk = ?
    O8 - Extra context menu item: &Google Search -

    res://c:\program

    files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Search -

    http://bar.mywebsearch.com/menusearch.html?p=ZSz

    eb02985US_ZCxdm276XXCA
    O8 - Extra context menu item: &Translate English

    Word - res://c:\program

    files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links -

    res://c:\program

    files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of

    Page - res://c:\program

    files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages -

    res://c:\program

    files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: SirSearch -

    file://C:\Program

    Files\PWRSMND1\Cache\SelectedContextSearch.htm
    O8 - Extra context menu item: Translate Page

    into English - res://c:\program

    files\google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) -

    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

    C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console -

    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

    C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: SideFind -

    {10E42047-DEB9-4535-A118-B3F6EC39B807} -

    C:\Program Files\SideFind\sidefind.dll
    O9 - Extra button: Spyware Doctor -

    {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -

    C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll (file

    missing)
    O9 - Extra button: Messenger -

    {FB5F1910-F110-11d2-BB9E-00C04F795683} -

    C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger -

    {FB5F1910-F110-11d2-BB9E-00C04F795683} -

    C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF:

    START_PAGE_URL=http://www.hispeed.rogers.com
    O15 - Trusted Zone: *.popuppers.com
    O16 - DPF:

    {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} -

    http://akamai.downloadv3.com/binaries/IA/dtc32_E

    N_XP.cab
    O16 - DPF:

    {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX

    ActiveX Control) -

    http://www.ipix.com/download/ipixx.cab
    O16 - DPF:

    {1239CC52-59EF-4DFA-8C61-90FFA846DF7E}

    (Musicnotes Viewer) -

    http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF:

    {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -

    http://ak.imgfarm.com/images/nocache/funwebprodu

    cts/ei/FunBuddyIconsFWBInitialSetup1.0.0.8.cab
    O16 - DPF:

    {2917297F-F02B-4B9D-81DF-494B6333150B}

    (Minesweeper Flags Class) -

    http://messenger.zone.msn.com/binary/MineSweeper

    .cab31267.cab
    O16 - DPF:

    {469C7080-8EC8-43A6-AD97-45848113743C} -

    http://akamai.downloadv3.com/binaries/IA/nethv32

    _EN_XP.cab
    O16 - DPF:

    {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN

    Photo Upload Tool) -

    http://cass-kass.spaces.msn.com//PhotoUpload/Msn

    PUpld.cab
    O16 - DPF:

    {77E32299-629F-43C6-AB77-6A1E6D7663F6} -

    http://www.nick.com/common/groove/gx/GrooveAX27.

    cab
    O16 - DPF:

    {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}

    (MessengerStatsClient Class) -

    http://messenger.zone.msn.com/binary/MessengerSt

    atsClient.cab31267.cab
    O16 - DPF:

    {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}

    (MediaGatewayX) -

    http://static.zangocash.com/cab/Zango/ie/bridge-

    c356.cab
    O16 - DPF:

    {91433D86-9F27-402C-B5E3-DEBDD122C339} -

    http://www.netvenda.com/sites/games-intl/ca/game

    s1.cab
    O16 - DPF:

    {A1426AC5-8CE5-4A00-B71E-011D35709AC6}

    (Progetto1.int_ver34) -

    http://advnt01.com/dialer/int_ver34.CAB
    O16 - DPF:

    {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford

    Solutions, Inc.'s ssiPictureUploader Control) -

    http://img.funtigo.com/images/uploader/ssiPictur

    eUploader.cab
    O16 - DPF:

    {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Java

    Runtime Environment 1.4.0_03) -
    O16 - DPF:

    {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) -

    http://static.zangocash.com/cab/Zango/ie/bridge-

    c18.cab?eef534db749fbb8f6134e9a3fb4743fe6526e063

    8ba0e86b1c4e89c6932f1981f69b64d352c0237d0ef8f029

    a838b3302c7c7803d8df7a8b8ae4bbbe4385e18a6f:7dffd

    a6bf28b9ed258b3e6671c0f0c1f
    O18 - Protocol: bw+0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw+0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw-0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw-0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw00 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw00s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw10 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw10s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw20 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw20s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw30 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw30s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw40 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw40s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw50 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw50s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw60 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw60s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw70 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw70s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw80 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw80s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw90 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bw90s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwa0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwa0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwb0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwb0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwc0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwc0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwd0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwd0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwe0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwe0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwf0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwf0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwfile-8876480 -

    {9462A756-7B47-47BC-8C80-C34B9B80B32B} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\GAPlugProtocol-8876480

    .dll
    O18 - Protocol: bwg0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwg0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwh0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwh0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwi0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwi0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwj0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwj0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwk0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwk0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwl0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwl0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwm0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwm0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwn0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwn0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwo0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwo0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwp0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwp0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwq0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwq0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwr0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwr0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bws0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bws0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwt0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwt0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwu0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwu0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwv0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwv0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bww0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bww0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwx0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwx0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwy0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwy0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwz0 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: bwz0s -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O18 - Protocol: msnim -

    {828030A1-22C1-4009-854F-8E305202313F} -

    "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file

    missing)
    O18 - Protocol: offline-8876480 -

    {F05B078D-53C0-4C5F-859F-C0A19D2E42D5} -

    C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480

    .dll
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O20 - Winlogon Notify: igfxcui -

    C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon -

    C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Adobe Active File Monitor V4

    (AdobeActiveFileMonitor4.0) - Unknown owner -

    C:\Program Files\Adobe\Photoshop Elements

    4.0\PhotoshopElementsFileAgent.exe
    O23 - Service: InstallDriver Table Manager

    (IDriverT) - Macrovision Corporation -

    C:\Program Files\Common

    Files\InstallShield\Driver\11\Intel

    32\IDriverT.exe
    O23 - Service: Intranet Service

    (IntranetService) - Brought to you by the

    Bandwidth Bandits -

    C:\WINDOWS\SYSTEM32\intranet.exe
    O23 - Service: iPodService - Apple Computer,

    Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Kodak Camera Connection Software

    (KodakCCS) - Eastman Kodak Company -

    C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: NVIDIA Driver Helper Service

    (NVSvc) - NVIDIA Corporation -

    C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Plug and Pray (PlugAndPray) -

    Brought to you by the Bandwidth Bandits -

    C:\WINDOWS\SYSTEM32\viewmgr.exe
    O23 - Service: Pml Driver HPZ12 - HP -

    C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: ScsiAccess - Unknown owner -

    C:\WINDOWS\System32\ScsiAccess.EXE
    O23 - Service: Sony SPTI Service (SPTISRV) -

    Sony Corporation -

    C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: STOPzilla Local Service - Unknown

    owner - C:\Program Files\STOPzilla!\szntsvc.exe

    (file missing)
    O23 - Service: System Startup Service (SvcProc)

    - Unknown owner - C:\WINDOWS\svcproc.exe
    O23 - Service: TCPIP Managing Service

    (TCPIPManagingService) - Brought to you by the

    Bandwidth Bandits -

    C:\WINDOWS\SYSTEM32\tcpcheck.exe
    O23 - Service: VAIO Media Music Server

    (VAIOMediaPlatform-MusicServer-AppServer) -

    Unknown owner - C:\Program Files\Sony\VAIO Media

    Music Server\SSSvr.exe"

    /Service=VAIOMediaPlatform-MusicServer-AppServer

    /DisplayName="VAIO Media Music Server (file

    missing)
    O23 - Service: VAIO Media Music Server (HTTP)

    (VAIOMediaPlatform-MusicServer-HTTP) - Unknown

    owner - C:\Program Files\Common Files\Sony

    Shared\VAIO Media Platform\sv_httpd.exe"

    /Service=VAIOMediaPlatform-MusicServer-HTTP

    /RegRoot="Software\Sony Corporation\VAIO Media

    Platform\2.0"

    /RegExt="Applications\MusicServer\HTTP (file

    missing)
    O23 - Service: VAIO Media Music Server (UPnP)

    (VAIOMediaPlatform-MusicServer-UPnP) - Sony

    Corporation - C:\Program Files\Common Files\Sony

    Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Photo Server

    (VAIOMediaPlatform-PhotoServer-AppServer) - Sony

    Corporation - C:\Program Files\Sony\Photo

    Server\appsrv\PhotoAppSrv.exe
    O23 - Service: VAIO Media Photo Server (HTTP)

    (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown

    owner - C:\Program Files\Common Files\Sony

    Shared\VAIO Media Platform\SV_Httpd.exe"

    /Service=VAIOMediaPlatform-PhotoServer-HTTP

    /RegRoot="Software\Sony Corporation\VAIO Media

    Platform\2.0"

    /RegExt="\Applications\PhotoServer\HTTP (file

    missing)
    O23 - Service: VAIO Media Photo Server (UPnP)

    (VAIOMediaPlatform-PhotoServer-UPnP) - Sony

    Corporation - C:\Program Files\Common Files\Sony

    Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Video Server

    (VAIOMediaPlatform-VideoServer-AppServer) -

    Unknown owner - C:\Program Files\Sony\Giga

    Pocket\GPVSvr.exe"

    /Service=VAIOMediaPlatform-VideoServer-AppServer

    /DisplayName="VAIO Media Video Server (file

    missing)
    O23 - Service: VAIO Media Video Server (HTTP)

    (VAIOMediaPlatform-VideoServer-HTTP) - Unknown

    owner - C:\Program Files\Common Files\Sony

    Shared\VAIO Media Platform\SV_Httpd.exe"

    /Service=VAIOMediaPlatform-VideoServer-HTTP

    /RegRoot="SOFTWARE\Sony Corporation\VAIO Media

    Platform\2.0"

    /RegExt="\Applications\VideoServer\HTTP (file

    missing)
    O23 - Service: VAIO Media Video Server (UPnP)

    (VAIOMediaPlatform-VideoServer-UPnP) - Sony

    Corporation - C:\Program Files\Common Files\Sony

    Shared\VAIO Media Platform\UPnPFramework.exe
     
  4. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Next log - in note pad go to FORMAT and check wordwrap before copying


    · http://users.pandora.be/bluepatchy/miekiemoes/tools/LQfix.exe to download LQfix.exe and Save it to your desktop.
    · Doubleclick LQfix.exe and click install.
    · Leave the default settings. If you change them, the fix will fail.
    · Make sure 'Launch LQfix' is checked. After clicking finish in the install, the fix will start.
    · Follow the prompts on the screen.
    · Your system will reboot afterwards.
    · Please be patient after reboot, because there is a script running in the background.
    ======================

    Add remove programs – remove - my web search – Logitech desktop messenger
    ====================

    You have no active AntiVirus!

    Get the free AVG 7 install it, check for updates and run a full scan

    AVG 7 - http://free.grisoft.com/freeweb.php/doc/2/

    =====================
    Go to the link below and download the trial version of SpySweeper:

    SpySweeper http://www.webroot.com/consumer/products/spysweeper/index.html?acode=af1&rc=4129&ac=tsg

    * Click the Free Trial link under "SpySweeper" to download the program.
    * Install it. Once the program is installed, it will open.
    * It will prompt you to update to the latest definitions, click Yes.
    * Once the definitions are installed, click Options on the left side.
    * Click the Sweep Options tab.
    * Under What to Sweep please put a check next to the following:
    o Sweep Memory
    o Sweep Registry
    o Sweep Cookies
    o Sweep All User Accounts
    o Enable Direct Disk Sweeping
    o Sweep Contents of Compressed Files
    o Sweep for Rootkits

    o Please UNCHECK Do not Sweep System Restore Folder.

    * Click Sweep Now on the left side.
    * Click the Start button.
    * When it's done scanning, click the Next button.
    * Make sure everything has a check next to it, then click the Next button.
    * It will remove all of the items found.
    * Click Session Log in the upper right corner, copy everything in that window.
    * Click the Summary tab and click Finish.
    * Paste the contents of the session log you copied into your next reply.
    Also post a new Hijack This log.
     
  5. Ca33

    Ca33 Thread Starter

    Joined:
    Jun 18, 2005
    Messages:
    50
    Add remove programs – remove - my web search – Logitech desktop messenger

    -I'm confused about that. What do you mean by web search? Do you just want me to completely remove Logitch desktop off of my computer? Why so?
     
  6. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    MyWebSearch is a program

    Just the messenger portion of logitech desktop
     
  7. Ca33

    Ca33 Thread Starter

    Joined:
    Jun 18, 2005
    Messages:
    50
    The log is more than 3000 characters long so it won't let me post.
    How could I make it smaller, any other ways for me to send it to you?
     
  8. Ca33

    Ca33 Thread Starter

    Joined:
    Jun 18, 2005
    Messages:
    50
    Here is the hijack one..I couldn't send the summary log cause it had too many characters..get back to me on that:

    Logfile of HijackThis v1.99.1
    Scan saved at 5:40:52 PM, on 8/8/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Sony\USBSircs\usbsircs.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
    C:\WINDOWS\System32\ScsiAccess.EXE
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
    C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
    C:\Program Files\Sony\Giga Pocket\GPVSvr.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.hotsearchbox.com/ie/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.sfeuzdcxyuqo.com/r96rMtWbuzxp9mDlrApbXqRPanQGT8TwGxboyXNFUlIdr2djRhwLeN7DYUxnLl/H.asp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hispeed.rogers.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Rogers Hi-Speed Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [zhblhx] C:\WINDOWS\system32\zgdsfzs.exe r
    O4 - HKLM\..\Run: [tcp checker] tcpcheck.exe
    O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKLM\..\RunServices: [CTHelper] cthelper.exe
    O4 - HKLM\..\RunServices: [View Manager] viewmgr.exe
    O4 - HKLM\..\RunServices: [tcp checker] tcpcheck.exe
    O4 - HKLM\..\RunServices: [The Intranet] intranet.exe
    O4 - HKCU\..\Run: [tcp checker] tcpcheck.exe
    O4 - HKCU\..\RunServices: [tcp checker] tcpcheck.exe
    O4 - HKCU\..\RunServices: [View Manager] viewmgr.exe
    O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\6.bin\MWSOEMON.EXE
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Startup: PowerReg Scheduler V3.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
    O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE
    O4 - Global Startup: Remocon Driver.lnk = ?
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb02985US_ZCxdm276XXCA
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.hispeed.rogers.com
    O15 - Trusted Zone: *.popuppers.com
    O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/FunBuddyIconsFWBInitialSetup1.0.0.8.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://cass-kass.spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/ca/games1.cab
    O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} (Progetto1.int_ver34) - http://advnt01.com/dialer/int_ver34.CAB
    O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.com/images/uploader/ssiPictureUploader.cab
    O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_03) -
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Intranet Service (IntranetService) - Unknown owner - C:\WINDOWS\SYSTEM32\intranet.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Plug and Pray (PlugAndPray) - Unknown owner - C:\WINDOWS\SYSTEM32\viewmgr.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: STOPzilla Local Service - Unknown owner - C:\Program Files\STOPzilla!\szntsvc.exe (file missing)
    O23 - Service: TCPIP Managing Service (TCPIPManagingService) - Unknown owner - tcpcheck.exe (file missing)
    O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
    O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
    O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
    O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
    O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Giga Pocket\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
    O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
    O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
     
  9. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    You can attach it - post a reply and scroll down - manage attachments

    But for now leave it be

    You may want to print this or save it to notepad as we will go to safe mode.

    Add remove programs – remove messenger plus 3 – it has given you a lop infection, if you want it back – reinstall - When you get to the Sponsor Agreement,SELECT:
    ’I Refuse to give my support, install Messenger Plus! without the sponsor'.
    ====================================
    Add remove programs – remove mywebsearch

    Fix these with HJT – mark them, close IE, click fix checked

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.sfeuzdcxyuqo.com/r96rMtWb...7DYUxnLl/H.asp

    O4 - HKLM\..\Run: [zhblhx] C:\WINDOWS\system32\zgdsfzs.exe r

    O4 - HKLM\..\Run: [tcp checker] tcpcheck.exe

    O4 - HKLM\..\RunServices: [View Manager] viewmgr.exe

    O4 - HKLM\..\RunServices: [tcp checker] tcpcheck.exe

    O4 - HKLM\..\RunServices: [The Intranet] intranet.exe

    O4 - HKCU\..\Run: [tcp checker] tcpcheck.exe

    O4 - HKCU\..\RunServices: [tcp checker] tcpcheck.exe

    O4 - HKCU\..\RunServices: [View Manager] viewmgr.exe

    O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\6.bin\MWSOEMON.EXE

    O4 - Startup: PowerReg Scheduler V3.exe

    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearc...S_ZCxdm276XXCA

    O15 - Trusted Zone: *.popuppers.com

    O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binarie...tc32_EN_XP.cab

    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...tup1.0.0.8.cab

    O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/ca/games1.cab

    O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} (Progetto1.int_ver34) - http://advnt01.com/dialer/int_ver34.CAB

    O23 - Service: Intranet Service (IntranetService) - Unknown owner - C:\WINDOWS\SYSTEM32\intranet.exe

    O23 - Service: Plug and Pray (PlugAndPray) - Unknown owner - C:\WINDOWS\SYSTEM32\viewmgr.exe

    O23 - Service: TCPIP Managing Service (TCPIPManagingService) - Unknown owner - tcpcheck.exe (file missing)


    DownLoad http://www.downloads.subratam.org/KillBox.zip

    Restart your computer into safe mode now. (Tapping F8 at the first black screen) Perform the following steps in safe mode:

    Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the X in the middle after you enter each file. It will ask for confimation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the "Paste Full Path of File to Delete" box.

    C:\WINDOWS\SYSTEM32\intranet.exe
    C:\WINDOWS\SYSTEM32\viewmgr.exe
    C:\Program Files\MyWebSearch
    C:\WINDOWS\SYSTEM32\tcpcheck.exe
    WINDOWS\system32\zgdsfzs.exe

    Note: It is possible that Killbox will tell you that one or more files do not exist. If that happens, just continue on with all the files. Be sure you don't miss any.

    START – RUN – type in %temp% - OK - Edit – Select all – File – Delete

    Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp

    Not all temp files will delete and that is normal
    Empty the recycle bin
    Boot and post a new log from normal NOT safe mode

    Please give feedback on what worked/didn’t work and the current status of your system
     
  10. Ca33

    Ca33 Thread Starter

    Joined:
    Jun 18, 2005
    Messages:
    50
    I can't seem to find anything called mywebsearch under add/remove programs:confused:
    By the way, I tried attaching the summary log, and it said that was too big too..
     
  11. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Just do the fixes and then post a new log
     
  12. Ca33

    Ca33 Thread Starter

    Joined:
    Jun 18, 2005
    Messages:
    50
    Should I still continue with doing the safe mode thing?

    Logfile of HijackThis v1.99.1
    Scan saved at 6:48:31 PM, on 8/8/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Sony\USBSircs\usbsircs.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
    C:\WINDOWS\System32\ScsiAccess.EXE
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
    C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
    C:\Program Files\Sony\Giga Pocket\GPVSvr.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows NT\Accessories\wordpad.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.hotsearchbox.com/ie/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.sfeuzdcxyuqo.com/r96rMtWbuzxp9mDlrApbXqRPanQGT8TwGxboyXNFUlIdr2djRhwLeN7DYUxnLl/H.asp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hispeed.rogers.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Rogers Hi-Speed Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\RunServices: [CTHelper] cthelper.exe
    O4 - HKLM\..\RunServices: [The Intranet] intranet.exe
    O4 - HKCU\..\RunServices: [tcp checker] tcpcheck.exe
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
    O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE
    O4 - Global Startup: Remocon Driver.lnk = ?
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.hispeed.rogers.com
    O15 - Trusted Zone: *.popuppers.com
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://cass-kass.spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.com/images/uploader/ssiPictureUploader.cab
    O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_03) -
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Intranet Service (IntranetService) - Unknown owner - C:\WINDOWS\SYSTEM32\intranet.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Plug and Pray (PlugAndPray) - Unknown owner - C:\WINDOWS\SYSTEM32\viewmgr.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: STOPzilla Local Service - Unknown owner - C:\Program Files\STOPzilla!\szntsvc.exe (file missing)
    O23 - Service: TCPIP Managing Service (TCPIPManagingService) - Unknown owner - tcpcheck.exe (file missing)
    O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
    O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
    O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
    O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
    O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Giga Pocket\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
    O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
    O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
     
  13. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Did you remove messenger plus?

    You may want to print this or save it to notepad as we will go to safe mode.

    Fix these with HJT – mark them, close IE, click fix checked


    O4 - HKLM\..\RunServices: [The Intranet] intranet.exe

    O4 - HKCU\..\RunServices: [tcp checker] tcpcheck.exe

    O23 - Service: Intranet Service (IntranetService) - Unknown owner - C:\WINDOWS\SYSTEM32\intranet.exe

    O23 - Service: Plug and Pray (PlugAndPray) - Unknown owner - C:\WINDOWS\SYSTEM32\viewmgr.exe

    O23 - Service: TCPIP Managing Service (TCPIPManagingService) - Unknown owner - tcpcheck.exe (file missing)
    ==================================

    Click Start > Run > and type in:

    services.msc

    Click OK.

    In the services window find this exact name

    Intranet Service

    Rightclick and choose "Properties". On the "General" tab under "Service Status" click the "Stop" button to stop the service. Beside "Startup Type" in the dropdown menu select "Disabled". Click Apply then OK. File-Exit the Services utility.

    Repeat the above for - Plug and Pray (Not that is Pray NOT Play) - TCPIP Managing Service
    =========================
    DownLoad http://www.downloads.subratam.org/KillBox.zip

    Restart your computer into safe mode now. (Tapping F8 at the first black screen) Perform the following steps in safe mode:

    Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the X in the middle after you enter each file. It will ask for confimation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the "Paste Full Path of File to Delete" box.

    C:\WINDOWS\SYSTEM32\intranet.exe
    C:\WINDOWS\SYSTEM32\tcpcheck.exe

    Note: It is possible that Killbox will tell you that one or more files do not exist. If that happens, just continue on with all the files. Be sure you don't miss any.

    START – RUN – type in %temp% - OK - Edit – Select all – File – Delete

    Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp

    Not all temp files will delete and that is normal
    Empty the recycle bin
    Boot and post a new log from normal NOT safe mode

    Please give feedback on what worked/didn’t work and the current status of your system
     
  14. Ca33

    Ca33 Thread Starter

    Joined:
    Jun 18, 2005
    Messages:
    50
    Yes I removed messenger plus and then installed the version without the sponsor.
     
  15. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Download Findlop by Metallica.
    http://metallica.geekstogo.com/findlop.zip

    Unzip it to your desktop.
    Double click findlop.bat.
    A Notepad file will open.
    Copy the content of that file and paste it into your reply to this thread.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/490531

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice