|
|
MickyC
new user
Reg'd: Tue
Posts: 6
|
|
Hi Guys,
Over the last week my wifes hotmail account has sent out 2 emails to everyone in her address book. We have Trend Micro PC-Cillin Security 2007 installed, however this has not picked anything up. I have attached the log below and any help in cleaning this up would be very much appreciated.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:40:19 AM, on 18/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\RemoteControlService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GSv2.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TRENDM~1\INTERN~2\PccGuide.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\WINDOWS\System32\svchost.exe
C:\program files\voipcheapcom\voipcheapcom.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\VoipBusterMate\VoipBusterMate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\PcScnSrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: (no name) - {06647158-359E-4D10-A8DE-E6145DA90BE9} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoftDisc] "C:\Program Files\SoftDisc\softdisc.exe" -hide
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [VoipCheapCom] "C:\program files\voipcheapcom\voipcheapcom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Startup: VoipBusterMate.lnk = C:\Program Files\VoipBusterMate\VoipBusterMate.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=http://desktop.optusnet.com.au/dsl/favorites/homepage
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/DjVuControlLite_EN.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {18871EA7-1B30-46DE-9283-E96E707492BA} (Playcom_ATL_Object Class) - http://www.netbabyworld.com/media/playcom/Playcom.cab
O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) - https://remote.integ.net.au/vdesk/cachecleaner.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.truprint.co.uk/TruprintActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1122257899498
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1122353242654
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - https://shop.getdigital.com.au/components/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://static.photobox.co.uk/sg/common/uploader_uni.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O18 - Protocol: bw+0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ITE Remote Control Service (ITECIRService) - ITE Tech. Inc. - C:\WINDOWS\system32\RemoteControlService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcScnSrv.exe
O23 - Service: Roxio UPnP Renderer 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe (file missing)
O23 - Service: Roxio Upnp Server 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe (file missing)
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
O23 - Service: Wireless Adapter Configurator - Tech Mahindra- PUNE - C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
O23 - Service: WUSB54GSv2SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
--
End of file - 25593 bytes
Edited by MickyC (Tue Mar 18 2008 06:55 AM)
|
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 27810
Loc: belfast
|
|
Welcome to the Webuser forum. 
Please download ComboFix from either of these two locations
BleepingComputerComboFix
geeks to go combofix
* Double click combofix.exe & follow the prompts.
* When finished, it shall produce a log for you. Post that log in your next reply
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
Post back with the log from ComboFix and a new HJT log please.
--------------------
MY HELP IS FREE,BUT PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST SPYWARE.
 
A computer once beat me at chess, but it was no match for me at kick boxing.
|
MickyC
new user
Reg'd: Tue
Posts: 6
|
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:46:21 AM, on 19/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\RemoteControlService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GSv2.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\program files\voipcheapcom\voipcheapcom.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\VoipBusterMate\VoipBusterMate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LVComsX.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: (no name) - {06647158-359E-4D10-A8DE-E6145DA90BE9} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoftDisc] "C:\Program Files\SoftDisc\softdisc.exe" -hide
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [VoipCheapCom] "C:\program files\voipcheapcom\voipcheapcom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Startup: VoipBusterMate.lnk = C:\Program Files\VoipBusterMate\VoipBusterMate.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=http://desktop.optusnet.com.au/dsl/favorites/homepage
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/DjVuControlLite_EN.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {18871EA7-1B30-46DE-9283-E96E707492BA} (Playcom_ATL_Object Class) - http://www.netbabyworld.com/media/playcom/Playcom.cab
O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) - https://remote.integ.net.au/vdesk/cachecleaner.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.truprint.co.uk/TruprintActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1122257899498
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1122353242654
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - https://shop.getdigital.com.au/components/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://static.photobox.co.uk/sg/common/uploader_uni.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O18 - Protocol: bw+0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ITE Remote Control Service (ITECIRService) - ITE Tech. Inc. - C:\WINDOWS\system32\RemoteControlService.exe
O23 - Service: Roxio UPnP Renderer 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe (file missing)
O23 - Service: Roxio Upnp Server 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe (file missing)
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Wireless Adapter Configurator - Tech Mahindra- PUNE - C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
O23 - Service: WUSB54GSv2SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
--
End of file - 25077 bytes
|
MickyC
new user
Reg'd: Tue
Posts: 6
|
|
ComboFix 08-03-17.1 - Mike Curran 2008-03-19 5:30:48.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.415 [GMT 0:00]
Running from: C:\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\Cache
D:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2008-02-19 to 2008-03-19 )))))))))))))))))))))))))))))))
.
2008-03-18 21:15 . 2008-03-18 21:15 <DIR> d-------- C:\Documents and Settings\Mike Curran\Application Data\AVG7
2008-03-18 21:13 . 2008-03-18 21:13 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-03-18 21:13 . 2008-03-18 21:13 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
2008-03-18 21:13 . 2008-03-18 21:13 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
2008-03-18 20:53 . 2008-03-18 20:53 <DIR> d-------- C:\Program Files\Security Task Manager
2008-03-18 20:53 . 2008-03-18 20:53 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecTaskMan
2008-03-18 20:38 . 2008-03-18 20:38 31,768,752 --a------ C:\avg75free_519a1276.exe
2008-03-16 15:37 . 2008-03-16 15:37 <DIR> d-------- C:\Program Files\Hasbro Interactive
2008-03-08 14:32 . 2008-03-08 14:32 <DIR> d--hs---- C:\FOUND.022
2008-03-05 10:06 . 2008-03-05 10:06 <DIR> d--hs---- C:\FOUND.021
2008-03-03 07:10 . 2008-03-03 07:10 <DIR> d--hs---- C:\FOUND.020
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-30 13:27 --------- d-----w C:\Program Files\Common Files\Java
2008-10-26 20:22 --------- d-----w C:\Documents and Settings\Mike Curran\Application Data\ScanSoft
2008-03-19 05:27 1,580,267 ----a-w C:\ComboFix.exe
2008-01-27 08:49 --------- d-----w C:\Documents and Settings\Guest\Application Data\Intuit
2008-01-23 22:07 --------- d-----w C:\Documents and Settings\Mike Curran\Application Data\Download Manager
2008-01-11 05:53 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
2008-01-10 18:44 369,664 ----a-w C:\WINDOWS\system32\dllcache\asp51.dll
2008-01-10 05:20 257,024 ----a-w C:\WINDOWS\system32\dllcache\infocomm.dll
2007-12-24 08:09 296,942,547 ----a-w C:\5-28db4.zip
2007-12-24 07:52 133,004,836 ----a-w C:\4-a77cf.zip
2007-12-19 23:01 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-11-20 00:28 5,632 --sha-w C:\Program Files\Thumbs.db
2007-11-19 08:12 61,480 ----a-w C:\Documents and Settings\Mike Curran\GoToAssistDownloadHelper.exe
2007-09-02 13:48 49,290,424 ----a-w C:\Program Files\TMIS_2007_153_Compact.exe
2007-08-06 07:42 224,048 ----a-w C:\Program Files\utorrent.exe
2007-02-25 09:40 1,675,302 ----a-w C:\Program Files\fdminst.exe
2007-01-22 18:50 38,119 ----a-w C:\Program Files\db_pcc.dat
2007-01-10 11:33 3,817,984 ----a-w C:\Program Files\tmpcc64.msi
2007-01-10 11:30 353,808 ----a-w C:\Program Files\setup.exe
2007-01-10 11:30 3,927,024 ----a-w C:\Program Files\pcc.exe
2007-01-10 11:30 3,342,848 ----a-w C:\Program Files\tmpcc.msi
2006-12-29 07:52 64 ----a-w C:\Program Files\Tmsrl.dat
2006-12-29 07:52 3,584 ----a-w C:\Program Files\1033.mst
2006-12-29 07:52 274 ----a-w C:\Program Files\setup.ini
2006-12-29 07:52 163,049 ----a-w C:\Program Files\license.rtf
2006-10-16 14:30 1,856,876 ----a-w C:\Program Files\Capture.mpg
2006-03-28 08:21 5,469,168 ----a-w C:\Program Files\GUIDesignStudio_R047_Setup.exe
2006-02-28 16:32 46,667,792 ----a-w C:\Program Files\pcc26usrs1400_1341.exe
2006-02-28 15:45 67,933,256 ----a-w C:\Program Files\pcc26usf1410_1023.exe
2006-02-27 15:35 5,883,488 ----a-w C:\Program Files\bptsetup.exe
2005-12-21 20:13 5,009,408 ----a-w C:\Program Files\bet365poker.exe
2005-09-04 09:01 381,480 ----a-w C:\Program Files\msgr7us.exe
2005-08-31 07:08 2,762,704 ----a-w C:\Program Files\vcssetup.exe
2005-08-27 08:00 1,013,014 ----a-w C:\Program Files\etax2005_2_ftbdll.exe
2005-08-27 07:59 3,762,300 ----a-w C:\Program Files\etax2005_1.exe
2005-08-23 06:28 22,040,920 ----a-w C:\Program Files\iTunesSetup.exe
2005-08-21 22:24 122,478,784 ----a-w C:\Program Files\j2eesdk-1_4_02_2005Q2-windows.exe
2005-08-19 06:48 11,853,384 ----a-w C:\Program Files\snagit.exe
2005-08-09 15:33 721,694 ----a-w C:\WINDOWS\Fonts\abckids.zip
2007-01-30 22:55 3,072 ----a-w C:\Program Files\mozilla firefox\plugins\ractrlkeyhook.dll
2007-01-30 22:55 245,408 ----a-w C:\Program Files\mozilla firefox\plugins\unicows.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 17:56 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]
"VoipCheapCom"="C:\program files\voipcheapcom\voipcheapcom.exe" [2007-02-20 14:23 7202360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-29 15:51 68856]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2005-10-27 00:11 36864]
"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [2006-08-21 00:24 2068527]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2007-08-15 16:59 374688]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15 81920]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03 210472]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 21:12 30248]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 21:10 46632]
"PPort11reminder"="C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 13:46 255528]
"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-23 13:14 663552]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-12 20:38 185632]
"SoftDisc"="C:\Program Files\SoftDisc\softdisc.exe" [ ]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"PRONoMgr.exe"="c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [ ]
"DMXLauncher"="C:\Program Files\Roxio\Media Experience\DMXLauncher.exe" [ ]
"ASUS Live Update"="C:\Program Files\ASUS\ASUS Live Update\ALU.exe" [2006-09-29 15:24 188416]
"ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 15:58 65536]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-08-15 20:15 271672]
"RoxioDragToDisc"="C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" [ ]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-03-18 21:16 579072]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-03-18 21:13 219136]
C:\Documents and Settings\Mike Curran\Start Menu\Programs\Startup\
Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-11-04 21:16:31 344064]
VoipBusterMate.lnk - C:\Program Files\VoipBusterMate\VoipBusterMate.exe [2006-07-24 10:36:40 98304]
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\
Kodak software updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 14:12:08 16423]
Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe [2006-07-25 20:52:35 57344]
Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2005-07-26 08:19:42 106496]
Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2005-07-26 08:19:44 151552]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2005-10-27 00:11:40 196608]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 2006-10-06 19:56 11504 C:\WINDOWS\system32\LMIinit.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Asus\\ASUS Live Update\\LiveUpdt.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\Mozilla Firefox\\FIREFOX.EXE"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\VoipCheapCom\\VoipCheapCom.exe"=
"C:\\Program Files\\utorrent.exe"=
"C:\\WINDOWS\\System32\\dpvsetup.exe"=
"C:\\WINDOWS\\System32\\rundll32.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2799:UDP"= 2799:UDP:*:Disabled:Altova License Metering Port (UDP)
"2799:TCP"= 2799:TCP:*:Disabled:Altova License Metering Port (TCP)
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 rmedia;Ricoh MediaCard Driver;C:\WINDOWS\system32\DRIVERS\rmedia.sys [2004-02-27 03:01]
R2 ITECIRService;ITE Remote Control Service;C:\WINDOWS\system32\RemoteControlService.exe [2004-04-19 12:09]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\RaInfo.sys [2006-10-06 19:56]
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-04 17:56]
R2 WUSB54GSv2SVC;WUSB54GSv2SVC;"C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54GSv2.exe" []
R3 ATKXPDisplayName;ATKXPDisplayName;C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2004-04-30 15:50]
R3 Cap7134;LifeView WDM Video Capture;C:\WINDOWS\system32\DRIVERS\lvcap214.sys [2004-05-14 18:13]
R3 ITECIR;ITE CIR Driver;C:\WINDOWS\system32\DRIVERS\ITECIR.sys [2004-04-13 11:39]
R3 PhTVTune;Philips WDM TVTuner;C:\WINDOWS\system32\DRIVERS\Silicon.sys [2004-05-14 18:13]
S3 cmo_bus;Data Modem @ CDMA Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\cmo_bus.sys [2005-09-28 23:17]
S3 cmo_mdfl;Data Modem @ CDMA Filter;C:\WINDOWS\system32\DRIVERS\cmo_mdfl.sys [2005-09-28 23:17]
S3 cmo_mdm;Data Modem @ CDMA Drivers;C:\WINDOWS\system32\DRIVERS\cmo_mdm.sys [2005-09-28 23:17]
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys [2006-10-30 13:46]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bfd7dfd0-69ff-11da-90f7-000e3541a5a2}]
\Shell\AutoRun\command - F:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1bcae60-fcf3-11d9-9086-000e3541a5a2}]
\Shell\AutoRun\command - E:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d4df3690-6f74-11dc-b324-000e3541a5a2}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fa1d2670-09c3-11dc-b2c8-00112f4b1214}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL PortableApps\RK_Launcher_04_Beta\RKLauncher.exe
*Newly Created Service* - GTNDIS5
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-19 05:34:41
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-03-19 5:35:12
ComboFix-quarantined-files.txt 2008-03-19 05:35:12
.
2008-03-14 03:11:28 --- E O F ---
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 27810
Loc: belfast
|
|
Please download the trial version of AVG Anti-Spyware. from
here.
Install it and
update the program with the latest definitions.
But don't run it yet
Rerun HJT,and put a checkmark beside these :-
O2 - BHO: (no name) - {06647158-359E-4D10-A8DE-E6145DA90BE9} - (no file)
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O18 - Protocol: bw+0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6D6BB640-2041-4B6E-B982-BD3EFD4453D5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
now close all windows and browsers and click FIX CHECKED
Then go to ADD\REMOVE programs in the control panel and remove :-
Desktop Messenger
Then boot up in SAFE MODE
Then navigate to and delete these files\folders in BOLD
C:\Program Files\Logitech\Desktop Messenger <-----folder
Now while you are still in SAFE MODE :-
Scan with AVG Anti-Spyware as follows:
- Click on the "Scanner" button and choose the "Settings" tab.
- Under "How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware.
- Under "How to Scan?", "Possibly unwanted software", and What to Scan?" leave all the default settings.
- Under "Reports" select "Do not automatically generate reports".
- Click the "Scan" tab to return to scanning options.
- Click "Complete System Scan" to start.
- When the scan has finished, it should automatically be set to Quarantine--if not click on Recommended Action and set it there.
- You will also be presented with a list of infected objects found. Click "Apply all actions" to place the files in Quarantine.
IMPORTANT! Do not save the report before you have clicked the :Apply all actions button.
If you do, the log that is created will indicate "No action taken", making it more difficult to interpret the report.
So be sure you save it only AFTER clicking the "Apply all actions" button.- Click on "Save Report" to view all completed scans. Click on the most recent scan you performed, select "Save report as" and save to your desktop.
The default file name will be in date/time format: Report-Scan-200706-1606.
A copy of each report will be saved in C:\Documents and Settings\<user profile>\Application Data\Grisoft\AVG Antispyware 7.5\Reports.
- If you installed AVG AS over a previous version, reports are saved in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports\
- If you are a Vista user, reports are saved in C:\Users\<username>\AppData\Roaming\Grisoft\AVG Antispyware 7.5\Reports\
Exit AVG Anti-Spyware when done, reboot normally and post the AVg log report and a new HijackThis log.
--------------------
MY HELP IS FREE,BUT PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST SPYWARE.
A computer once beat me at chess, but it was no match for me at kick boxing.
|
MickyC
new user
Reg'd: Tue
Posts: 6
|
|
Hey Bricat,
Ok I have followed your instructions and attached the AVG report and included a new Hijack report. FYI - the Logmein remote desktop was something I was experimenting with a couple of years ago.
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 06:05:56 21/03/2008
+ Scan result:
C:\Program Files\LogMeIn\LMIinit.dll -> Not-A-Virus.RemoteAdmin.Win32.RemotelyAnywhere.a : Cleaned with backup (quarantined).
C:\WINDOWS\system32\LMIinit.dll -> Not-A-Virus.RemoteAdmin.Win32.RemotelyAnywhere.a : Cleaned with backup (quarantined).
[220] C:\WINDOWS\system32\LMIinit.dll -> Not-A-Virus.RemoteAdmin.Win32.RemotelyAnywhere.a : Cleaned with backup (quarantined).
:mozilla.103:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.247realmedia : Cleaned.
:mozilla.203:C:\Documents and Settings\Mike Curran\Application Data\Mozilla\Firefox\Profiles\y6cjp4la.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.234:C:\Documents and Settings\Mike Curran\Application Data\Mozilla\Firefox\Profiles\y6cjp4la.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.28:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.30:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.311:C:\Documents and Settings\Mike Curran\Application Data\Mozilla\Firefox\Profiles\y6cjp4la.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.31:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.32:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.33:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.34:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.35:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.360:C:\Documents and Settings\Mike Curran\Application Data\Mozilla\Firefox\Profiles\y6cjp4la.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.381:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.382:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.39:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.40:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.413:C:\Documents and Settings\Mike Curran\Application Data\Mozilla\Firefox\Profiles\y6cjp4la.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.41:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.42:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.43:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.47:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.485:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.48:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.51:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.544:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.739:C:\Documents and Settings\Mike Curran\Application Data\Mozilla\Firefox\Profiles\y6cjp4la.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.740:C:\Documents and Settings\Mike Curran\Application Data\Mozilla\Firefox\Profiles\y6cjp4la.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.78:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.861:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.901:C:\FOUND.010\FILE0002.CHK -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@atoc.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@amazonms.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@amznmerch.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@amznmothercare.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@aoluk.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@aotgroup.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@archant.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@atoc.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@betterware.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@blethenmaine.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@bloomingmarvellous.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@brightcove.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@centerparcs.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@cnetaustralia.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@echoice.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Mike Curran\Cookies\mike_curran@gettyimages.122.2o7[1 | |
Previous
Index
Next
Threaded
Edit
Reply
Quote
