Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Helping out my parents; win32/adware.virtumonde and win32.privacyremov


  • This topic is locked This topic is locked

#1
skaus

skaus

    New Member

  • Member
  • Pip
  • 1 posts
Hi! I'm new here at geekstogo, but I really find the website helpful and thought it might help me help my parents out. :)

I've read up on the "win32/adware.virtumonde and win32.privacyremover.m64", but it seems I have to post my HJT-log since I don't know how to interpret it. How do I proceed from here? All help is greatly appreciated!

-------------------------
LOG:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:05:03, on 2008-08-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\AVG\AVG8\avgrsx.exe
C:\Program\AVG\AVG8\avgemc.exe
C:\Program\Creative\SBLive2k\AudioHQ\AHQTB.EXE
C:\WINDOWS\system32\devldr32.exe
C:\Program\Creative\SBLive2k\Launcher\TaskGuide\updtray.exe
C:\Program\Delade filer\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program\Creative\ShareDLL\CtNotify.exe
C:\Program\ExtraFilm Hemma\Agent.exe
C:\Program\QuickTime\qttask.exe
C:\Program\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\braviax.exe
C:\WINDOWS\system32\lphcc11j0e355.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Browser Sentinel\BrowserSentinel.exe
C:\Program\Microsoft ActiveSync\wcescomm.exe
C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe
C:\Program\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program\Creative\ShareDLL\MediaDet.Exe
C:\Program\MICROS~3\rapimgr.exe
C:\Program\Delade filer\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Documents and Settings\Ägaren\Lokala inställningar\Temp\.ttE.tmp
C:\WINDOWS\explorer.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Lavasoft\Ad-Aware\aawservice.exe
C:\Program\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://login1.telia.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = IE_Window_Title
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://proxy1.telia.com:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://login1.telia....;;l...t;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
F2 - REG:system.ini: UserInit=C:\WINDOWS\regedit /s C:\pav.reg,C:\WINDOWS\system32\pavdr.exe,C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O3 - Toolbar: global copy - {1F4C20AC-9CD3-3144-EAB1-3705A70DAA5B} - C:\Program\CHICAR~1\does long.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program\AVG\AVG8\avgtoolbar.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [Creative Launcher] C:\Program\Creative\SBLive2k\Launcher\CTLauncher.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Program\Creative\SBLive2k\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HornyCam_se] c:\program files\comsoft\dialers\hornycam_se\hornycam_se.exe /noconnect
O4 - HKLM\..\Run: [BFILPS] C:\WINDOWS\BFILPS.exe
O4 - HKLM\..\Run: [MessengerPlus2] "C:\Program\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program\Delade filer\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [Exit extra] C:\Program\MP3JUG~1\two book.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NewsUpd] C:\Program\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Disc Detector] C:\Program\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program\ExtraFilm Hemma\Agent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [braviax] C:\WINDOWS\system32\braviax.exe
O4 - HKLM\..\Run: [lphcc11j0e355] C:\WINDOWS\system32\lphcc11j0e355.exe
O4 - HKLM\..\Run: [sysrest32.exe] C:\WINDOWS\system32\sysrest32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Steam] C:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Browser Sentinel] "C:\Program\Browser Sentinel\BrowserSentinel.exe" -autorun
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRAM\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://login1.telia.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...ry/msgrchkr.cab
O16 - DPF: {0713E8A2-850A-101B-AFC0-4210102A8DA7} (Microsoft TreeView Control, version 5.0 (SP2)) - http://212.75.85.247/apps/comctl32.ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...MineSweeper.cab
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.se...codndupload.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.co...wnload/cult.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1169913829328
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2....re/HPDEXAXO.cab
O16 - DPF: {83873F92-B99B-400A-9E36-52B5F4970FB7} (FileSharingCtrl Class) - http://appdirectory....sharingctrl.cab
O16 - DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE} (ActiveReports Viewer2) - https://www.podb.se/...lev/arview2.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...StatsClient.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - https://ssl.extrafil...geUploader3.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com...obat/nos/gp.cab
O16 - DPF: {D03A1C33-1913-4533-A8C1-F2C8D13045DE} - http://www.cjb.net/search.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zon...ss.cab31267.cab
O18 - Protocol: bw+0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll
O18 - Protocol: offline-8876480 - {F6E9AB43-6B61-437F-B641-0E43316CAB07} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O24 - Desktop Component 0: (no name) - http://www.riotminds...lbokendummy.jpg
O24 - Desktop Component 1: (no name) - http://www1.gazeta.p...0/z1080194N.jpg
O24 - Desktop Component 10: (no name) - http://www.google.se...i_se_labour.gif
O24 - Desktop Component 11: (no name) - http://www.google.se...alentines04.gif
O24 - Desktop Component 12: (no name) - http://www.google.se...04_swimming.gif
O24 - Desktop Component 13: (no name) - http://www.google.se...004_fencing.gif
O24 - Desktop Component 14: (no name) - http://www.google.se...2004_tennis.gif
O24 - Desktop Component 15: (no name) - http://www.google.se...r2004_table.gif
O24 - Desktop Component 16: (no name) - http://www.google.se...004_opening.gif
O24 - Desktop Component 17: (no name) - http://www.google.co...s/hitchcock.gif
O24 - Desktop Component 18: (no name) - http://www.google.se...halloween04.gif
O24 - Desktop Component 19: (no name) - http://www.google.se/logos/flight.gif
O24 - Desktop Component 2: (no name) - http://www.myhandy.c...s/handy/269.jpg
O24 - Desktop Component 3: (no name) - http://www.lohenette...ic_gd87_big.jpg
O24 - Desktop Component 4: (no name) - http://www.cellulari...sonicGD87_4.jpg
O24 - Desktop Component 5: (no name) - http://www.sonyerics...8_26_0_1011.jpg
O24 - Desktop Component 6: (no name) - http://forum.rollspe...99-DoD-logo.gif
O24 - Desktop Component 7: (no name) - http://www.google.se...halloween03.gif
O24 - Desktop Component 8: (no name) - http://147.14.243.14...rge/l099199.jpg
O24 - Desktop Component 9: (no name) - http://www.google.se...oliday_03_s.gif

--
End of file - 24127 bytes
  • 0

Advertisements


#2
IndiGenus

IndiGenus

    Anti-Malware Buddha

  • Member
  • PipPipPipPip
  • 1,617 posts
Hi and welcome to the forums here at G2G! :)

Please download SDFix and save it to your Desktop.

You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Double click on SDFix.exe. It should automatically extract a folder called SDFix to your system drive (usually C:\). Please reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.
  • Open the SDFix folder and double click on RunThis.bat to start the script.
  • Type Y and press Enter to begin the script.
  • It will start cleaning your PC and then prompt you to press any key to Reboot.
  • Press any key to restart the PC.
  • Your system will take longer than normal to restart as the fixtool will be removing files.
  • When the desktop loads the Fixtool will complete the removal and display Finished.
  • Press any key to end the script and to load your desktop icons.
  • A text file should automatically open, so please copy the contents and post them here. We also need you to post a new HijackThis log

  • 0

#3
IndiGenus

IndiGenus

    Anti-Malware Buddha

  • Member
  • PipPipPipPip
  • 1,617 posts
Hi,

Did you still need help here? Please let me know.

Thanks,
Dave
  • 0

#4
IndiGenus

IndiGenus

    Anti-Malware Buddha

  • Member
  • PipPipPipPip
  • 1,617 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP