Solved: pls check out this hjt log please?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

mozzer65

Thread Starter
Joined
Jun 28, 2005
Messages
69
hiya
i have a dekstop with win xp home sp2, which is real slow!!
ran a full ewido scan - log attached and also attached hjt log
please advise?
TIA
andy

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 00:29:06 23/01/2007

+ Scan result:



C:\Documents and Settings\Owner\Local Settings\Temp\whenu.exe/Sync.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
HKLM\SOFTWARE\WhenUSave -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Internet Explorer\V0.39.dat -> Downloader.Small.bdl : Cleaned with backup (quarantined).
C:\Documents and Settings\Owner\Local Settings\Temp\dia10.exe -> Heuristic.Win32.Dialer : Ignored.
C:\Documents and Settings\Owner\Local Settings\Temp\diaE.exe -> Heuristic.Win32.Dialer : Ignored.
C:\Documents and Settings\Owner\Local Settings\Temp\diaF.exe -> Heuristic.Win32.Dialer : Ignored.
C:\WINDOWS\Downloaded Program Files\USDR6_0001_D09M0706NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignored.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Dbbsrv : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Epilot : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Hypertracker : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Itrack : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Ivwbox : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][3].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Internet Explorer\V0.30.dat -> Trojan.Dialer.fy : Cleaned with backup (quarantined).


::Report end


Logfile of HijackThis v1.99.1
Scan saved at 00:39:21, on 23/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: ChatSpace Full Java Client 3.1.0.235 - http://chat-e1.freeserve.com/Java/cfs31235.cab
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://www.systemdoctor.com/download/2006/cab/SystemDoctor2006FreeInstall.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/bestfriends/miniclipGameLoader.dll
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freeware/installdrivecleanerstart.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {352797A0-EFD0-4FA6-B229-145120EA4B8A} (Walt Disney Internet Group Hardware Control) - https://disneyblast.go.com/v3/setup/activex/DIGHardwareControl.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-gb/gb/games4.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - https://ukplay.toontown.com/download/sv1.0.21.10/ttinst.cab
O16 - DPF: {C52C1623-3D3E-45EE-9581-B7D68EDB0728} (HiperLoader Control) - http://plugin.hipermedia.co.uk/jokes.cab
O16 - DPF: {CC110316-5BE7-4AAA-AEDD-1A5B147BE34C} - http://198.143.27.16/xxxaccess/Loader.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://aolsvc.aol.com/onlinegames/dinerdash/DinerDash.1.0.0.72.cab
O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B23E0CD} - http://direct.data-line.us/gbn298.exe
O18 - Protocol: bw+0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {E91F4205-DE8F-4538-88B0-6326B23E16CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - {6D44923F-A54C-4720-852E-A3093233DA51} - C:\Documents and Settings\Owner\Local Settings\Application Data\microsoft\internet explorer\V0.39.dat
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Run Hijack This and click Open the Misc Tools section.
Click Open Uninstall Manager > Save list and save the log to your Desktop.
A list of programs will open in Notepad. Post the contents of this log.
 

mozzer65

Thread Starter
Joined
Jun 28, 2005
Messages
69
3D Groove Playback Engine
Ad-Aware SE Personal
Adobe Acrobat 5.0
Adobe Download Manager (Remove Only)
Adobe Flash Player 9 ActiveX
Adobe Shockwave Player
AppCore
AV
BBC Balamory
Beauty or the Beast
Business Card Factory Deluxe 2.0
ccCommon
CM 03-04
Coloreal
Diner Dash 2
Disney Cuties Crazy Daze
Disney's Cinderella's Fairy Castles
ewido anti-spyware 4.0
Focus 10,000 Photos
Google Toolbar for Internet Explorer
Graceland Christmas Screen Saver
Hijackthis 1.99.1
HijackThis 1.99.1
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
hp deskjet 5550 series
Indeo® Software
Intel(R) 82845G Graphics Driver Software
Internet Worm Protection
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 8
KBD
LiveUpdate 3.1 (Symantec Corporation)
Logitech Audio Echo Cancellation Component
Logitech Desktop Messenger
Logitech QuickCam
Logitech QuickCam
Logitech Video Enumerator
Logitech® Camera Driver
Microsoft .NET Framework (English) v1.0.3705
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Word 2002
Microsoft Works 7.0
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MVision
Myth Makers - Trixie In Toyland
Norton AntiVirus
Norton AntiVirus (Symantec Corporation)
Norton AntiVirus Help
Norton AntiVirus Parent MSI
Norton AntiVirus SYMLT MSI
Norton Protection Center
NVIDIA Windows 2000/XP Display Drivers
Princess Fashion Boutique 2
Puppy Luv
Puppy Luv: A New Breed
Python 2.2 combined Win32 extensions
Python 2.2.1
QuickTime
RealPlayer
RecordNow
Rugrats Totally Angelica Boredom Buster
S3Display
S3Gamma2
S3Info2
S3Overlay
Scooby-Doo(TM), Showdown in Ghost Town(TM)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926255)
Shelly Club CD-ROM
Shockwave
Smart Menus (Windows Live Toolbar)
SPBBC 32bit
Spybot - Search & Destroy 1.4
Stuart Little Big City Adventures
Symantec
SymNet
Tabbed Browsing (Windows Live Toolbar)
Totally Spies Screen Saver
Treasure Planet Mini-Games Broadside Blast
Ulead Photo Explorer 8.0 SE Basic
Ulead Photo Express 5 SE
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Viewpoint Media Player (Remove Only)
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Zoo Vet
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Uninstall Logitech Desktop Messenger and Viewpoint Media Player from Add/Remove Programs.

Run ActiveScan online virus scan:
http://www.pandasoftware.com/products/activescan.htm

Once you are on the Panda site click the Scan your PC button.
A new window will open...click the Check Now button.
Enter your Country.
Enter your State/Province.
Enter your e-mail address and click send.
Select either Home User or Company.
Click the big Scan Now button.
If it wants to install an ActiveX component allow it.
It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
When download is complete, click on My Computer to start the scan.
When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
Post the contents of the ActiveScan report.
 

mozzer65

Thread Starter
Joined
Jun 28, 2005
Messages
69
Both programs uninstalled.

Log of active scan >>>

Dialer:dialer.dk
Not disinfected
c:\windows\downloaded program files\games.inf

Adware:adware/ist.istbar
Not disinfected
WindowsRegistry

Adware:adware/surfaccuracy
Not disinfected
WindowsRegistry

Adware:adware/cws
Not disinfected
WindowsRegistry

Adware:adware/ncase
Not disinfected
WindowsRegistry
Potentially unwanted tool:application/errorguard
Not disinfected
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{205ff73b-ca67-11d5-99dd-444553540006}
Dialer:dialer.bkj
Not disinfected
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDCBE0F1-D13A-4F86-A963-3A272D3ABA7E}
Adware:adware/abox
Not disinfected Windows Registry
Dialer:dialer.asl
Not disinfected
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0D62A517-E7C6-4E1F-A577-07D4AC549A48}
Spyware:spyware/iehelp
Not disinfected Windows Registry
Dialer:dialer.xd
Not disinfected
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF3F0F03-0F01-131A-A3F9-08F02B23E0CC}
Adware:adware/topconvert
Not disinfected Windows Registry
Potentially unwanted tool:application/zango
Not disinfected
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}
Adware:adware/wupd
Not disinfected Windows Registry
Dialer:dialer.ok
Not disinfected
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{706F3805-27D7-478D-80E5-E25D2BB030B3}
Spyware:Cookie/888
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Com.com
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Hbmediapro
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Gorillanation
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/NewMedia
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Belnk
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Atwola
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Azjmp
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Belnk
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/bravenetA
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Barelylegal
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/GoStats
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/GoStats
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Cassava
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Ccbill
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Cgi-bin
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][12].txt
Spyware:Cookie/Cgi-bin
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][16].txt
Spyware:Cookie/Cgi-bin
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][18].txt
Spyware:Cookie/Cgi-bin
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Cgi-bin
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][9].txt
Spyware:Cookie/DelfinMedia
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Belnk
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/DriveCleaner
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/fe.lea.lycos
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/fe.lea.lycos
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][3].txt
Spyware:Cookie/GoStats
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Go
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Screensavers
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/MediaTickets
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Kount
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/LinkExchange
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Maxserving
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/OfferOptimizer
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/RealMedia
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Rightmedia
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Rn11
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Searchportal
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Servlet
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Santa Monica networks inc
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/DriveCleaner
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Systemdoctor
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Target
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Toplist
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/WebPower
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/WinFixer
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][12].txt
Spyware:Cookie/WinFixer
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][17].txt
Spyware:Cookie/WinFixer
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/WinFixer
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][20].txt
Spyware:Cookie/WinFixer
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][21].txt
Spyware:Cookie/WinFixer
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][22].txt
Spyware:Cookie/WinFixer
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][23].txt
Spyware:Cookie/WinFixer
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][25].txt
Spyware:Cookie/WinFixer
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/WinFixer
Not disinfected C:\Documents and
Settings\Owner\Cookies\[email protected][8].txt
Spyware:Cookie/WinFixer
Not disinfected
C:\Documents and Settings\Owner\Cookies\[email protected][9].txt

Spyware:Cookie/Advnt
Not disinfected
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/DriveCleaner
Not disinfected
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/Systemdoctor
Not disinfected
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/Xiti
Not disinfected
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/Xmts
Not disinfected
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Virus:Trj/Banker.FTI
Disinfected
C:\Documents and Settings\Owner\Desktop\super_gerball.exe
Virus:Trj/Downloader.DPC
Disinfected
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Internet Explorer\V0.32.dat

Spyware:Cookie/888
Not disinfected
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][1].txt
Spyware:Cookie/Belnk
Not disinfected
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][1].txt

Spyware:Cookie/Cassava
Not disinfected
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][1].txt

Spyware:Cookie/Belnk
Not disinfected
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][2].txt

Spyware:Cookie/ErrorSafe
Not disinfected
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][2].txt

Spyware:Cookie/OfferOptimizer
Not disinfected
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][1].txt

Spyware:Cookie/Rn11
Not disinfected
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][1].txt

Spyware:Cookie/WinFixer
Not disinfected
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][2].txt
Spyware:Cookie/Advnt
Not disinfected
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][1].txt
Spyware:Cookie/ErrorSafe
Not disinfected
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][2].txt
Spyware:Cookie/Xiti
Not disinfected
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\[email protected][1].txt

Potentially unwanted tool:Application/HideWindow.A
Not disinfected C:\hp\bin\FondleWindow.exe Potentially unwanted tool:Application/KillApp.B
Not disinfected C:\hp\bin\KillIt.exe

Potentially unwanted tool:Application/KillApp.A
Not disinfected C:\hp\bin\Terminator.exe
 

mozzer65

Thread Starter
Joined
Jun 28, 2005
Messages
69
Logfile of HijackThis v1.99.1
Scan saved at 10:07:20, on 25/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\S3tray2.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {352797A0-EFD0-4FA6-B229-145120EA4B8A} (Walt Disney Internet Group Hardware Control) - https://disneyblast.go.com/v3/setup/activex/DIGHardwareControl.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-gb/gb/games4.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - https://ukplay.toontown.com/download/sv1.0.21.10/ttinst.cab
O16 - DPF: {C52C1623-3D3E-45EE-9581-B7D68EDB0728} (HiperLoader Control) - http://plugin.hipermedia.co.uk/jokes.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://aolsvc.aol.com/onlinegames/dinerdash/DinerDash.1.0.0.72.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Rescan with Hijack This.
Close all browser windows except Hijack This.
Put a check mark beside these entries and click "Fix Checked".

O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-gb/gb/games4.cab

Reboot.

* Click here to download ATF Cleaner by Atribune and save it to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Click the Empty Selected button.
    • If you use Firefox:
      • Click Firefox at the top and choose: Select All
      • Click the Empty Selected button.
      • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    • If you use Opera:
      • Click Opera at the top and choose: Select All
      • Click the Empty Selected button.



        [*]NOTE:
        If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.

Please download the Killbox by Option^Explicit.

Note: In the event you already have Killbox, this is a new version that I need you to download.
  • Save it to your desktop.
  • Please double-click Killbox.exe to run it.
  • Select:
    • Delete on Reboot
    • then Click on the All Files button.
  • Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):


    c:\windows\downloaded program files\games.inf

  • Return to Killbox, go to the File menu, and choose Paste from Clipboard.
  • Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If your computer does not restart automatically, please restart it manually.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, click here to download and run missingfilesetup.exe. Then try Killbox again.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top