Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

coolwebsearch hijacked


  • Please log in to reply

#1
aaron*

aaron*

    New Member

  • Member
  • Pip
  • 7 posts
I can't seem to get rid of CWS completely I have run the newest version of CWSshredder and spybot and they've helped some but I'm not convinced it's all gone. also not sure if it's related or not but when my computer starts up my web browser (IE, with NEOPLANET skin) opens up end then as soon as I close it my computer freezes up and so I ctrl alt del and it shows explorer is not responding. not sure if thats related to the CWS problem or not

anyways here is my hijack this log and would appreciate any help

Logfile of HijackThis v1.99.1
Scan saved at 11:57:35 AM, on 7/14/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PQSC\PROGRAM\SCTRAY.EXE
C:\WINDOWS\MHOTKEY.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\LEXMARK X74-X75\LXBBBMGR.EXE
C:\WINDOWS\SYSTEM32\XPSP2FW.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\LEXMARK X74-X75\LXBBBMON.EXE
C:\PROGRAM FILES\INTUIT\QUICKBOOKS PRO\COMPONENTS\QBAGENT\QBDAGENT2001.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\FINDFAST.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAM FILES\COMMON FILES\INTUIT\QUICKBOOKS\QBUPDATE\QBUPDATE.EXE
C:\WINDOWS\WEBSHOTS.SCR
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\NEOPLANET\BIN\NP.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\MY DOCUMENTS\HIJACKTHIS[1]\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://win-eto.com/hp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {daa873d4-958c-453c-81ca-3fe6f3676a87} - C:\WINDOWS\SYSTEM\VFAA.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SecondChance] C:\PQSC\PROGRAM\SCTRAY.EXE
O4 - HKLM\..\Run: [CHotKey] mHotkey.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [LexStart] lexstart.exe
O4 - HKLM\..\Run: [XPSP2 Firewall] C:\WINDOWS\system32\xpsp2fw.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [NP.EXE] C:\PROGRAM FILES\NEOPLANET\BIN\NP.EXE
O4 - HKLM\..\RunServices: [1A:Stardock TrayMonitor] "C:\PROGRAM FILES\COMMON FILES\STARDOCK\TRAYSERVER.EXE"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [Devldr16] C:\WINDOWS\SYSTEM\devldr16.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WindowBlinds] C:\Program Files\Object Desktop\WindowBlinds\wbload.exe auto
O4 - HKCU\..\Run: [Windows Update Client ] C:\WINDOWS\system32\wuclient.exe
O4 - Startup: QuickBooks 2001 Delivery Agent.lnk = C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\qbdagent2001.exe
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Your PC is infected with Spyware - click here to fix your PC - {FB74C951-ACA1-4e33-A94C-A9261EB2CCB7} - https://www.spydelet...2.php?KBID=1004 (file missing)
O9 - Extra 'Tools' menuitem: Your PC is infected with Spyware - click here to fix your PC - {FB74C951-ACA1-4e33-A94C-A9261EB2CCB7} - https://www.spydelet...2.php?KBID=1004 (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.systemaxpc.com
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q678340.exe
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} (StreamPlug Class) - http://www.streamplu...reamPlug/SP.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z....llInstaller.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://zone.msn.com/...bGameLoader.cab
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://vparivalka.co...::/ieloader.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl Object) - http://zone.msn.com/...WebLauncher.cab
O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://zone.msn.com/...pandaonline.cab
O18 - Protocol: offline-8876480 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\GAPLUGPROTOCOL-8876480.DLL
  • 0

Advertisements


#2
Guest_usetobe_*

Guest_usetobe_*
  • Guest
Welcome to Geeks 2 Go. Sorry about the delay in getting to your post, we have been very busy.

Do you still require help or are your problems resolved.

Please let me know and if you still require assistance, please post a fresh HJT log.

Regards,

Usetobe
  • 0

#3
aaron*

aaron*

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
I can't seem to get rid of CWS completely I have run the newest version of CWSshredder and spybot and they've helped some but I'm not convinced it's all gone. also not sure if it's related or not but when my computer starts up my web browser (IE, with NEOPLANET skin) opens up end then as soon as I close it my computer freezes up and so I ctrl alt del and it shows explorer is not responding. not sure if thats related to the CWS problem or not

anyways here is my hijack this log and would appreciate any help

Logfile of HijackThis v1.99.1
Scan saved at 11:57:35 AM, on 7/14/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PQSC\PROGRAM\SCTRAY.EXE
C:\WINDOWS\MHOTKEY.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\LEXMARK X74-X75\LXBBBMGR.EXE
C:\WINDOWS\SYSTEM32\XPSP2FW.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\LEXMARK X74-X75\LXBBBMON.EXE
C:\PROGRAM FILES\INTUIT\QUICKBOOKS PRO\COMPONENTS\QBAGENT\QBDAGENT2001.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\FINDFAST.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAM FILES\COMMON FILES\INTUIT\QUICKBOOKS\QBUPDATE\QBUPDATE.EXE
C:\WINDOWS\WEBSHOTS.SCR
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\NEOPLANET\BIN\NP.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\MY DOCUMENTS\HIJACKTHIS[1]\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://win-eto.com/hp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {daa873d4-958c-453c-81ca-3fe6f3676a87} - C:\WINDOWS\SYSTEM\VFAA.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SecondChance] C:\PQSC\PROGRAM\SCTRAY.EXE
O4 - HKLM\..\Run: [CHotKey] mHotkey.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [LexStart] lexstart.exe
O4 - HKLM\..\Run: [XPSP2 Firewall] C:\WINDOWS\system32\xpsp2fw.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [NP.EXE] C:\PROGRAM FILES\NEOPLANET\BIN\NP.EXE
O4 - HKLM\..\RunServices: [1A:Stardock TrayMonitor] "C:\PROGRAM FILES\COMMON FILES\STARDOCK\TRAYSERVER.EXE"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [Devldr16] C:\WINDOWS\SYSTEM\devldr16.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WindowBlinds] C:\Program Files\Object Desktop\WindowBlinds\wbload.exe auto
O4 - HKCU\..\Run: [Windows Update Client ] C:\WINDOWS\system32\wuclient.exe
O4 - Startup: QuickBooks 2001 Delivery Agent.lnk = C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\qbdagent2001.exe
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Your PC is infected with Spyware - click here to fix your PC - {FB74C951-ACA1-4e33-A94C-A9261EB2CCB7} - https://www.spydelet...2.php?KBID=1004 (file missing)
O9 - Extra 'Tools' menuitem: Your PC is infected with Spyware - click here to fix your PC - {FB74C951-ACA1-4e33-A94C-A9261EB2CCB7} - https://www.spydelet...2.php?KBID=1004 (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.systemaxpc.com
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q678340.exe
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} (StreamPlug Class) - http://www.streamplu...reamPlug/SP.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z....llInstaller.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://zone.msn.com/...bGameLoader.cab
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://vparivalka.co...::/ieloader.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl Object) - http://zone.msn.com/...WebLauncher.cab
O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://zone.msn.com/...pandaonline.cab
O18 - Protocol: offline-8876480 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\GAPLUGPROTOCOL-8876480.DLL
  • 0

#4
Rawe

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Sorry to jump in Usetobe.

I just merged aaron*'s new topic to this one.
aaron*, please keep your posts in a one thread - use the Add Reply - function.
Sorry Usetobe, continue with this one. ;)

- Rawe :tazz:
  • 0

#5
aaron*

aaron*

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Yes I still need help, here is my latest logfile

Logfile of HijackThis v1.99.1
Scan saved at 3:29:26 PM, on 7/25/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PQSC\PROGRAM\SCTRAY.EXE
C:\WINDOWS\MHOTKEY.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\LEXMARK X74-X75\LXBBBMGR.EXE
C:\WINDOWS\SYSTEM32\XPSP2FW.EXE
C:\PROGRAM FILES\LEXMARK X74-X75\LXBBBMON.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\NEOPLANET\BIN\NP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\INTUIT\QUICKBOOKS PRO\COMPONENTS\QBAGENT\QBDAGENT2001.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\FINDFAST.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAM FILES\COMMON FILES\INTUIT\QUICKBOOKS\QBUPDATE\QBUPDATE.EXE
C:\WINDOWS\WEBSHOTS.SCR
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\MY DOCUMENTS\HIJACKTHIS[1]\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {daa873d4-958c-453c-81ca-3fe6f3676a87} - C:\WINDOWS\SYSTEM\VFAA.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SecondChance] C:\PQSC\PROGRAM\SCTRAY.EXE
O4 - HKLM\..\Run: [CHotKey] mHotkey.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [LexStart] lexstart.exe
O4 - HKLM\..\Run: [XPSP2 Firewall] C:\WINDOWS\system32\xpsp2fw.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [NP.EXE] C:\PROGRAM FILES\NEOPLANET\BIN\NP.EXE
O4 - HKLM\..\RunServices: [1A:Stardock TrayMonitor] "C:\PROGRAM FILES\COMMON FILES\STARDOCK\TRAYSERVER.EXE"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [Devldr16] C:\WINDOWS\SYSTEM\devldr16.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WindowBlinds] C:\Program Files\Object Desktop\WindowBlinds\wbload.exe auto
O4 - HKCU\..\Run: [Windows Update Client ] C:\WINDOWS\system32\wuclient.exe
O4 - Startup: QuickBooks 2001 Delivery Agent.lnk = C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\qbdagent2001.exe
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.systemaxpc.com
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q678340.exe
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} (StreamPlug Class) - http://www.streamplu...reamPlug/SP.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z....llInstaller.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://zone.msn.com/...bGameLoader.cab
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://vparivalka.co...::/ieloader.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl Object) - http://zone.msn.com/...WebLauncher.cab
O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://zone.msn.com/...pandaonline.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O18 - Protocol: offline-8876480 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\GAPLUGPROTOCOL-8876480.DLL
  • 0

#6
Guest_usetobe_*

Guest_usetobe_*
  • Guest
Hi Aaron,

Just to make sure on this one, can you confirm when you carry out a HJT scan that there are no entries after the O18's? I would normally expect to see some beyond these.

Let me know please.
  • 0

#7
aaron*

aaron*

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hi Usetobe,

ya I tried it several times and get the same thing everytime, nothing past 018's
I am running it in from a hijackthis folder in my documents, don't know if where I store it has anything to do with it or not?

here's my latest logfile
thanks!

Logfile of HijackThis v1.99.1
Scan saved at 12:29:19 PM, on 7/28/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PQSC\PROGRAM\SCTRAY.EXE
C:\WINDOWS\MHOTKEY.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\LEXMARK X74-X75\LXBBBMGR.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\LEXMARK X74-X75\LXBBBMON.EXE
C:\PROGRAM FILES\INTUIT\QUICKBOOKS PRO\COMPONENTS\QBAGENT\QBDAGENT2001.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\FINDFAST.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\WINDOWS\WEBSHOTS.SCR
C:\PROGRAM FILES\COMMON FILES\INTUIT\QUICKBOOKS\QBUPDATE\QBUPDATE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\NEOPLANET\BIN\NP.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 4.0\READER\ACRORD32.EXE
C:\PROGRAM FILES\PAINTSHOP PRO 5\PSP.EXE
C:\MY DOCUMENTS\HIJACKTHIS[1]\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {daa873d4-958c-453c-81ca-3fe6f3676a87} - C:\WINDOWS\SYSTEM\VFAA.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SecondChance] C:\PQSC\PROGRAM\SCTRAY.EXE
O4 - HKLM\..\Run: [CHotKey] mHotkey.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [LexStart] lexstart.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [NP.EXE] C:\PROGRAM FILES\NEOPLANET\BIN\NP.EXE
O4 - HKLM\..\RunServices: [1A:Stardock TrayMonitor] "C:\PROGRAM FILES\COMMON FILES\STARDOCK\TRAYSERVER.EXE"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [Devldr16] C:\WINDOWS\SYSTEM\devldr16.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WindowBlinds] C:\Program Files\Object Desktop\WindowBlinds\wbload.exe auto
O4 - Startup: QuickBooks 2001 Delivery Agent.lnk = C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\qbdagent2001.exe
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.systemaxpc.com
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q678340.exe
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} (StreamPlug Class) - http://www.streamplu...reamPlug/SP.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z....llInstaller.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://zone.msn.com/...bGameLoader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl Object) - http://zone.msn.com/...WebLauncher.cab
O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://zone.msn.com/...pandaonline.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O18 - Protocol: offline-8876480 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0 - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0s - {46CC9E74-6ACD-48AD-A793-DB33BA5F8BDB} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\GAPLUGPROTOCOL-8876480.DLL
  • 0

#8
Guest_usetobe_*

Guest_usetobe_*
  • Guest
Oh hang on i'm having a blond moment i just noticed you are running ME....Doh!

HERE WE GO WITH YOUR FIX.

Please read this post completely, it may make it easier for you if you copy and paste this post to a new text document or print it for reference later.

This will likely be a few step process in removing the malware that has infected your system. I encourage you to stick with it and follow my directions as closely as possible so as to avoid complicating the problem further.

You have a nasty CoolWebSearch infection. First we will need to download a few tools that will help us in the removal of your problem.

Download about:buster by RubbeRDuckY HERE
Download CWShredder Here.
Download SpSeHjfix Here.
Download and install CleanUp! Here

Set PC to show hidden files (click link if you do not know how)LINK

Save all of these files somewhere you will remember like to the Desktop.

Unzip SpSeHjfix to its own folder (ie c:\SpSeHjfix)

Run the CleanUp! installer. You dont need to do anything with it right now.

Update About:Buster
  • Unzip the contents of AboutBuster.zip and an AboutBuster directory will be created.
  • Navigate to the AboutBuster directory and double-click on AboutBuster.exe.
  • Click "OK" at the prompt with instructions.
  • Click "Update" and then "Check For Update" to begin the update process.
  • If any updates exist please download them by clicking "Download Update" then click the X to close that window.
  • Now close About:Buster
Update CWShredder
  • Open CWShredder and click I AGREE
  • Click Check For Update
  • Close CWShredder
Boot into Safe Mode:
Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

Please run about:buster by RubbeRDuckY:
  • Click Start and then OK to allow AboutBuster to scan for Alternate Data Streams.
  • Click Yes to allow it to shutdown explorer.exe.
  • It will begin to check your computer for malicious files. If it asks if you would like to do a second pass, allow it to do so.
  • When it has finished, click Save Log. Make sure you save it as I may need a copy of it later.
  • Reboot your computer into safe mode again
Run about:buster again following the same instructions as above, this time without the restart at the end

Now run CWShredder. Click I Agree, then Fix and then Next, let it fix everything it asks about.

Now run SpSeHjfix. A log will be saved in the same folder that you put the exe into. Please post the results of that log in your next reply.

Warning Note: On a few occasions it has been reported that after using the SPSEHjfix you cannot open Internet Explorer. To fix this, go into Control Panel >Internet Options >Programs & press reset web settings, then you can set your home page to what you want on the general tab.

Now scan with HJT and check the following entries if they are there. Some may have been removed by earlier procedures.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
O2 - BHO: (no name) - {daa873d4-958c-453c-81ca-3fe6f3676a87} - C:\WINDOWS\SYSTEM\VFAA.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q678340.exe


Also remove every O18 except the first one

Ensure no windows open except HJT and click FIX CHECKED.

now using windows explorer locate the following files/folders and delete them.

C:\WINDOWS\SYSTEM\VFAA.DLL
C:\WINDOWS\web\related.htm
C:\Recycled\Q678340.exe


Now run CleanUp!. Click CleanUp and allow it to delete all the temporary files.Reboot your computer into normal windows.

Run this online virus scan: ActiveScan - Save the results from the scan

Rscan with HJT and post the log back with the panda active log
  • 0

#9
aaron*

aaron*

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Sorry!!! it took so long to get back to you, I left for vacation and then after I followed all the instructions the panda scan took forever to do, and it still didn't go all the way through but this was the most thorough at three days straight. it took forever going through the PQSC folders (I think it stands for Power Quest Second Chance) and I decided to run spyware doctor program and send that log too. Thanks for the help! -Aaron

Panda ActiveScan log:

Incident Status Location

Adware:adware/gator No disinfected C:\WINDOWS\GatorPatch.log
Adware:adware/superspider No disinfected C:\WINDOWS\image.dll
Spyware:spyware/virtumonde No disinfected C:\WINDOWS\bsx32.ini
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0138592.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0138593.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0138613.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0138614.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0139613.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0139614.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0140613.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0140614.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0140620.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0140621.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0141642.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0141643.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0141661.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0141662.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0141677.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0141678.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0142677.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0142678.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0138561.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0142960.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0142961.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0143008.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0143009.CPY
Adware:Adware/BookedSpace No disinfected C:\_RESTORE\TEMP\A0143010.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0130904.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0130905.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0051829.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0051833.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0051840.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0051843.CPY
Adware:Adware/MyWay No disinfected C:\_RESTORE\TEMP\A0143273.CPY
Virus:Trj/Downloader.CVB Disinfected C:\_RESTORE\TEMP\A0143461.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0433971.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0433974.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0419639.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0426054.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0060093.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0060096.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0060099.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0060101.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0443907.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0443912.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0446103.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0446109.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0460586.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0460590.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0122189.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0122190.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0122242.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0122243.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0467527.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0467530.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0018330.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0018337.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0039951.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0039958.CPY
Spyware:Spyware/ClearSearch No disinfected C:\_RESTORE\TEMP\A0060369.CPY
Spyware:Spyware/ClearSearch No disinfected C:\_RESTORE\TEMP\A0060371.CPY
Adware:Adware/DNSErr No disinfected C:\_RESTORE\TEMP\A0060398.CPY
Adware:Adware/DNSErr No disinfected C:\_RESTORE\TEMP\A0060403.CPY
Adware:Adware/DNSErr No disinfected C:\_RESTORE\TEMP\A0060408.CPY
Adware:Adware/DNSErr No disinfected C:\_RESTORE\TEMP\A0060413.CPY
Adware:Adware/DNSErr No disinfected C:\_RESTORE\TEMP\A0060418.CPY
Adware:Adware/DNSErr No disinfected C:\_RESTORE\TEMP\A0060423.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0060573.CPY
Virus:Bck/MTX.B Disinfected C:\_RESTORE\TEMP\A0061177.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0063684.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0063689.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0063692.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0063694.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0097346.CPY
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS108.CAB[A0015452.CPY]
Possible Virus. No disinfected C:\_RESTORE\ARCHIVE\FS88.CAB[A0012951.CPY]
Possible Virus. No disinfected C:\_RESTORE\ARCHIVE\FS88.CAB[A0012957.CPY][unk_0020][FireBurner.exe]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS699.CAB[W0114967.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS695.CAB[A0088238.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS695.CAB[A0088239.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS695.CAB[A0088240.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS695.CAB[A0088241.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS798.CAB[A0109515.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS798.CAB[A0109526.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS798.CAB[A0109527.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS798.CAB[A0109528.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS798.CAB[A0109531.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS798.CAB[A0109532.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS926.CAB[A0132260.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS926.CAB[A0132261.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS926.CAB[A0132266.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS926.CAB[A0132267.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS926.CAB[A0132270.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS926.CAB[A0132271.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS927.CAB[A0132299.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2327.CAB[A0402603.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2327.CAB[A0402608.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2328.CAB[A0402660.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2328.CAB[A0402667.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2330.CAB[A0403091.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2330.CAB[A0403097.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2340.CAB[A0405342.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2340.CAB[A0405351.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2342.CAB[A0405614.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2342.CAB[A0405621.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2387.CAB[A0413431.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2387.CAB[A0413435.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2391.CAB[A0413991.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2391.CAB[A0413995.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2403.CAB[A0415536.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2403.CAB[A0415540.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2407.CAB[A0416105.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2407.CAB[A0416109.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2420.CAB[A0418234.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2420.CAB[A0418238.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2427.CAB[A0419022.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2360.CAB[A0408299.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2360.CAB[A0408302.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2364.CAB[A0408963.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2364.CAB[A0408968.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2366.CAB[A0409249.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2366.CAB[A0409253.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2433.CAB[A0419631.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2435.CAB[A0420833.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2435.CAB[A0420836.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2439.CAB[A0422520.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2439.CAB[A0422525.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2449.CAB[A0425067.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2449.CAB[A0425071.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2456.CAB[A0426055.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2457.CAB[A0426056.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2471.CAB[A0427687.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2473.CAB[A0427841.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2476.CAB[A0428446.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2476.CAB[A0428449.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2481.CAB[A0429017.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2481.CAB[A0429021.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2483.CAB[A0429271.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2483.CAB[A0429275.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2493.CAB[A0430260.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2491.CAB[A0430089.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2491.CAB[A0430092.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2708.CAB[A0000838.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2708.CAB[A0000841.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2499.CAB[A0430633.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2499.CAB[A0430636.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2503.CAB[A0430986.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2503.CAB[A0430990.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2990.CAB[A0053852.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2990.CAB[A0053857.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2510.CAB[A0431632.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2510.CAB[A0431638.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2516.CAB[A0432240.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2516.CAB[A0432244.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2517.CAB[A0432539.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2518.CAB[A0433521.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2508.CAB[A0431435.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2508.CAB[A0431440.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2525.CAB[A0434334.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2525.CAB[A0434337.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2527.CAB[A0434643.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2528.CAB[A0434649.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2530.CAB[A0435118.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2530.CAB[A0435121.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2536.CAB[A0435959.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2536.CAB[A0435963.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2537.CAB[A0436487.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2538.CAB[A0437444.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2544.CAB[A0439431.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2544.CAB[A0439437.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2548.CAB[A0439920.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2548.CAB[A0439924.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2553.CAB[A0440489.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2553.CAB[A0440494.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2559.CAB[A0441594.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2559.CAB[A0441600.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2560.CAB[A0441808.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2560.CAB[A0441812.CPY]
Adware:Adware/DNSErr No disinfected C:\_RESTORE\ARCHIVE\FS2561.CAB[A0442062.CPY]
Adware:Adware/DNSErr No disinfected C:\_RESTORE\ARCHIVE\FS2561.CAB[A0442063.CPY]
Adware:Adware/DNSErr No disinfected C:\_RESTORE\ARCHIVE\FS2561.CAB[A0442064.CPY]
Adware:Adware/DNSErr No disinfected C:\_RESTORE\ARCHIVE\FS2561.CAB[A0442065.CPY]
Adware:Adware/DNSErr No disinfected C:\_RESTORE\ARCHIVE\FS2561.CAB[A0442066.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2562.CAB[A0442126.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2562.CAB[A0442130.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2975.CAB[A0049637.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2975.CAB[A0049640.CPY]
Virus:Trj/Downloader.ADD No disinfected C:\_RESTORE\ARCHIVE\FS2975.CAB[A0049644.CPY]
Virus:Trj/Downloader.ADD No disinfected C:\_RESTORE\ARCHIVE\FS2975.CAB[A0049645.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2977.CAB[A0050049.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2977.CAB[A0050052.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2979.CAB[A0050345.CPY]
  • 0

#10
aaron*

aaron*

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Sorry!!! it took so long to get back to you, I left for vacation and then after I followed all the instructions the panda scan took forever to do, and it still didn't go all the way through but this was the most thorough at three days straight. it took forever going through the PQSC folders (I think it stands for Power Quest Second Chance) and I decided to run spyware doctor program and send that log too. Thanks for the help! -Aaron

Panda Active Scan log:
Incident Status Location

Adware:adware/gator No disinfected C:\WINDOWS\GatorPatch.log
Adware:adware/superspider No disinfected C:\WINDOWS\image.dll
Spyware:spyware/virtumonde No disinfected C:\WINDOWS\bsx32.ini
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0138592.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0138593.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0138613.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0138614.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0139613.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0139614.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0140613.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0140614.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0140620.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0140621.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0141642.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0141643.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0141661.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0141662.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0141677.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0141678.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0142677.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0142678.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0138561.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0142960.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0142961.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0143008.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0143009.CPY
Adware:Adware/BookedSpace No disinfected C:\_RESTORE\TEMP\A0143010.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0130904.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0130905.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0051829.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0051833.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0051840.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0051843.CPY
Adware:Adware/MyWay No disinfected C:\_RESTORE\TEMP\A0143273.CPY
Virus:Trj/Downloader.CVB Disinfected C:\_RESTORE\TEMP\A0143461.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0433971.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0433974.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0419639.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0426054.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0060093.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0060096.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0060099.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0060101.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0443907.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0443912.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0446103.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0446109.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0460586.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0460590.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0122189.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0122190.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0122242.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0122243.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0467527.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0467530.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0018330.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0018337.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0039951.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0039958.CPY
Spyware:Spyware/ClearSearch No disinfected C:\_RESTORE\TEMP\A0060369.CPY
Spyware:Spyware/ClearSearch No disinfected C:\_RESTORE\TEMP\A0060371.CPY
Adware:Adware/DNSErr No disinfected C:\_RESTORE\TEMP\A0060398.CPY
Adware:Adware/DNSErr No disinfected C:\_RESTORE\TEMP\A0060403.CPY
Adware:Adware/DNSErr No disinfected C:\_RESTORE\TEMP\A0060408.CPY
Adware:Adware/DNSErr No disinfected C:\_RESTORE\TEMP\A0060413.CPY
Adware:Adware/DNSErr No disinfected C:\_RESTORE\TEMP\A0060418.CPY
Adware:Adware/DNSErr No disinfected C:\_RESTORE\TEMP\A0060423.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0060573.CPY
Virus:Bck/MTX.B Disinfected C:\_RESTORE\TEMP\A0061177.CPY
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\TEMP\A0063684.CPY
Virus:Bck/Zapchast.B Disinfected C:\_RESTORE\TEMP\A0063689.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0063692.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0063694.CPY
Virus:Trj/Downloader.ADD Disinfected C:\_RESTORE\TEMP\A0097346.CPY
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS108.CAB[A0015452.CPY]
Possible Virus. No disinfected C:\_RESTORE\ARCHIVE\FS88.CAB[A0012951.CPY]
Possible Virus. No disinfected C:\_RESTORE\ARCHIVE\FS88.CAB[A0012957.CPY][unk_0020][FireBurner.exe]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS699.CAB[W0114967.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS695.CAB[A0088238.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS695.CAB[A0088239.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS695.CAB[A0088240.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS695.CAB[A0088241.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS798.CAB[A0109515.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS798.CAB[A0109526.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS798.CAB[A0109527.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS798.CAB[A0109528.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS798.CAB[A0109531.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS798.CAB[A0109532.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS926.CAB[A0132260.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS926.CAB[A0132261.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS926.CAB[A0132266.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS926.CAB[A0132267.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS926.CAB[A0132270.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS926.CAB[A0132271.CPY]
Adware:Adware/Gator No disinfected C:\_RESTORE\ARCHIVE\FS927.CAB[A0132299.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2327.CAB[A0402603.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2327.CAB[A0402608.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2328.CAB[A0402660.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2328.CAB[A0402667.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2330.CAB[A0403091.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2330.CAB[A0403097.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2340.CAB[A0405342.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2340.CAB[A0405351.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2342.CAB[A0405614.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2342.CAB[A0405621.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2387.CAB[A0413431.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2387.CAB[A0413435.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2391.CAB[A0413991.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2391.CAB[A0413995.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2403.CAB[A0415536.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2403.CAB[A0415540.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2407.CAB[A0416105.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2407.CAB[A0416109.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2420.CAB[A0418234.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2420.CAB[A0418238.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2427.CAB[A0419022.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2360.CAB[A0408299.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2360.CAB[A0408302.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2364.CAB[A0408963.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2364.CAB[A0408968.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2366.CAB[A0409249.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2366.CAB[A0409253.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2433.CAB[A0419631.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2435.CAB[A0420833.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2435.CAB[A0420836.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2439.CAB[A0422520.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2439.CAB[A0422525.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2449.CAB[A0425067.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2449.CAB[A0425071.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2456.CAB[A0426055.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2457.CAB[A0426056.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2471.CAB[A0427687.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2473.CAB[A0427841.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2476.CAB[A0428446.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2476.CAB[A0428449.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2481.CAB[A0429017.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2481.CAB[A0429021.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2483.CAB[A0429271.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2483.CAB[A0429275.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2493.CAB[A0430260.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2491.CAB[A0430089.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2491.CAB[A0430092.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2708.CAB[A0000838.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2708.CAB[A0000841.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2499.CAB[A0430633.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2499.CAB[A0430636.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2503.CAB[A0430986.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2503.CAB[A0430990.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2990.CAB[A0053852.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2990.CAB[A0053857.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2510.CAB[A0431632.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2510.CAB[A0431638.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2516.CAB[A0432240.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2516.CAB[A0432244.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2517.CAB[A0432539.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2518.CAB[A0433521.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2508.CAB[A0431435.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2508.CAB[A0431440.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2525.CAB[A0434334.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2525.CAB[A0434337.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2527.CAB[A0434643.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2528.CAB[A0434649.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2530.CAB[A0435118.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2530.CAB[A0435121.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2536.CAB[A0435959.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2536.CAB[A0435963.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2537.CAB[A0436487.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2538.CAB[A0437444.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2544.CAB[A0439431.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2544.CAB[A0439437.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2548.CAB[A0439920.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2548.CAB[A0439924.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2553.CAB[A0440489.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2553.CAB[A0440494.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2559.CAB[A0441594.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2559.CAB[A0441600.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2560.CAB[A0441808.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2560.CAB[A0441812.CPY]
Adware:Adware/DNSErr No disinfected C:\_RESTORE\ARCHIVE\FS2561.CAB[A0442062.CPY]
Adware:Adware/DNSErr No disinfected C:\_RESTORE\ARCHIVE\FS2561.CAB[A0442063.CPY]
Adware:Adware/DNSErr No disinfected C:\_RESTORE\ARCHIVE\FS2561.CAB[A0442064.CPY]
Adware:Adware/DNSErr No disinfected C:\_RESTORE\ARCHIVE\FS2561.CAB[A0442065.CPY]
Adware:Adware/DNSErr No disinfected C:\_RESTORE\ARCHIVE\FS2561.CAB[A0442066.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2562.CAB[A0442126.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2562.CAB[A0442130.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2975.CAB[A0049637.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2975.CAB[A0049640.CPY]
Virus:Trj/Downloader.ADD No disinfected C:\_RESTORE\ARCHIVE\FS2975.CAB[A0049644.CPY]
Virus:Trj/Downloader.ADD No disinfected C:\_RESTORE\ARCHIVE\FS2975.CAB[A0049645.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2977.CAB[A0050049.CPY]
Virus:Bck/Zapchast.B No disinfected C:\_RESTORE\ARCHIVE\FS2977.CAB[A0050052.CPY]
Adware:Adware/StartPage.F No disinfected C:\_RESTORE\ARCHIVE\FS2979.CAB[A0050345.CPY]
V
  • 0

#11
aaron*

aaron*

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
is all of my post getting on there? it seems cut off to me. is there a maximum of lines, or letters typed? let me know. thanks Aaron.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP