Here is my Hijak this log.
Logfile of HijackThis v1.99.1
Scan saved at 17:29:05, on 14/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Symantec
Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec
Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec
Shared\ccEvtMgr.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\keyhook.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Common Files\Microsoft Shared\Works
Shared\WkUFind.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Common
Files\Real\Update_OB\realsched.exe
C:\Program Files\Viewpoint\Viewpoint
Manager\ViewMgr.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\lexpps.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Acrobat
7.0\Reader\reader_sl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\william
rathbone\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://www.beaconproject.org.uk/R1 -
HKCU\Software\Microsoft\Windows\CurrentVersion\Intern
et Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe
O2 - BHO: PicShow Class -
{4487598C-2EC7-43A2-870E-6D8D720FDD9F} -
C:\WINDOWS\system32\pkshtbsk.dll (file missing)
O2 - BHO: (no name) -
{53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) -
{549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) -
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: CNisExtBho Class -
{9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program
Files\Common Files\Symantec
Shared\AdBlocking\NISShExt.dll
O2 - BHO: (no name) -
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray]
C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS Windows KeyHook]
C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program
Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program
Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC]
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [MMTray] C:\Program
Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection]
C:\Program Files\Common Files\Microsoft Shared\Works
Shared\WkUFind.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program
Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program
Files\Common Files\Real\Update_OB\realsched.exe"
-osboot
O4 - HKLM\..\Run: [ViewMgr] C:\Program
Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program
Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32
C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVG7_CC]
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC]
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN
Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [pshower]
C:\WINDOWS\system32\pshwr.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk =
C:\Program Files\Adobe\Acrobat
7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk =
C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &AIM Search -
res://C:\Program Files\AIM
Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft
Excel -
res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider
'c:\program files\newdotnet\newdotnet6_38.dll'
missing
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C}
(Checkers Class) -
http://messenger.zon...sgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC}
(MessengerStatsClient Class) -
http://messenger.zon...essengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
(Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3}
(EPUImageControl Class) -
http://tools.ebayimg...x/EPUWALControl_v1-0-3-17.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A}
(Microsoft.WinRep) -
https://webresponse....oas/ActiveX/winrep.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537}
(MSN Photo Upload Tool) -
http://by103fd.bay10...resources/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
http://software-dl.r...dabbfcdb16/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
(WUWebControl Class) -
http://update.micros...ate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126266925640
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61}
(HouseCall Control) -
http://a840.g.akamai...4061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA}
(Sinstaller Class) -
http://dm.screensave...rs/si/1/sinstaller.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB}
(Wwlaunch Control) -
http://www.worldwinn...ed/wwlaunch.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) -
http://messenger.zon...essengerStatsClient.cab31267.cab
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A}
(WebCam Control) -
http://www.webcamnow...tiveXWebCam.cabO16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429}
(ScorchPlugin Class) -
http://www.sibelius....are/win/ActiveXPlugin.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...essengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592}
(ZoneIntro Class) -
http://zone.msn.com/...ZIntro.cab34246.
cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643}
(ZoneChess Object) -
http://messenger.zon...hess.cab31267.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6}
(MSN Chat Control 4.5) -
http://chat.msn.com/bin/msnchat45.cabO18 - Protocol: bw+0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 -
{9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 -
{AF13A1E2-2086-4BF5-A7AD-9065F100DC71} - C:\Program
Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) -
GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) -
GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) -
Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) -
Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation
(ccPwdSvc) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) -
Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido
networks - C:\Program Files\ewido\security
suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido
networks - C:\Program Files\ewido\security
suite\ewidoguard.exe
O23 - Service: IS Service (ISSVC) - Unknown owner -
C:\Program Files\Norton Internet Security\ISSVC.exe
(file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark
International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service
(navapsvc) - Unknown owner - C:\Program Files\Norton
Internet Security\Norton AntiVirus\navapsvc.exe (file
missing)
O23 - Service: ScriptBlocking Service (SBService) -
Symantec Corporation -
C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - -
C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service
(SNDSrvc) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) -
Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec
Corporation - C:\Program Files\Common Files\Symantec
Shared\CCPD-LC\symlcsvc.exe
Here is my Ewido Security suite report
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 19:26:47, 13/09/2005
+ Report-Checksum: 41DE472A
+ Scan result:
HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Spyware.NewDotNet : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Spyware.NewDotNet : Cleaned with backup
HKLM\SOFTWARE\Need2Find -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Need2Find\bar\Partner -> Spyware.Need2Find : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Spyware.NewDotNet : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -> Spyware.PopularScreensavers : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0} -> Spyware.RXToolbar : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Spyware.NewDotNet : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D1C4E81-A32A-416B-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D1C4E89-A32A-416B-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-90F0-F66AB581A933} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8522F9B3-38C5-4AA4-AE40-7401F1BBC851} -> Dialer.Generic : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA2325ED-F9EB-4830-8FCE-0BC35B16969B} -> Spyware.SaveNow : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\Need2Find -> Spyware.Need2Find : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
HKU\S-1-5-21-3539879557-2828585140-3509518724-1006\Software\RX Toolbar -> Spyware.RXToolbar : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Spyware.NewDotNet : Cleaned with backup
C:\Documents and Settings\william rathbone\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-42aa640a-6f571e37.class -> Spyware.Hijacker.Generic : Cleaned with backup
C:\Documents and Settings\william rathbone\Cookies\william rathbone@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Program Files\Common Files\npnenfhf\lrlahlld\rdabllca.exe -> Adware.Gator : Cleaned with backup
C:\Program Files\Common Files\npnenfhf\njdajdlpdp\abaplpanr.exe -> Adware.Gator : Cleaned with backup
C:\Program Files\Need2Find -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
-> : Error during cleaning
C:\Program Files\Need2Find\bar\History\search -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\Settings -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\NewDotNet\uninstall6_38.exe -> Spyware.NewDotNet : Cleaned with backup
C:\Program Files\Screensavers.com\Installer\bin\ScreensaversInst.dll -> Spyware.Comet : Cleaned with backup
C:\Program Files\Seaside Sunset Screensaver\SS1Helper.exe -> Adware.Gator : Cleaned with backup
C:\QUARANTINE\svcproc.exe.Vir -> Trojan.Stervis.g : Cleaned with backup
C:\QUARANTINE\svcproc.exe.Vir.0 -> Trojan.Stervis.g : Cleaned with backup
C:\WINDOWS\NDNuninstall6_38.exe -> Spyware.NewDotNet : Cleaned with backup
C:\WINDOWS\svcproc.exe -> Trojan.Stervis.g : Cleaned with backup
C:\WINDOWS\system32\DrPMon.dll_tobedeleted -> Trojan.Agent.ic : Cleaned with backup
C:\WINDOWS\system32\nsl524.dll -> Spyware.HotSearchBar : Cleaned with backup
C:\WINDOWS\system32\rk.bin -> Spyware.RK : Cleaned with backup
C:\WINDOWS\system32\ustart.exe -> Spyware.WinAD : Cleaned with backup
C:\WINDOWS\system32\__delete_on_reboot__netlanm.dll -> Spyware.SafeSurfing : Cleaned with backup
C:\WINDOWS\system32\__delete_on_reboot__pkshtbsk.dll -> Spyware.SafeSurfing : Cleaned with backup
::Report End
Hope you can help.
Regards
Steve