help me.

Comments

• Crunchie Mandurah. Western Australia. Member

  December 2005 edited December 2005

  Download, then unzip to "C:\HJT", the newest version of HiJackThis; version 1.99.1. Then repost your log, either now, or after following the steps in the solution (if provided in this post). This version has features that might be more helpful in 'cleaning' up your system.
  
  ==
  
  Please download the trial version of Ewido Security Suite here:
  http://www.ewido.net/en/download/
  Install it, and update the definitions to the newest files. Do NOT run a scan yet.
  Next, please reboot your computer in Safe Mode by doing the following:
  1) Restart your computer
  2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
  3) Instead of Windows loading as normal, a menu should appear
  4) Select the first option, to run Windows in Safe Mode.
  
  For additional help in booting into Safe Mode, see the following site:
  http://www.pchell.com/support/safemode.shtml
  
  Once in Safe Mode, please run Ewido, and do a full scan. During the scan it will prompt you to clean files, click OK.
  
  Save the logfile from the scan. Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.

  0
• manny76

  December 2005 edited December 2005

  Thank you sooo much for your quick reply. Hopefully you can help me out of this jam. Here are the two logs:
  
  HJT log:
  
  Logfile of HijackThis v1.99.1
  Scan saved at 1:09:57 PM, on 12/18/2005
  Platform: Windows XP SP1 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\WinRAR\WinRAR.exe
  C:\DOCUME~1\ROBERT\LOCALS~1\Temp\Rar$EX02.734\HijackThis.exe
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.sbc.yahoo.com/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
  R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  R3 - Default URLSearchHook is missing
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
  O2 - BHO: (no name) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - (no file)
  O2 - BHO: EyeOnIE Class - {316AEF8D-3C37-423E-9E6E-13820A9DC37A} - C:\PROGRA~1\THESHI~1\THESHI~1.0\PROGRA~1\PCSECU~1\THESHI~1\IrlOnIE.dll
  O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
  O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
  O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
  O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
  O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
  O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
  O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
  O3 - Toolbar: SearchSafe - {51CE7A05-9C90-433b-8BEC-73973997F6F2} - C:\Program Files\SearchSafe\searchsafe.dll
  O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll
  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
  O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
  O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
  O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
  O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
  O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
  O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
  O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe
  O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
  O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
  O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
  O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
  O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
  O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
  O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
  O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
  O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
  O4 - HKCU\..\Run: [FreeRAM XP] "C:\internet security\FreeRAM XP Pro 1.40.exe" -win
  O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
  O4 - Startup: TrueAssistant.lnk = C:\Program Files\TrueAssistant\TrueAssistant.exe
  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
  O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
  O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
  O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
  O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
  O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
  O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
  O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
  O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
  O9 - Extra button: Bet Hold'em Guest Poker - {668AD7EF-382B-4daa-85DB-F6533F1374A1} - C:\Program Files\betholdemguestMPP\MPPoker.exe
  O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
  O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
  O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
  O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
  O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
  O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
  O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab40443.cab
  O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
  O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} (WildTangent Active Launcher) - http://install.wildtangent.com/ActiveLauncher/ActiveLauncher.cab
  O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
  O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101702536000
  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1128174794828
  O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) - http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab37625.cab
  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
  O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
  O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
  O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab35645.cab
  O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
  O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} - http://www.trueswitch.com/sbc/TrueInstallSBC.exe
  O18 - Protocol: bw+0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw+0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw-0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw-0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw00 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw00s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw10 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw10s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw20 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw20s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw30 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw30s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw40 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw40s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw50 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw50s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw60 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw60s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw70 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw70s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw80 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw80s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw90 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw90s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwa0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwa0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwb0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwb0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwc0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwc0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwd0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwd0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwe0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwe0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwf0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwf0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
  O18 - Protocol: bwg0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwg0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwh0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwh0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwi0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwi0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwj0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwj0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwk0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwk0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwl0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwl0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwm0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwm0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwn0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwn0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwo0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwo0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwp0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwp0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwq0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwq0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwr0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwr0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bws0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bws0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwt0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwt0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwu0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwu0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwv0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwv0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bww0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bww0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwx0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwx0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwy0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwy0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwz0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwz0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O18 - Protocol: offline-8876480 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
  O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
  O23 - Service: Brother BidiAgent Service for Resource manager (brmfbags) - Brother Industries, Ltd. - C:\WINDOWS\System32\BrmfBAgS.exe
  O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
  O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
  O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
  O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
  O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
  O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
  O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
  
  
  
  EWIDO
  
  

  ---

  ewido security suite - Scan report

  ---

  
  + Created on: 2:36:52 PM, 12/18/2005
  + Report-Checksum: 1222B38F
  
  + Scan result:
  
  HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Spyware.HotBar : Error during cleaning
  HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Spyware.HotBar : Error during cleaning
  HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -> Spyware.PopularScreensavers : Cleaned with backup
  HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540006} -> Spyware.CnsMin : Cleaned with backup
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9527D42F-D666-11D3-B8DD-00600838CD5F} -> Spyware.GhostSurf : Cleaned with backup
  C:\System Volume Information\_restore{8357CB77-1DBD-43BC-B2F8-E849AAB0887F}\RP801\A0200734.dll -> Spyware.WildTangent : Cleaned with backup
  C:\System Volume Information\_restore{8357CB77-1DBD-43BC-B2F8-E849AAB0887F}\RP801\A0200735.dll -> Spyware.WildTangent : Cleaned with backup
  
  
  ::Report End
  
  

  0
• Crunchie Mandurah. Western Australia. Member

  December 2005 edited December 2005

  Can you please do the following.
  
  ===============
  
  We'll need to unload Spybot's Teatimer before we begin. To do this can you start Spybot and go to Tools > Resident and uncheck the box next to Tea-Timer. Make sure that the icon in the system tray is no longer there. If it is, just right click on it and select "Exit". Do not forget to re-enable it when we are done .
  
  ===============
  
  Now, let's open a command prompt by going to the start menu and then select 'Run'.
  
  In the box that pops up type in 'cmd'. The command prompt will open.
  
  OR
  
  You can go to Start -> Programs -> Accessories -> Command Prompt. Unregister the dll(s) we're going to remove, by entering the following:
  
  regsvr32 /u searchsafe.dll
  
  It's ok, if these aren't found or 'error' out. If you want, just copy and paste the individual lines to the command prompt to save typing them in.
  
  ===============
  
  Scan with HiJackThis, click "Scan", then check(tick) the following, if present:
  
  
  R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
  
  R3 - Default URLSearchHook is missing
  
  O2 - BHO: (no name) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - (no file)
  O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
  O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
  O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
  O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
  
  O3 - Toolbar: SearchSafe - {51CE7A05-9C90-433b-8BEC-73973997F6F2} - C:\Program Files\SearchSafe\searchsafe.dll
  
  O9 - Extra button: Bet Hold'em Guest Poker - {668AD7EF-382B-4daa-85DB-F6533F1374A1} - C:\Program Files\betholdemguestMPP\MPPoker.exe
  O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
  O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
  
  
  Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked".
  
  ===============
  
  Locate and delete the following item(s), if present. Make sure you are able to view system and hidden files/ folders:
  
  folders...
  
  C:\Program Files\SearchSafe
  C:\Program Files\betholdemguestMPP
  C:\Program Files\PartyPoker
  
  -
  
  Note that some of these file(s)/folder(s) may or may not be present. If present, and cannot be deleted because they're 'in use', try deleting them in "Safe Mode".
  
  -
  
  Reboot.
  
  ===============
  
  After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now.

  0
• manny76

  December 2005 edited December 2005

  Okay so far so good. I was able to delete those files. I tried to go to the windows update and install service pack 2, and about half way thru i received the following message:
  
  service pack 2 setup could not backup registry value HKCR\.dvr-ms,\'perceived type, video\'.5:access is denied
  
  i tried to ignore it and it continued to install for a while more before giving me this message:
  
  service pack 2 could not be installed access denied
  
  it then uninstalled service pack 2.
  
  
  the computer seems to be better but I dont know what is going on with this, and why it wont let me update my windows?
  
  also 2 strange files were put on my desktop and im not sure where they came from or if its safe to delete them. The name of the files are "desktop" and the type is "configuration setting"
  
  here is my new HJT log.
  
  thanks!!!!
  
  Logfile of HijackThis v1.99.1
  Scan saved at 6:05:41 PM, on 12/18/2005
  Platform: Windows XP SP1 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\Explorer.EXE
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
  C:\WINDOWS\System32\BrmfBAgS.exe
  C:\Program Files\Yahoo!\Antivirus\ISafe.exe
  C:\Program Files\ewido\security suite\ewidoctrl.exe
  C:\Program Files\ewido\security suite\ewidoguard.exe
  C:\WINDOWS\System32\nvsvc32.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
  C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
  C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
  C:\Program Files\Brother\ControlCenter2\brctrcen.exe
  C:\Program Files\Yahoo!\browser\ybrwicon.exe
  C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
  C:\WINDOWS\System32\LVCOMSX.EXE
  C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
  C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
  C:\internet security\FreeRAM XP Pro 1.40.exe
  C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
  C:\PROGRA~1\YAHOO!\browser\ycommon.exe
  C:\WINDOWS\System32\BRMFRSMG.EXE
  C:\Program Files\TrueAssistant\TrueAssistant.exe
  C:\WINDOWS\System32\wuauclt.exe
  C:\Program Files\WinRAR\WinRAR.exe
  C:\DOCUME~1\ROBERT\LOCALS~1\Temp\Rar$EX00.343\HijackThis.exe
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.sbc.yahoo.com/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
  O2 - BHO: EyeOnIE Class - {316AEF8D-3C37-423E-9E6E-13820A9DC37A} - C:\PROGRA~1\THESHI~1\THESHI~1.0\PROGRA~1\PCSECU~1\THESHI~1\IrlOnIE.dll
  O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
  O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
  O2 - BHO: (no name) - {9527D42F-D666-11D3-B8DD-00600838CD5F} - (no file)
  O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
  O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll
  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
  O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
  O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
  O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
  O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
  O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
  O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe
  O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
  O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
  O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
  O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
  O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
  O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
  O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
  O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
  O4 - HKCU\..\Run: [FreeRAM XP] "C:\internet security\FreeRAM XP Pro 1.40.exe" -win
  O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
  O4 - Startup: TrueAssistant.lnk = C:\Program Files\TrueAssistant\TrueAssistant.exe
  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
  O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
  O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
  O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
  O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
  O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
  O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
  O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
  O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
  O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
  O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
  O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
  O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
  O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab40443.cab
  O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
  O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} -
  O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
  O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} (WildTangent Active Launcher) - http://install.wildtangent.com/ActiveLauncher/ActiveLauncher.cab
  O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
  O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101702536000
  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1128174794828
  O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) - http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab37625.cab
  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
  O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
  O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
  O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab35645.cab
  O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
  O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} - http://www.trueswitch.com/sbc/TrueInstallSBC.exe
  O18 - Protocol: bw+0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw+0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw-0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw-0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw00 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw00s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw10 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw10s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw20 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw20s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw30 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw30s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw40 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw40s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw50 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw50s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw60 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw60s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw70 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw70s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw80 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw80s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw90 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw90s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwa0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwa0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwb0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwb0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwc0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwc0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwd0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwd0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwe0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwe0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwf0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwf0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
  O18 - Protocol: bwg0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwg0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwh0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwh0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwi0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwi0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwj0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwj0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwk0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwk0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwl0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwl0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwm0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwm0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwn0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwn0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwo0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwo0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwp0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwp0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwq0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwq0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwr0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwr0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bws0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bws0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwt0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwt0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwu0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwu0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwv0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwv0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bww0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bww0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwx0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwx0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwy0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwy0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwz0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwz0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O18 - Protocol: offline-8876480 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
  O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
  O23 - Service: Brother BidiAgent Service for Resource manager (brmfbags) - Brother Industries, Ltd. - C:\WINDOWS\System32\BrmfBAgS.exe
  O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
  O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
  O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
  O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
  O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
  O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

  0
• Crunchie Mandurah. Western Australia. Member

  December 2005 edited December 2005

  Try here for the service pack install error; http://www.michna.com/kb/WxSP2.htm#Cannot_install_Service_Pack_2
  
  You need to hide the hidden folders/files again to remove those files on your desktop .
  
  ==
  
  Can you please do the following.
  
  ===============
  
  Scan with HiJackThis, click "Scan", then check(tick) the following, if present:
  
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  
  O2 - BHO: (no name) - {9527D42F-D666-11D3-B8DD-00600838CD5F} - (no file)
  
  O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
  O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} -
  
  
  Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked".
  
  ===============
  
  After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now.

  0
• manny76

  December 2005 edited December 2005

  I tried to follow the regedit instructions but it was very confusing. I did not cange anything in the registry yet because i am unsure as to what i should do. could you please help me with this? i did locate some problem registry keys. here are a few that i cut and paste, is this what i should be looking for?
  
  #E197 Writing "C:\WINDOWS\INF\wmaccess.inf" to "C:\WINDOWS\INF" is not an approved method of installing INF files. Use a 'CopyINF' entry instead.
  #E099 Writing of "C:\WINDOWS\inf\unregmp2.exe" to "C:\WINDOWS\INF" can cause problems.
  #E033 Error 5: Access is denied
  
  here is my HJT log as well
  
  Logfile of HijackThis v1.99.1
  Scan saved at 10:55:11 AM, on 12/19/2005
  Platform: Windows XP SP1 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
  C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
  C:\Program Files\Brother\ControlCenter2\brctrcen.exe
  C:\Program Files\Yahoo!\browser\ybrwicon.exe
  C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
  C:\WINDOWS\System32\LVCOMSX.EXE
  C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
  C:\WINDOWS\System32\BrmfBAgS.exe
  C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
  C:\Program Files\Yahoo!\Antivirus\ISafe.exe
  C:\internet security\FreeRAM XP Pro 1.40.exe
  C:\PROGRA~1\YAHOO!\browser\ycommon.exe
  C:\Program Files\ewido\security suite\ewidoctrl.exe
  C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
  C:\WINDOWS\System32\nvsvc32.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
  C:\WINDOWS\System32\BRMFRSMG.EXE
  C:\Program Files\WinRAR\WinRAR.exe
  C:\DOCUME~1\ROBERT\LOCALS~1\Temp\Rar$EX00.672\HijackThis.exe
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.sbc.yahoo.com/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
  O2 - BHO: EyeOnIE Class - {316AEF8D-3C37-423E-9E6E-13820A9DC37A} - C:\PROGRA~1\THESHI~1\THESHI~1.0\PROGRA~1\PCSECU~1\THESHI~1\IrlOnIE.dll
  O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
  O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
  O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
  O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll
  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
  O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
  O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
  O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
  O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
  O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
  O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe
  O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
  O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
  O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
  O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
  O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
  O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
  O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
  O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
  O4 - HKCU\..\Run: [FreeRAM XP] "C:\internet security\FreeRAM XP Pro 1.40.exe" -win
  O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
  O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
  O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
  O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
  O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
  O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
  O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
  O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
  O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
  O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
  O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
  O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
  O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
  O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab40443.cab
  O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
  O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} (WildTangent Active Launcher) - http://install.wildtangent.com/ActiveLauncher/ActiveLauncher.cab
  O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
  O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101702536000
  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1128174794828
  O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) - http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab37625.cab
  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
  O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
  O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
  O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab35645.cab
  O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
  O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} - http://www.trueswitch.com/sbc/TrueInstallSBC.exe
  O18 - Protocol: bw+0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw+0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw-0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw-0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw00 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw00s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw10 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw10s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw20 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw20s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw30 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw30s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw40 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw40s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw50 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw50s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw60 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw60s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw70 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw70s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw80 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw80s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw90 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw90s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwa0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwa0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwb0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwb0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwc0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwc0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwd0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwd0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwe0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwe0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwf0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwf0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
  O18 - Protocol: bwg0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwg0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwh0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwh0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwi0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwi0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwj0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwj0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwk0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwk0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwl0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwl0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwm0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwm0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwn0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwn0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwo0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwo0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwp0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwp0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwq0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwq0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwr0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwr0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bws0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bws0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwt0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwt0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwu0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwu0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwv0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwv0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bww0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bww0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwx0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwx0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwy0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwy0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwz0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwz0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O18 - Protocol: offline-8876480 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
  O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
  O23 - Service: Brother BidiAgent Service for Resource manager (brmfbags) - Brother Industries, Ltd. - C:\WINDOWS\System32\BrmfBAgS.exe
  O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
  O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
  O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
  O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
  O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
  O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
  
  

  0
• Crunchie Mandurah. Western Australia. Member

  December 2005 edited December 2005

  manny76 wrote:

  I tried to follow the regedit instructions but it was very confusing. I did not cange anything in the registry yet because i am unsure as to what i should do. could you please help me with this? i did locate some problem registry keys. here are a few that i cut and paste, is this what i should be looking for?
  
  #E197 Writing "C:\WINDOWS\INF\wmaccess.inf" to "C:\WINDOWS\INF" is not an approved method of installing INF files. Use a 'CopyINF' entry instead.
  #E099 Writing of "C:\WINDOWS\inf\unregmp2.exe" to "C:\WINDOWS\INF" can cause problems.
  #E033 Error 5: Access is denied

  
  If those are the entries that are preventing the installation, you need to take permission's over them.
  Go to the entries and highlight them then go to 'edit' on the toolbar and go to permissions. Place a check in the 'full control' box and ok out.

  0
• manny76

  December 2005 edited December 2005

  Thank you, I finally got service pack 2 to install. I had to contact microsoft to wlak me thru but it ended up being some missing or corrupted batch files? I dont know but its finally up and running. I ran all my spyware programs and virus scans, but i wanted you to take a look at my HJT log one more time and tell me if there is anything else i can remove. I dont know if you familiar with the CCLeaner program, but there are quite a few (500) or so unused file extentions that i simply cant remove. even with that program. is this effecting my computer? and if so how can i remove them? thank you soo much.
  
  Logfile of HijackThis v1.99.1
  Scan saved at 4:43:57 PM, on 12/21/2005
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
  C:\WINDOWS\System32\BrmfBAgS.exe
  C:\Program Files\Yahoo!\Antivirus\ISafe.exe
  C:\WINDOWS\System32\nvsvc32.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
  C:\WINDOWS\system32\BRMFRSMG.EXE
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
  C:\Program Files\Brother\ControlCenter2\brctrcen.exe
  C:\Program Files\Yahoo!\browser\ybrwicon.exe
  C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
  C:\WINDOWS\System32\LVCOMSX.EXE
  C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
  C:\internet security\FreeRAM XP Pro 1.40.exe
  C:\PROGRA~1\YAHOO!\browser\ycommon.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\WINDOWS\system32\wuauclt.exe
  C:\DOCUME~1\ROBERT\LOCALS~1\Temp\Rar$EX00.313\HijackThis.exe
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.sbc.yahoo.com/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
  O2 - BHO: (no name) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - (no file)
  O2 - BHO: EyeOnIE Class - {316AEF8D-3C37-423E-9E6E-13820A9DC37A} - C:\PROGRA~1\THESHI~1\THESHI~1.0\PROGRA~1\PCSECU~1\THESHI~1\IrlOnIE.dll
  O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
  O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
  O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
  O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
  O2 - BHO: (no name) - {9527D42F-D666-11D3-B8DD-00600838CD5F} - (no file)
  O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
  O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
  O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
  O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
  O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll
  O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
  O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
  O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
  O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe
  O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
  O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
  O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
  O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
  O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
  O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
  O4 - HKCU\..\Run: [FreeRAM XP] "C:\internet security\FreeRAM XP Pro 1.40.exe" -win
  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
  O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
  O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
  O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
  O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
  O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
  O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab40443.cab
  O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
  O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} -
  O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
  O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} (WildTangent Active Launcher) - http://install.wildtangent.com/ActiveLauncher/ActiveLauncher.cab
  O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
  O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101702536000
  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1128174794828
  O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) - http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab37625.cab
  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
  O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
  O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} -
  O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab35645.cab
  O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
  O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} -
  O18 - Protocol: bw+0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw+0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw-0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw-0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw00 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw00s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw10 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw10s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw20 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw20s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw30 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw30s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw40 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw40s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw50 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw50s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw60 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw60s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw70 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw70s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw80 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw80s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw90 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw90s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwa0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwa0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwb0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwb0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwc0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwc0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwd0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwd0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwe0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwe0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwf0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwf0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
  O18 - Protocol: bwg0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwg0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwh0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwh0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwi0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwi0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwj0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwj0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwk0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwk0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwl0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwl0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwm0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwm0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwn0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwn0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwo0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwo0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwp0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwp0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwq0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwq0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwr0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwr0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bws0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bws0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwt0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwt0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwu0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwu0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwv0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwv0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bww0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bww0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwx0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwx0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwy0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwy0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwz0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwz0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O18 - Protocol: offline-8876480 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
  O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
  O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
  O23 - Service: Brother BidiAgent Service for Resource manager (brmfbags) - Brother Industries, Ltd. - C:\WINDOWS\System32\BrmfBAgS.exe
  O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
  O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
  O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
  O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
  
  

  0
• Crunchie Mandurah. Western Australia. Member

  December 2005 edited December 2005

  manny76 wrote:

  I dont know if you familiar with the CCLeaner program, but there are quite a few (500) or so unused file extentions that i simply cant remove. even with that program. is this effecting my computer? and if so how can i remove them?

  
  Try running it whilst in safe mode .
  
  ==
  
  Can you please do the following.
  
  ===============
  
  Scan with HiJackThis, click "Scan", then check(tick) the following, if present:
  
  
  O2 - BHO: (no name) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - (no file)
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
  O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
  O2 - BHO: (no name) - {9527D42F-D666-11D3-B8DD-00600838CD5F} - (no file)
  O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
  O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
  O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
  
  O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
  O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} -
  
  
  Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked".
  
  ===============
  
  After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now.

  0
• manny76

  December 2005 edited December 2005

  Well I ran CCleaner in safe mode as the administrator and it definately reduced the number of those errors, but there are still some lingering bugs. Here is my HJT log... how does it look? the computer seems to be responding slightly faster i think. Thank you once again....
  
  
  Logfile of HijackThis v1.99.1
  Scan saved at 8:17:30 PM, on 12/22/2005
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
  C:\WINDOWS\System32\BrmfBAgS.exe
  C:\Program Files\Yahoo!\Antivirus\ISafe.exe
  C:\WINDOWS\System32\nvsvc32.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
  C:\WINDOWS\system32\BRMFRSMG.EXE
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
  C:\Program Files\Brother\ControlCenter2\brctrcen.exe
  C:\Program Files\Yahoo!\browser\ybrwicon.exe
  C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
  C:\WINDOWS\System32\LVCOMSX.EXE
  C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
  C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
  C:\internet security\FreeRAM XP Pro 1.40.exe
  C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
  C:\PROGRA~1\YAHOO!\browser\ycommon.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\WinRAR\WinRAR.exe
  C:\DOCUME~1\ROBERT\LOCALS~1\Temp\Rar$EX00.657\HijackThis.exe
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.sbc.yahoo.com/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
  O2 - BHO: (no name) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - (no file)
  O2 - BHO: EyeOnIE Class - {316AEF8D-3C37-423E-9E6E-13820A9DC37A} - C:\PROGRA~1\THESHI~1\THESHI~1.0\PROGRA~1\PCSECU~1\THESHI~1\IrlOnIE.dll
  O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
  O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
  O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
  O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
  O2 - BHO: (no name) - {9527D42F-D666-11D3-B8DD-00600838CD5F} - (no file)
  O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
  O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
  O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
  O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
  O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll
  O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
  O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
  O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
  O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe
  O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
  O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
  O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
  O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
  O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
  O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
  O4 - HKCU\..\Run: [FreeRAM XP] "C:\internet security\FreeRAM XP Pro 1.40.exe" -win
  O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
  O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
  O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
  O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
  O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
  O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
  O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab40443.cab
  O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
  O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} -
  O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
  O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLauncher/ActiveLauncher.cab
  O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
  O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101702536000
  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1128174794828
  O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) - http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab37625.cab
  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
  O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
  O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} -
  O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab35645.cab
  O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
  O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} -
  O18 - Protocol: bw+0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw+0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw-0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw-0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw00 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw00s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw10 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw10s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw20 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw20s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw30 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw30s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw40 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw40s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw50 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw50s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw60 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw60s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw70 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw70s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw80 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw80s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw90 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bw90s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwa0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwa0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwb0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwb0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwc0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwc0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwd0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwd0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwe0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwe0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwf0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwf0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
  O18 - Protocol: bwg0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwg0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwh0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwh0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwi0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwi0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwj0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwj0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwk0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwk0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwl0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwl0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwm0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwm0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwn0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwn0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwo0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwo0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwp0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwp0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwq0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwq0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwr0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwr0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bws0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bws0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwt0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwt0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwu0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwu0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwv0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwv0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bww0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bww0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwx0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwx0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwy0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwy0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwz0 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: bwz0s - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O18 - Protocol: offline-8876480 - {168827B4-ADA5-4340-A766-F38440831AD1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
  O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
  O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
  O23 - Service: Brother BidiAgent Service for Resource manager (brmfbags) - Brother Industries, Ltd. - C:\WINDOWS\System32\BrmfBAgS.exe
  O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
  O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
  O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
  O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

  0
• Crunchie Mandurah. Western Australia. Member

  December 2005 edited December 2005

  Can you unload Spybot's Teatimer and remove those same entries. To do this can you start Spybot and go to Tools > Resident and uncheck the box next to Tea-Timer. Make sure that the icon in the system tray is no longer there. If it is, just right click on it and select "Exit". Do not forget to re-enable it when we are done .
  
  Ccleaner has a forum where you will get better help regarding how it works etc .
  
  http://forum.ccleaner.com/index.php?&CODE=00

  0
• manny76

  December 2005 edited December 2005

  thank you very much for all your help...have a wonderful christmas....

  0
• Crunchie Mandurah. Western Australia. Member

  December 2005 edited December 2005

  The same for you .

  0