Solved Caught the Trojan.Starter.384 and can't remove it

[Resolved] Caught the Trojan.Starter.384 and can't remove it

Hiya,
I'm one of the lucky ones that "caught" the Antivirus XP 2008 virus. My scanner/scanner company did clean up most of it, but what's left behind is called Trojan.Starter.384 (and the virus scanner techs have told me these are Windows related files and they're working on it for me - for the last MONTH now....gggrrrrrr). It will just dump me into a blue screen (not the blue-screen-of-death) that causes my computer to freeze up. Lots of times after booting up again I have to completely reset my DSL modem to reconnect to the internet, but not always.
Anyhow, any suggestions as to how to rid my computer of this PEST. I'm running Windows XP, Home Edition, and use Internet Explorer for my browser.
I downloaded HiJackThis, but I don't know what I'm supposed to do from here.
Any help that you can provide would be greatly appreciated.
I've read some of the responses on your site regarding this virus, however, one of the responses from your people said "don't try to fix your computer the way another person has, as it likely won't work the same for your computer" (or something to that effect). Hence, this post
Thanks a bunch & have a great weekend!

 

Scan done 2 mins ago from HiJackThis posted here

BTW, sorry, I meant to post this on my first post, hope it helps:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:53:37 AM, on 8/30/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn5\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: (no name) - {B753C7C5-0942-4b7f-BC27-942B52BDAC66} - C:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn5\yt.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SoftwareStation] "C:\Program Files\eAcceleration\Station\station.exe" /b Startup
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll ",VerifyStatus
O4 - HKLM\..\Run: [webscan] "C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll ",VerifyStatus
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [StopSignSsFwMon] Rundll32.exe "C:\Program Files\eAcceleration\Firewall\ssfwmon.dll ",VerifyStatus
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKLM\..\Run: [WINSTA~1.EXE] C:\WINDOWS\System\WINSTA~1.EXE -b
O4 - HKLM\..\RunOnce: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll ",VerifyStatus /ro
O4 - HKLM\..\RunOnce: [StopSignSsFwMon] Rundll32.exe "C:\Program Files\eAcceleration\Firewall\ssfwmon.dll ",VerifyStatus /ro
O4 - HKLM\..\RunOnce: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll ",VerifyStatus /ro
O4 - HKCU\..\Run: [Ultimate Popup Killer] C:\Program Files\Ultimate Popup Killer\Popupkiller.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: Yahoo Lag Killer.lnk = C:\Program Files\Yahoo Lag Killer\YahooLagKiller.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} - C:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O9 - Extra 'Tools' menuitem: Block This Page - {24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} - C:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {9239E4EC-C9A6-11D2-A844-00C04F68D538} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Netscape\Communicator\Program\AIM\aim.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at1_x.cab
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.5.exe
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5445BE81-B796-11D2-B931-002018654E2E} (MeadCo Security Manager) - http://wcs00180.egain.net/wcsapp/weblib/Javascript/messaging/ie/SecMgr.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://mirror.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1128733974140
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} (WONWebLauncher Class) - http://www.flipside.com/cab/WONWebLauncherControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6us.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C7B05B62-C8D7-438C-840B-4994DAAA8EEE} - http://webpdp.gator.com/v3/download/pdpplugin5094_hd3ptdmgainads.cab
O16 - DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} (LycosMail Upload Control) - http://mail.lycos.com/hanmail-ax/AttachMail.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4861/mcfscan.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_2_3_0.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www5.incredimail.com/contents/setup/downloader_sp1/imloader.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O18 - Protocol: bw+0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: BHkLCsbLsakY - {F464DE03-5ECE-74A9-353C-2476C3C871D3} - C:\WINDOWS\System32\eub.dll
O23 - Service: CbEvtSvc - Unknown owner - C:\WINDOWS\System32\CbEvtSvc.exe (file missing)
O23 - Service: eAcceleration Notification Service (eac_notifysvc) - eAcceleration Corp - C:\Program Files\eAcceleration\Framework\eac_svc.exe
O23 - Service: eAcceleration Product Manager Service (eac_productsvc) - eAcceleration Corp - C:\Program Files\eAcceleration\Framework\eac_productsvc.exe
O23 - Service: FWService - eAcceleration Corp - C:\Program Files\eAcceleration\Firewall\FWService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O24 - Desktop Component 0: (no name) - http://www.d-web.com/karen-224/aj2.jpg

--
End of file - 25935 bytes

*******Thanx again!!

 

Welcome to WindowsBBS Chilly

Lets do a scan with another tool that gives us a better look at things.

• Download RSIT by random/random and save it to your desktop.
• Double click RSIT.exe to start the tool and click Continue at the disclaimer.
• When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
• Please post the contents of both logs here in your next reply.

Side note - if you do not use the Logitech Desktop Messenger software, it would cut down the size of the log considerably if you first uninstalled it via Add/Remove programs. The software's primary function is to notify you of Logitech device updates. In doing so, it sends information about any connected Logitech devices, current Logitech software information, and possibly device/software configuration to their servers. Generally, it's just another unnecessary process for most folks.

 

Hi Noahdfear, and thx for the "welcome" (as unfortunate as the circumstances are that we met.....LOL).

OK, I found a box in the Logitech Desktop Messenger and "unchecked" both boxes on it. I hope that's what u meant by ur response.
I took a look at the one of the logs and still see "Logitech info ". Let me know if there's something further that I need to do to disable it, thx

Below is the first part of the "log" from the RSIT program. I'll try posting as many posts as needed until u get all the info from both the "log" and the "info" documents (it will probably be at least 4 seperated posts, as they seem to be to large to post in one or two posts all at one time, thx:

LOG

Part I

Logfile of random's system information tool (written by random/random)
Run by Karen at 2008-08-31 21:55:17
Microsoft Windows XP Home Edition Service Pack 1
System drive C: has 39 GB (68%) free of 57 GB
Total RAM: 254 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:55:24 PM, on 8/31/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Karen\Desktop\BBS-ALL INFO\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Karen.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn5\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: (no name) - {B753C7C5-0942-4b7f-BC27-942B52BDAC66} - C:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn5\yt.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SoftwareStation] "C:\Program Files\eAcceleration\Station\station.exe" /b Startup
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll ",VerifyStatus
O4 - HKLM\..\Run: [webscan] "C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll ",VerifyStatus
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [StopSignSsFwMon] Rundll32.exe "C:\Program Files\eAcceleration\Firewall\ssfwmon.dll ",VerifyStatus
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKLM\..\Run: [WINSTA~1.EXE] C:\WINDOWS\System\WINSTA~1.EXE -b
O4 - HKLM\..\RunOnce: [vclnrun] C:\PROGRA~1\ACCELE~1\ANTI-V~1\vclnrun.exe /clean
O4 - HKLM\..\RunOnce: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll ",VerifyStatus /ro
O4 - HKLM\..\RunOnce: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll ",VerifyStatus /ro
O4 - HKLM\..\RunOnce: [StopSignSsFwMon] Rundll32.exe "C:\Program Files\eAcceleration\Firewall\ssfwmon.dll ",VerifyStatus /ro
O4 - HKCU\..\Run: [Ultimate Popup Killer] C:\Program Files\Ultimate Popup Killer\Popupkiller.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: Yahoo Lag Killer.lnk = C:\Program Files\Yahoo Lag Killer\YahooLagKiller.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} - C:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O9 - Extra 'Tools' menuitem: Block This Page - {24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} - C:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {9239E4EC-C9A6-11D2-A844-00C04F68D538} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Netscape\Communicator\Program\AIM\aim.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at1_x.cab
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.5.exe
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5445BE81-B796-11D2-B931-002018654E2E} (MeadCo Security Manager) - http://wcs00180.egain.net/wcsapp/weblib/Javascript/messaging/ie/SecMgr.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://mirror.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1128733974140
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} (WONWebLauncher Class) - http://www.flipside.com/cab/WONWebLauncherControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6us.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C7B05B62-C8D7-438C-840B-4994DAAA8EEE} - http://webpdp.gator.com/v3/download/pdpplugin5094_hd3ptdmgainads.cab
O16 - DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} (LycosMail Upload Control) - http://mail.lycos.com/hanmail-ax/AttachMail.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4861/mcfscan.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_2_3_0.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www5.incredimail.com/contents/setup/downloader_sp1/imloader.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O18 - Protocol: bw+0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: BHkLCsbLsakY - {F464DE03-5ECE-74A9-353C-2476C3C871D3} - C:\WINDOWS\system32\eub.dll
O23 - Service: CbEvtSvc - Unknown owner - C:\WINDOWS\System32\CbEvtSvc.exe (file missing)
O23 - Service: eAcceleration Notification Service (eac_notifysvc) - eAcceleration Corp - C:\Program Files\eAcceleration\Framework\eac_svc.exe
O23 - Service: eAcceleration Product Manager Service (eac_productsvc) - eAcceleration Corp - C:\Program Files\eAcceleration\Framework\eac_productsvc.exe
O23 - Service: FWService - eAcceleration Corp - C:\Program Files\eAcceleration\Firewall\FWService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O24 - Desktop Component 0: (no name) - http://www.d-web.com/karen-224/aj2.jpg

--
(cont. next post)

 

LOG

Part II

End of file - 25456 bytes

Scheduled tasks folder

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL [2003-10-18 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn5\yt.dll [2007-05-30 808472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL [2003-10-18 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2006-10-31 198136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65D886A2-7CA7-479B-BB95-14D1EFB7946A}]
YahooTaggedBM Class - C:\Program Files\Yahoo!\Common\YIeTagBm.dll [2006-07-28 120312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
ST - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar4.dll [2007-01-20 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll [2008-05-06 734704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B753C7C5-0942-4b7f-BC27-942B52BDAC66}]
C:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll [2007-02-06 362168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
MSNToolBandBHO - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll [2006-01-17 282624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ACB1E670-3217-45C4-A021-6B829A8A27CB}
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2003-09-17 844048]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll [2006-01-17 282624]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar4.dll [2007-01-20 2403392]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn5\yt.dll [2007-05-30 808472]
{07B18EA9-A523-4961-B6BB-170DE4475CCA}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LogitechGalleryRepair "=C:\Program Files\Logitech\ImageStudio\ISStart.exe [2002-12-10 155648]
"LogitechImageStudioTray "=C:\Program Files\Logitech\ImageStudio\LogiTray.exe [2002-12-10 61440]
"IPInSightLAN 01 "=C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe [2003-06-11 380928]
"NeroFilterCheck "=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"InCD "=C:\Program Files\Ahead\InCD\InCD.exe [2006-03-23 1398272]
"SoftwareStation "=C:\Program Files\eAcceleration\Station\station.exe [2008-04-15 173392]
"StopSignSsTsMon "=C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll [2008-04-21 152976]
"webscan "=C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe [2008-06-12 767328]
"Adobe Photo Downloader "=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [2007-03-09 63712]
"QuickTime Task "=C:\Program Files\QuickTime\QTTask.exe [2007-06-29 286720]
"iTunesHelper "=C:\Program Files\iTunes\iTunesHelper.exe [2007-07-10 270648]
"StopSignSsSsMon "=C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll [2008-04-21 140696]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"StopSignSsFwMon "=C:\Program Files\eAcceleration\Firewall\ssfwmon.dll [2008-03-05 222544]
"SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"SNM "=C:\Program Files\SpyNoMore\SNM.exe /startup []
"WINSTA~1.EXE "=C:\WINDOWS\System\WINSTA~1.EXE -b []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"vclnrun "=C:\PROGRA~1\ACCELE~1\ANTI-V~1\vclnrun.exe [2008-08-07 120144]
"StopSignSsTsMon "=C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll [2008-04-21 152976]
"StopSignSsSsMon "=C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll [2008-04-21 140696]
"StopSignSsFwMon "=C:\Program Files\eAcceleration\Firewall\ssfwmon.dll [2008-03-05 222544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Ultimate Popup Killer "=C:\Program Files\Ultimate Popup Killer\Popupkiller.exe []
"WebCamRT.exe "= []
"swg "=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-21 68856]
"EleFunAnimatedWallpaper "= []
"LDM "=\Program\ []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCMSMMSG]
C:\WINDOWS\BCMSMMSG.exe [2003-08-29 122880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
C:\Program Files\Dell Support\DSAgnt.exe [2004-07-19 306688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPInSightMonitor 01]
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe [2003-06-11 122880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2007-07-10 270648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
\Program\ []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE [2002-12-10 127022]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe [2006-11-07 8192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe [2003-12-10 380928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QAGENT]
C:\Program Files\QUICKENW\QAGENT.EXE [2001-08-01 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe [2006-07-01 26112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebCamRT.exe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~3.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 8.0 Tray Icon.lnk]
C:\PROGRA~1\AMERIC~1.0\aoltray.exe -check []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2003-04-09 598150]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Find Fast.lnk]
C:\PROGRA~1\MICROS~2\Office\FINDFAST.EXE [1997-07-10 111376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSOEMON.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Office Startup.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA.EXE [1997-07-10 51984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Karen^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSOEMON.EXE []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
SBC Self Support Tool.lnk - C:\Program Files\SBC Self Support Tool\bin\matcli.exe
Yahoo Lag Killer.lnk - C:\Program Files\Yahoo Lag Killer\YahooLagKiller.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-10-19 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
BHkLCsbLsakY - {F464DE03-5ECE-74A9-353C-2476C3C871D3} - C:\WINDOWS\system32\eub.dll [2006-07-05 32768]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages "=
:\WINDOWS\system32\srr

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe "= "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*isabled:Logitech Desktop Messenger "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe "= "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger "

List of files/folders created in the last three months

2008-08-31 21:47:13 ----D---- C:\rsit
2008-08-30 00:02:23 ----D---- C:\Program Files\Trend Micro
2008-08-29 21:21:46 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-27 01:36:44 ----D---- C:\Program Files\Common Files\WinSoftware
2008-08-27 01:36:40 ----A---- C:\WINDOWS\b122.exe._eac_qt_
2008-08-27 01:36:36 ----AS---- C:\WINDOWS\NDNuninstall6_38.exe
2008-08-21 18:48:29 ----A---- C:\WINDOWS\System32\STKIT432.DLL
2008-08-20 18:46:47 ----D---- C:\Program Files\Incomplete
2008-08-20 18:44:13 ----D---- C:\Documents and Settings\Karen\Application Data\FrostWire
2008-08-20 18:37:37 ----A---- C:\WINDOWS\System32\javaws.exe
2008-08-20 18:37:37 ----A---- C:\WINDOWS\System32\javaw.exe
2008-08-20 18:37:37 ----A---- C:\WINDOWS\System32\java.exe
2008-08-20 18:28:38 ----D---- C:\Program Files\FrostWire
2008-08-11 17:21:59 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-11 17:20:33 ----D---- C:\Program Files\Oberon Media
2008-08-03 17:07:40 ----A---- C:\WINDOWS\System32\b.tmp._eac_qt_
2008-08-03 17:07:40 ----A---- C:\WINDOWS\System32\16.tmp._eac_qt_
2008-08-03 16:57:30 ----A---- C:\WINDOWS\System32\cbevtsvc.exe._eac_qt_
2008-08-03 16:56:50 ----A---- C:\WINDOWS\System32\~.exe._eac_qt_
2008-07-26 06:14:36 ----A---- C:\WINDOWS\setdebug.exe
2008-07-26 06:14:35 ----A---- C:\WINDOWS\System32\javaee.dll
2008-07-26 06:14:35 ----A---- C:\WINDOWS\System32\dx3j.dll
2008-07-26 06:14:28 ----A---- C:\WINDOWS\System32\wjview.exe
2008-07-26 06:14:27 ----A---- C:\WINDOWS\System32\msjdbc10.dll
2008-07-26 06:14:25 ----A---- C:\WINDOWS\System32\msawt.dll
2008-07-26 06:14:25 ----A---- C:\WINDOWS\System32\jview.exe
2008-07-26 06:14:24 ----A---- C:\WINDOWS\System32\jdbgmgr.exe
2008-07-26 06:14:23 ----A---- C:\WINDOWS\System32\javaprxy.dll
2008-07-26 06:14:22 ----A---- C:\WINDOWS\System32\javacypt.dll
2008-07-26 06:14:21 ----A---- C:\WINDOWS\System32\clspack.exe
2008-07-26 06:12:45 ----D---- C:\Program Files\Y!Hook
2008-07-19 03:29:26 ----A---- C:\WINDOWS\System32\unins000.exe

List of drivers

R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2006-03-23 29440]
R1 incdrm;InCD Reader; C:\WINDOWS\System32\drivers\incdrm.sys [2006-03-23 33536]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\System32\DRIVERS\omci.sys [2002-07-19 17153]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys [2003-01-15 42368]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2006-09-19 15664]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2003-07-03 28160]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2003-07-03 25216]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2003-07-03 53120]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2002-08-29 24960]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2003-07-03 19328]
S1 154b59b5;154b59b5; C:\WINDOWS\System32\System32\drivers\154b59b5.sys []
S1 52788a39;52788a39; C:\WINDOWS\System32\System32\drivers\52788a39.sys []
S1 597153f;597153f; C:\WINDOWS\System32\System32\drivers\597153f.sys []
S1 946b15ad;946b15ad; C:\WINDOWS\System32\System32\drivers\946b15ad.sys []
S1 94f4ff55;94f4ff55; C:\WINDOWS\System32\System32\drivers\94f4ff55.sys []
S1 b11f2c43;b11f2c43; C:\WINDOWS\System32\System32\drivers\b11f2c43.sys []
S1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys []
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\System32\DRIVERS\p3.sys [2002-08-29 37504]
S2 ASCTRM;ASCTRM; C:\WINDOWS\System32\drivers\ASCTRM.sys [2006-07-01 8552]
S2 mrtRate;mrtRate; C:\WINDOWS\System32\drivers\mrtRate.sys [2001-02-28 34712]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-08 120830]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-08 98842]
S3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
S3 ATWPKT2;ATWPKT2; \??\C:\Program Files\America Online 8.0\ATWPKT2.SYS []
S3 BCMModem;BCM V.92 56K Modem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [2003-08-29 1101696]
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\System32\drivers\bvrp_pci.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2003-02-17 16384]
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 fwhookdrv;FwHookDrv; \??\C:\Program Files\Yahoo Lag Killer\FwHookDrv.sys []
S3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2001-08-17 138240]
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2001-08-17 12672]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2001-08-17 12288]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2001-08-17 12032]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2001-08-17 12160]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2001-08-17 18688]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2001-08-17 29440]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2001-08-17 19456]
S3 iAimTV2;iAimTV2; C:\WINDOWS\System32\DRIVERS\wATV03nt.sys [2001-08-17 44928]
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2001-08-17 31104]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2001-08-17 23680]
S3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2005-10-19 807998]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2003-02-17 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2003-02-17 10112]
S3 nm;Network Monitor Driver; C:\WINDOWS\System32\DRIVERS\NMnt.sys [2002-08-29 38272]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-08-28 891711]
S3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0); C:\WINDOWS\System32\DRIVERS\CamDrL21.sys [2002-12-10 236121]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\screamingbdriver.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2003-02-17 10880]
S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-12-19 539008]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2003-02-17 14976]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2002-08-29 56832]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2003-02-17 18688]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\System32\System32\DRIVERS\agp440.sys []
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\System32\System32\DRIVERS\agpCPQ.sys []
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\System32\System32\DRIVERS\alim1541.sys []
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\System32\DRIVERS\amdagp.sys []
S4 cbidf;cbidf; C:\WINDOWS\System32\System32\DRIVERS\cbidf2k.sys []
S4 InCDfs;InCD File System; C:\WINDOWS\System32\drivers\InCDfs.sys [2006-03-23 102016]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\System32\DRIVERS\intelide.sys []
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\System32\System32\DRIVERS\sisagp.sys []
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\System32\System32\DRIVERS\viaagp.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\System32\drivers\ws2ifsl.sys []

List of services

S2 CbEvtSvc;CbEvtSvc; C:\WINDOWS\System32\CbEvtSvc.exe -k netsvcs []
S2 eac_notifysvc;eAcceleration Notification Service; C:\Program Files\eAcceleration\Framework\eac_svc.exe [2008-03-24 111952]
S2 eac_productsvc;eAcceleration Product Manager Service; C:\Program Files\eAcceleration\Framework\eac_productsvc.exe [2008-03-24 263504]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2002-08-29 250368]
S2 FWService;FWService; C:\Program Files\eAcceleration\Firewall\FWService.exe [2008-04-23 337232]
S2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2006-03-23 880128]
S2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-03-26 303104]
S2 ScsiAccess;ScsiAccess; C:\WINDOWS\System32\ScsiAccess.EXE [2003-02-04 181312]
S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-07-10 501048]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

 

Fixing to reduce size of a DUP post...sorry.

 

Sorry for the DUP posts Trying to avoid it from happening again....

 

BTW, thx for the "welcome" noahrfear ", and thx for ur help.

Sorry for all the DUP posts....I seem to be messing this up and I don't know why because I've posted on lots and lots of msg boards before....hmmmm, maybe it's because I'm in "Safe Mode ", I don't know. At any rate, please forgive the mess, thx

 

Hi Chilly
Please do not double post. all posts with a URL in them need to be approved before they will show.

Geri

 

I'll try to post the "info log" here now, without as many duplicates LOL

INFO

info.txt logfile of random's system information tool 2008-08-31 21:47:36

Uninstall list

--> "C:\Program Files\Acceleration Software\Anti-Virus\ws_uninst.exe" -s
--> "C:\Program Files\Acceleration Software\Veloz\VelozSp\velozsp.exe" /Uninstall
--> "C:\Program Files\eAcceleration\OnAccess\onaccess.exe" -u -s
--> "C:\Program Files\eAcceleration\Station\station.exe" /UnRegister
--> "C:\Program Files\SBC Yahoo!\umuninst.exe" /S
-->C:\PROGRA~1\ACCELE~1\ANTI-V~1\regsvr32.exe /u /s C:\PROGRA~1\ACCELE~1\ANTI-V~1\ssupload.dll
-->C:\PROGRA~1\ACCELE~1\ANTI-V~1\regsvr32.exe /u /s C:\PROGRA~1\ACCELE~1\ANTI-V~1\vclnr.dll
-->C:\PROGRA~1\SBCSEL~1\CustomUninstall.exe SBC
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45893FEB-30FD-4034-8661-3BA4238FE67A}\SETUP.EXE" -l0x9 -uninst -y -a -f "b2003ce.isu "
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Reader Chinese Traditional Fonts-->MsiExec.exe /I{AC76BA86-7AD7-2448-5A64-7E8A45000001}
Adobe® Photoshop® Album Starter Edition 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Alan Jackson Screen Saver v2-->C:\WINDOWS\SYSTEM\AlanJacksonSSv2.exe
Alan Jackson Theme-->C:\PROGRA~1\FILESU~1\ALANJA~1\UNWISE.EXE C:\PROGRA~1\FILESU~1\ALANJA~1\INSTALL.LOG
Alan Jackson-->C:\PROGRA~1\FILESU~1\ALANJA~2\UNWISE.EXE C:\PROGRA~1\FILESU~1\ALANJA~2\INSTALL.LOG
AOL Instant Messenger-->C:\Program Files\Netscape\Communicator\Program\AIM\uninstll.exe -LOG= C:\Program Files\Netscape\Communicator\Program\AIM\install.log -OEM=
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
aspi-->MsiExec.exe /I{015E4B8A-29B5-4AE3-BD08-38220FADFF4C}
ATT-AACE-->C:\PROGRA~1\ATT\UNWISE.EXE C:\PROGRA~1\ATT\INSTALL.LOG
BCM V.92 56K Modem-->C:\WINDOWS\BCMSMU.exe quiet
Britannica Ready Reference-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45893FEB-30FD-4034-8661-3BA4238FE67A}\SETUP.EXE" -l0x9 -uninst
Broadcom Advanced Control Suite-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{468190DA-FB4C-45BA-8E40-4B165FF1A939} /l1033
BroadJump Client Foundation-->C:\WINDOWS\IsUninst.exe -f "C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c "C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b "CFD" -h "CFD" -a
CCHelp-->MsiExec.exe /I{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Corel Applications-->C:\WINDOWS\COREL\UNINSTAL.EXE
DAO-->MsiExec.exe /I{64116298-93C5-401D-B06C-39D8E3338508}
Dell Digital Jukebox Driver-->C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Picture Studio - Dell Image Expert-->MsiExec.exe /I{0B8FF60F-C012-4459-AADF-A3AD4E3757DE}
Dell ResourceCD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
Dell Solution Center-->MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
Dell Support 5.0.0 (766)-->rundll32 C:\PROGRA~1\DELLSU~1\AUInst.dll,ExUninstall
DellConnect-->C:\Documents and Settings\All Users\Application Data\GTek\GTRemote\GTRCUnin.exe /selfdelete
eAcceleration - StopSign Popup Blocker-->C:\PROGRA~1\ACCELE~1\StopSign\ss_uninst.exe
Earthlink Installer - uninstall 'Earthlink 5.0' entry first if present-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{9D98F245-3010-43C6-B3B0-67A464DA298E}
ESSAdpt-->MsiExec.exe /I{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}
ESSANUP-->MsiExec.exe /I{A6F18A67-B771-4191-8A33-36D2E742D6D9}
ESSCAM-->MsiExec.exe /I{469730CC-78DF-4CD3-B286-562D459EA619}
ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore-->MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp-->MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSvpaht-->MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}
ESSvpot-->MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1}
FrostWire 4.17.0-->C:\Program Files\FrostWire\Uninstall.exe
Google Earth-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar4.dll "
Hidden Expedition Titanic--> "C:\Program Files\Oberon Media\Hidden Expedition Titanic\Uninstall.exe" "C:\Program Files\Oberon Media\Hidden Expedition Titanic\install.log "
HighMAT Extension to Microsoft Windows XP CD Writing Wizard-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2--> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format SDK (KB902344)--> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe "
Hotfix for Windows Media Format SDK (KB910998)--> "C:\WINDOWS\$NtUninstallKB910998$\spuninst\spuninst.exe "
InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
IntelliMover-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DA9F6EF5-E48A-4E45-BC57-AA16193763B7}\Setup.exe"
Internet Explorer Q903235-->C:\WINDOWS\ieuninst.exe C:\WINDOWS\INF\Q903235.inf
iPod for Windows 2005-02-22-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B6ACFF51-248A-4290-B50B-E50C81F25B97} /l1033
Ipswitch WS_FTP LE-->C:\WINDOWS\IsUninst.exe -f "C:\Program Files\WS_FTP\Uninst.isu "
iTunes-->MsiExec.exe /I{9357AE3A-B2ED-4138-BB9B-0564352C3F0A}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kodak EasyShare software-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_370000_6fe4e5\Setup.exe /APR-REMOVE
KSU-->MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
LeadTool-->MsiExec.exe /I{050ED764-D5FD-4D33-8FCD-AC48250C0798}
Lexmark Photo Center-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{523BD5B6-E904-493C-B902-1BC9B7D44DF4} /l1033
Lexmark Z700-P700 Series-->C:\WINDOWS\System32\spool\drivers\w32x86\3\LXBLUN5C.EXE -dLexmark Z700-P700 Series
LimeWire 4.12.11--> "C:\Program Files\LimeWire\uninstall.exe "
LimeWire-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{69654736-1026-4728-A78E-BA45DF993BAE}
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x9 UNINSTALL
Logitech IM Video Companion-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{984F10FD-11FD-4BED-8163-92DB81E6A825}\Setup.exe" -l0x9 UNINSTALL
Logitech ImageStudio-->MsiExec.exe /I{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Macromedia Dreamweaver 2-->C:\WINDOWS\IsUninst.exe -f "C:\Program Files\Macromedia\Dreamweaver 2\Uninst.isu "
Macromedia Shockwave Player-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\Install.log
Microsoft .NET Framework (English) v1.0.3705-->C:\WINDOWS\Microsoft.NET\Framework\Install.exe /u /p Microsoft .NET Framework Full v1.0.3705 (1033)
Microsoft .NET Framework (English)-->MsiExec.exe /X{B43357AA-3A6D-4D94-B56E-43C44D09E548}
Microsoft .NET Framework 1.0 Hotfix (KB886906)--> "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\M886906\M886906Uninstall.msp "
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Office 97, Professional Edition-->C:\Program Files\Microsoft Office\Office\Setup\Acme.exe /w Off97Pro.STF
Microsoft Works 7.0-->MsiExec.exe /I{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}
Modem Helper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
MSN Music Assistant-->rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
MSN Toolbar-->C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\mtbs.exe c
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NeroVision Express-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
Netscape Browser (remove only)--> "C:\Program Files\Netscape\Netscape Browser\NSUninst.exe "
Notifier-->MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OTtBP-->MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
Outlook Express Password by Thegrideon Software--> "C:\Program Files\Thegrideon Software\Outlook Express Password\uninstall.exe "
Outlook Password by Thegrideon Software--> "C:\Program Files\Thegrideon Software\Outlook Password\Uninstall.exe "
Paint Shop Pro 5.01-->C:\PROGRA~1\PAINTS~1\UNWISE.EXE C:\PROGRA~1\PAINTS~1\INSTALL.LOG
Paint Shop Pro 7-->MsiExec.exe /I{D6DE02C7-1F47-11D4-9515-00105AE4B89A}
PCDADDIN-->MsiExec.exe /I{65D85050-5610-4A91-A3B1-D5C744291AD4}
PCDHELP-->MsiExec.exe /I{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}
PCDLNCH-->MsiExec.exe /I{69BD6399-3D8F-45B7-81D9-819361F5101D}
PCDrdsho-->MsiExec.exe /I{C42C10A8-F2F4-4846-B772-ABD1912A2E85}
Quicken 2002 New User Edition-->C:\WINDOWS\IsUninst.exe -f "C:\Program Files\QUICKENW\Uninst.isu" -c "C:\Program Files\QUICKENW\uninst.dll "
Quicktime Browser Plug-In-->C:\WINDOWS\uninst.exe -f "C:\Program Files\Internet Explorer\plugins\npqtw\DeIsL1.isu "
QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Santa's Workshop Screen Saver--> "C:\PROGRA~1\ScreenSaver.com\Santa's Workshop\UNINSTAL.EXE" /U "C:\PROGRA~1\ScreenSaver.com\Santa's Workshop\INSTALL.LOG "
SBC Self Support Tool-->C:\WINDOWS\Motive\SBC\MCCUninst.exe
SBC Yahoo! Applications-->C:\PROGRA~1\Yahoo!\Common\uninstall.exe
SBC Yahoo! Login-->C:\WINDOWS\System32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ylogin.dll
Screensavers Installer--> "C:\Program Files\Screensavers.com\Installer\bin\siuninst.exe "
Security Update for Microsoft .NET Framework 2.0 (KB917283)-->C:\WINDOWS\System32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Security Update for Microsoft .NET Framework 2.0 (KB922770)-->C:\WINDOWS\System32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Security Update for Step By Step Interactive Training (KB898458)--> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB911564)--> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB911565)--> "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB917734)--> "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe "
Security Update for Windows XP (KB890046)--> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe "
Security Update for Windows XP (KB893756)--> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896358)--> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896422)--> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896423)--> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896424)--> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896426)--> "C:\WINDOWS\$NtUninstallKB896426$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896428)--> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899587)--> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899588)--> "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899591)--> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe "
Security Update for Windows XP (KB900725)--> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe "
Security Update for Windows XP (KB901017)--> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe "
Security Update for Windows XP (KB901190)--> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe "
Security Update for Windows XP (KB901214)--> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe "
Security Update for Windows XP (KB902400)--> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905414)--> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905495)--> "C:\WINDOWS\$NtUninstallKB905495$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905749)--> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe "
Security Update for Windows XP (KB908519)--> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe "
Security Update for Windows XP (KB908531)--> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911562)--> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911927)--> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe "
Security Update for Windows XP (KB912919)--> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe "
Security Update for Windows XP (KB913446)--> "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe "
Security Update for Windows XP (KB913580)--> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe "
Security Update for Windows XP (KB914388)--> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe "
Security Update for Windows XP (KB914389)--> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917159)--> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917344)--> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917422)--> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917953)--> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe "
Security Update for Windows XP (KB919007)--> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920670)--> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920683)--> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920685)--> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe "
Security Update for Windows XP (KB921398)--> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe "
Security Update for Windows XP (KB921883)--> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe "
Security Update for Windows XP (KB922616)--> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe "
Security Update for Windows XP (KB922819)--> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923191)--> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923414)--> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924191)--> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924496)--> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe "
SFR-->MsiExec.exe /I{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}
SFR2-->MsiExec.exe /I{ABE068DF-8DC4-4947-ABFC-DD2B40850225}
Shizmoo Web Games (Uproar)-->C:\Program Files\shizmoo\uproar_webgames\uninstall.exe
Shockwave-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
Snowflakes 3D Demo Screen Saver-->C:\WINDOWS\SOFTDISK\SSSTUDIO\Snowflakes 3D Demo\UNINSTAL.EXE
StopSign by eAcceleration-->C:\PROGRA~1\COMMON~1\EACCEL~1\INSTAL~1\eaccelsetup.exe -AddRemove
SysSnap-->C:\PROGRA~1\COMMON~1\EACCEL~1\SysSnap\syssnap.exe -UnregServer
TeamSpeak 2 RC2--> "C:\Program Files\Teamspeak2_RC2\unins000.exe "
trickortreaters ScreenSaver-->C:\WINDOWS\trickortreaters.scr /U
Twinkle Bulbs v5.6 CD-ROM-->C:\PROGRA~1\TWINKL~1\UNWISE.EXE C:\PROGRA~1\TWINKL~1\INSTALL.LOG
Update for Windows XP (KB835409)--> "C:\WINDOWS\$NtUninstallKB835409$\spuninst\spuninst.exe "
Update for Windows XP (KB898461)--> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe "
Update for Windows XP (KB910437)--> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe "
Update for Windows XP (KB911280)--> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe "
USB MassStorage CardReader-->C:\Program Files\Kodak\040a_5005\Remove.exe
VB Runtime Package 1.5--> "C:\Windows\System32\unins000.exe "
VBRunALL-->MsiExec.exe /I{30BA50ED-0F32-421B-BC6A-132A03EFF299}
VBRunDLL 3.3-->C:\PROGRA~1\ZAKFRO~1\VBRunDLL\Setup.exe /remove
Viewpoint Manager (Remove Only)-->C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Visual IP InSight(SBC)-->C:\Program Files\InstallShield Installation Information\{097346E0-6A51-11D1-AD16-00A0C95E0503}SBC\setup.exe SBC
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Installer 3.1 (KB893803)--> "C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe "
Windows Installer 3.1 (KB893803)--> "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe "
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Format Runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10--> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 9 Hotfix [See KB885492 for more information]-->C:\WINDOWS\$NtUninstallKB885492$\spuninst\spuninst.exe
Windows Media Player Hotfix [See wm828026 for more information]-->C:\WINDOWS\$NtUninstallQ828026$\spuninst\spuninst.exe
Windows XP Hotfix - KB810217-->C:\WINDOWS\$NtUninstallKB810217$\spuninst\spuninst.exe
Windows XP Hotfix - KB820291-->C:\WINDOWS\$NtUninstallKB820291$\spuninst\spuninst.exe
Windows XP Hotfix - KB821253-->C:\WINDOWS\$NtUninstallKB821253$\spuninst\spuninst.exe
Windows XP Hotfix - KB821557-->C:\WINDOWS\$NtUninstallKB821557$\spuninst\spuninst.exe
Windows XP Hotfix - KB822603-->C:\WINDOWS\$NtUninstallKB822603$\spuninst\spuninst.exe
Windows XP Hotfix - KB823182-->C:\WINDOWS\$NtUninstallKB823182$\spuninst\spuninst.exe
Windows XP Hotfix - KB823559-->C:\WINDOWS\$NtUninstallKB823559$\spuninst\spuninst.exe
Windows XP Hotfix - KB823980-->C:\WINDOWS\$NtUninstallKB823980$\spuninst\spuninst.exe
Windows XP Hotfix - KB824105-->C:\WINDOWS\$NtUninstallKB824105$\spuninst\spuninst.exe
Windows XP Hotfix - KB824141-->C:\WINDOWS\$NtUninstallKB824141$\spuninst\spuninst.exe
Windows XP Hotfix - KB824146-->C:\WINDOWS\$NtUninstallKB824146$\spuninst\spuninst.exe
Windows XP Hotfix - KB825119-->C:\WINDOWS\$NtUninstallKB825119$\spuninst\spuninst.exe
Windows XP Hotfix - KB826942-->C:\WINDOWS\$NtUninstallKB826942$\spuninst\spuninst.exe
Windows XP Hotfix - KB828028-->C:\WINDOWS\$NtUninstallKB828028$\spuninst\spuninst.exe
Windows XP Hotfix - KB828035-->C:\WINDOWS\$NtUninstallKB828035$\spuninst\spuninst.exe
Windows XP Hotfix - KB828741-->C:\WINDOWS\$NtUninstallKB828741$\spuninst\spuninst.exe
Windows XP Hotfix - KB833407-->C:\WINDOWS\$NtUninstallKB833407$\spuninst\spuninst.exe
Windows XP Hotfix - KB833987-->C:\WINDOWS\$NtUninstallKB833987$\spuninst\spuninst.exe
Windows XP Hotfix - KB834707-->C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
Windows XP Hotfix - KB834707-->C:\WINDOWS\$NtUninstallKB834707-IE6SP1-20040929.091901$\spuninst\spuninst.exe
Windows XP Hotfix - KB835732-->C:\WINDOWS\$NtUninstallKB835732$\spuninst\spuninst.exe
Windows XP Hotfix - KB837001-->C:\WINDOWS\$NtUninstallKB837001$\spuninst\spuninst.exe
Windows XP Hotfix - KB839643-->C:\WINDOWS\$NtUninstallKB839643$\spuninst\spuninst.exe
Windows XP Hotfix - KB839645-->C:\WINDOWS\$NtUninstallKB839645$\spuninst\spuninst.exe
Windows XP Hotfix - KB840315-->C:\WINDOWS\$NtUninstallKB840315$\spuninst\spuninst.exe
Windows XP Hotfix - KB840374-->C:\WINDOWS\$NtUninstallKB840374$\spuninst\spuninst.exe
Windows XP Hotfix - KB840987-->C:\WINDOWS\$NtUninstallKB840987$\spuninst\spuninst.exe
Windows XP Hotfix - KB841356-->C:\WINDOWS\$NtUninstallKB841356$\spuninst\spuninst.exe
Windows XP Hotfix - KB841533-->C:\WINDOWS\$NtUninstallKB841533$\spuninst\spuninst.exe
Windows XP Hotfix - KB841873-->C:\WINDOWS\$NtUninstallKB841873$\spuninst\spuninst.exe
Windows XP Hotfix - KB842773-->C:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe
Windows XP Hotfix - KB867282-->C:\WINDOWS\$NtUninstallKB867282-IE6SP1-20050127.163319$\spuninst\spuninst.exe
Windows XP Hotfix - KB871250-->C:\WINDOWS\$NtUninstallKB871250$\spuninst\spuninst.exe
Windows XP Hotfix - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB873376-->C:\WINDOWS\$NtUninstallKB873376$\spuninst\spuninst.exe
Windows XP Hotfix - KB883357-->C:\WINDOWS\$NtUninstallKB883357$\spuninst\spuninst.exe
Windows XP Hotfix - KB883939--> "C:\WINDOWS\$NtUninstallKB883939-IE6SP1-20050428.125228$\spuninst\spuninst.exe "
Windows XP Hotfix - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Windows XP Hotfix - KB885523-->C:\WINDOWS\$NtUninstallKB885523$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472--> "C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe "
Windows XP Hotfix - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB889293-->C:\WINDOWS\$NtUninstallKB889293-IE6SP1-20041111.235619$\spuninst\spuninst.exe
Windows XP Hotfix - KB890047-->C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
Windows XP Hotfix - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859--> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe "
Windows XP Hotfix - KB890923--> "C:\WINDOWS\$NtUninstallKB890923-IE6SP1-20050225.103456$\spuninst\spuninst.exe "
Windows XP Hotfix - KB891711-->C:\WINDOWS\$NtUninstallKB891711$\spuninst\spuninst.exe
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP Hotfix - KB893066--> "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe "
Windows XP Hotfix - KB893086--> "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe "
Windows XP Hotfix - KB896688--> "C:\WINDOWS\$NtUninstallKB896688-IE6SP1-20051004.130236$\spuninst\spuninst.exe "
Windows XP Hotfix - KB896727--> "C:\WINDOWS\$NtUninstallKB896727-IE6SP1-20050719.165959$\spuninst\spuninst.exe "
Windows XP Hotfix - KB897715--> "C:\WINDOWS\$NtUninstallKB897715-OE6SP1-20050503.210336$\spuninst\spuninst.exe "
Windows XP Hotfix - KB905915--> "C:\WINDOWS\$NtUninstallKB905915-IE6SP1-20051122.175908$\spuninst\spuninst.exe "
Windows XP Hotfix - KB911567--> "C:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$\spuninst\spuninst.exe "
Windows XP Hotfix - KB912812--> "C:\WINDOWS\$NtUninstallKB912812-IE6SP1-20060322.182418$\spuninst\spuninst.exe "
Windows XP Hotfix - KB916281--> "C:\WINDOWS\$NtUninstallKB916281-IE6SP1-20060526.162249$\spuninst\spuninst.exe "
Windows XP Hotfix - KB918439--> "C:\WINDOWS\$NtUninstallKB918439-IE6SP1-20060530.145346$\spuninst\spuninst.exe "
Windows XP Hotfix - KB918899--> "C:\WINDOWS\$NtUninstallKB918899-IE6SP1-20060725.123917$\spuninst\spuninst.exe "
Windows XP Hotfix - KB925486--> "C:\WINDOWS\$NtUninstallKB925486-IE6SP1-20060918.120000$\spuninst\spuninst.exe "
Windows XP Hotfix (SP2) [See Q329834 for more information]-->C:\WINDOWS\$NtUninstallQ329834$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q322011-->C:\WINDOWS\$NtUninstallQ322011$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q328310-->C:\WINDOWS\$NtUninstallQ328310$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q329170-->C:\WINDOWS\$NtUninstallQ329170$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q329441-->C:\WINDOWS\$NtUninstallQ329441$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q331953-->C:\WINDOWS\$NtUninstallQ331953$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q810565-->C:\WINDOWS\$NtUninstallQ810565$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q810577-->C:\WINDOWS\$NtUninstallQ810577$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q810833-->C:\WINDOWS\$NtUninstallQ810833$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q811493-->C:\WINDOWS\$NtUninstallQ811493$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q814033-->C:\WINDOWS\$NtUninstallQ814033$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q814995-->C:\WINDOWS\$NtUninstallQ814995$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q815021-->C:\WINDOWS\$NtUninstallQ815021$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q817606-->C:\WINDOWS\$NtUninstallQ817606$\spuninst\spuninst.exe
Windows XP Hotfix (SP2) Q819696-->C:\WINDOWS\$NtUninstallQ819696$\spuninst\spuninst.exe
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip--> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
WordPerfect Office 2002-->C:\WINDOWS\Corel\uninst32.exe
WordPerfect Office 2002-->C:\WINDOWS\Corel\Uninst32.exe
YahELite 319-->C:\PROGRA~1\YahELite\Setup.exe /remove
Yahoo Lag Killer-->C:\WINDOWS\IsUninst.exe -f "C:\Program Files\Yahoo Lag Killer\Uninst.isu "
Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Photos Easy Upload Tool 1v6-->C:\WINDOWS\System32\regsvr32 /u /s "C:\WINDOWS\Downloaded Program Files\YDropper.dll "
Yazak Chat 8.84.13-->C:\PROGRA~1\ZAKFRO~1\YAZAKC~1\Setup.exe /remove

Hosts File

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

Environment variables

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir "=%SystemRoot%
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 2 Stepping 4, GenuineIntel
"PROCESSOR_REVISION "=0204
"NUMBER_OF_PROCESSORS "=1
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"CLASSPATH "=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
"QTJAVA "=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
"SAFEBOOT_OPTION "=NETWORK

-----------------EOF-----------------

Hope this will post in ONE reply

 

Download ComboFix by sUBs from here, saving the file to your desktop.


Please disable realtime protection applications as they sometimes interfere with the tool. Check this link for your applicable programs.

• Close all open programs and windows
• Double click combofix.exe and follow the prompts.
• It may reboot your computer and resume running when you logon. Wait for it to complete. When finished, it will open a log for you. Post that log and a new HijackThis log in your next reply.

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

 

Here is the log from the ComboFix:

ComboFix 08-09-01.01 - Karen 2008-09-01 20:21:06.2 - NTFSx86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.110 [GMT -7:00]
Running from: C:\Documents and Settings\Karen\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\154b59b5.sys
.
---- Previous Run -------
.
C:\DOCUME~1\Karen\LOCALS~1\Temp\tmp1.tmp
C:\DOCUME~1\Karen\LOCALS~1\Temp\tmp2.tmp
C:\Documents and Settings\Karen\Application Data\FunWebProducts
C:\Documents and Settings\Karen\Application Data\FunWebProducts\Data\Karen\wffavs.dat
C:\Documents and Settings\Karen\Application Data\macromedia\Flash Player\#SharedObjects\4G3N2AHN\bin.clearspring.com
C:\Documents and Settings\Karen\Application Data\macromedia\Flash Player\#SharedObjects\4G3N2AHN\bin.clearspring.com\clearspring.sol
C:\Documents and Settings\Karen\Application Data\macromedia\Flash Player\#SharedObjects\4G3N2AHN\interclick.com
C:\Documents and Settings\Karen\Application Data\macromedia\Flash Player\#SharedObjects\4G3N2AHN\interclick.com\ud.sol
C:\Documents and Settings\Karen\Application Data\macromedia\Flash Player\#SharedObjects\4G3N2AHN\www.broadcaster.com
C:\Documents and Settings\Karen\Application Data\macromedia\Flash Player\#SharedObjects\4G3N2AHN\www.broadcaster.com\played_list.sol
C:\Documents and Settings\Karen\Application Data\macromedia\Flash Player\#SharedObjects\4G3N2AHN\www.broadcaster.com\video_queue.sol
C:\Documents and Settings\Karen\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com
C:\Documents and Settings\Karen\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com\settings.sol
C:\Documents and Settings\Karen\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Documents and Settings\Karen\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\Documents and Settings\Karen\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\Karen\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[1].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[10].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[11].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[12].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[13].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[14].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[15].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[16].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[17].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[18].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[19].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[2].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[20].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[21].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[22].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[23].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[24].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[25].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[26].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[27].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[28].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[29].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[30].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[31].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[32].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[33].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[34].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[38].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[39].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[4].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[40].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[41].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[42].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[43].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[5].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[50].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[51].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[52].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[53].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[54].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[59].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[6].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[60].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[7].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[8].txt
C:\Documents and Settings\Karen\Cookies\karen@ad.yieldmanager[9].txt
C:\Documents and Settings\Karen\Cookies\karen@adsfac[1].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[10].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[12].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[13].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[14].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[15].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[16].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[17].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[18].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[19].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[20].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[4].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[5].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[6].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[7].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[8].txt
C:\Documents and Settings\Karen\Cookies\karen@advertising[9].txt
C:\Documents and Settings\Karen\Cookies\karen@atd.agencytradingdesk[2].txt
C:\Documents and Settings\Karen\Cookies\karen@ds.contextweb[4].txt
C:\Documents and Settings\Karen\Cookies\karen@ds.contextweb[5].txt
C:\Documents and Settings\Karen\Cookies\karen@ds.contextweb[6].txt
C:\Documents and Settings\Karen\Cookies\karen@insightexpressai[2].txt
C:\Documents and Settings\Karen\Cookies\karen@insightexpressai[3].txt
C:\Documents and Settings\Karen\Cookies\karen@myspace[3].txt
C:\Documents and Settings\Karen\Cookies\karen@myspace[4].txt
C:\Documents and Settings\Karen\Cookies\karen@myspace[5].txt
C:\Documents and Settings\Karen\Cookies\karen@myspace[6].txt
C:\Documents and Settings\Karen\Cookies\karen@myspace[7].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[12].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[13].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[14].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[15].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[16].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[17].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[18].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[19].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[20].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[21].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[22].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[23].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[24].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[25].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[26].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[27].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[28].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[29].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[30].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[31].txt
C:\Documents and Settings\Karen\Cookies\karen@partner2profit[9].txt
C:\Documents and Settings\Karen\Cookies\karen@serving-sys[1].txt
C:\Documents and Settings\Karen\Cookies\karen@serving-sys[10].txt
C:\Documents and Settings\Karen\Cookies\karen@serving-sys[2].txt
C:\Documents and Settings\Karen\Cookies\karen@serving-sys[4].txt
C:\Documents and Settings\Karen\Cookies\karen@serving-sys[5].txt
C:\Documents and Settings\Karen\Cookies\karen@serving-sys[6].txt
C:\Documents and Settings\Karen\Cookies\karen@serving-sys[7].txt
C:\Documents and Settings\Karen\Cookies\karen@serving-sys[8].txt
C:\Documents and Settings\Karen\Cookies\karen@serving-sys[9].txt
C:\Documents and Settings\Karen\Cookies\karen@specificclick[1].txt
C:\Documents and Settings\Karen\Cookies\karen@specificclick[3].txt
C:\Documents and Settings\Karen\Cookies\karen@specificclick[4].txt
C:\Documents and Settings\Karen\Cookies\karen@specificclick[5].txt
C:\Documents and Settings\Karen\Cookies\karen@specificclick[8].txt
C:\Documents and Settings\Karen\Cookies\karen@specificclick[9].txt
C:\Documents and Settings\Karen\Cookies\karen@ths.news.com[2].txt
C:\Documents and Settings\Karen\Local Settings\Temporary Internet Files\java.htm
C:\Documents and Settings\Karen\new.txt
C:\Documents and Settings\LocalService\Application Data\1588044899.exe
C:\Documents and Settings\LocalService\Application Data\665755322.exe
C:\install\install.exe
C:\Program Files\Common Files\WinSoftware
C:\Program Files\Common Files\WinSoftware\CrXML.dll
C:\Program Files\FunWebProducts
C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL
C:\Program Files\FunWebProducts\Installr\Cache\004AD48E
C:\Program Files\FunWebProducts\Installr\Cache\004B04F4
C:\Program Files\FunWebProducts\Installr\Cache\004B0BDA
C:\Program Files\FunWebProducts\Installr\Cache\004B1197
C:\Program Files\FunWebProducts\Installr\Cache\004B1B8A
C:\Program Files\FunWebProducts\Installr\Cache\files.ini
C:\Program Files\FunWebProducts\Installr\f3Setup1.exe
C:\Program Files\FunWebProducts\PopSwatr\History\allowed
C:\Program Files\FunWebProducts\PopSwatr\History\notallow
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MySignatureInsertBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MySignaturePreviewBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
C:\Program Files\MyWebSearch
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
C:\Program Files\MyWebSearch\bar\2.bin\F3HTMLMU.DLL
C:\Program Files\MyWebSearch\bar\2.bin\F3POPSWT.DLL
C:\Program Files\MyWebSearch\bar\2.bin\F3SLOT.DLL
C:\Program Files\MyWebSearch\bar\2.bin\F3SLOT.ICO
C:\Program Files\MyWebSearch\bar\2.bin\M3OUTLCN.DLL
C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE_tobedeleted
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL_tobedeleted
C:\Program Files\MyWebSearch\bar\2.bin\UNF3SLOT.INF
C:\Program Files\MyWebSearch\bar\2.bin\UNINSTALL.INF
C:\Program Files\MyWebSearch\bar\Cache\00026373
C:\Program Files\MyWebSearch\bar\Cache\00054CA0.bmp
C:\Program Files\MyWebSearch\bar\Cache\000993B8.bin
C:\Program Files\MyWebSearch\bar\Cache\0009980E.bin
C:\Program Files\MyWebSearch\bar\Cache\00099ABD.bin
C:\Program Files\MyWebSearch\bar\Cache\00099DAB.bin
C:\Program Files\MyWebSearch\bar\Cache\0009A404.bin
C:\Program Files\MyWebSearch\bar\Cache\0009AB09.bin
C:\Program Files\MyWebSearch\bar\Cache\000BF76A.bin
C:\Program Files\MyWebSearch\bar\Cache\000C1B4D.bin
C:\Program Files\MyWebSearch\bar\Cache\000C4309.bin
C:\Program Files\MyWebSearch\bar\Cache\000C6C0D.bin
C:\Program Files\MyWebSearch\bar\Cache\0021370D
C:\Program Files\MyWebSearch\bar\Cache\002C2C88.bin
C:\Program Files\MyWebSearch\bar\Cache\00305634.bin
C:\Program Files\MyWebSearch\bar\Cache\005628B3
C:\Program Files\MyWebSearch\bar\Cache\0103CE02.bin
C:\Program Files\MyWebSearch\bar\Cache\0140D1B3.bmp
C:\Program Files\MyWebSearch\bar\Cache\0140D879.bmp
C:\Program Files\MyWebSearch\bar\Cache\0140E24D.bmp
C:\Program Files\MyWebSearch\bar\Cache\0140EA6B.bmp
C:\Program Files\MyWebSearch\bar\Cache\0140F0B4.bmp
C:\Program Files\MyWebSearch\bar\Cache\0140F671.bmp
C:\Program Files\MyWebSearch\bar\Cache\0140FB53.bmp
C:\Program Files\MyWebSearch\bar\Cache\014105E2.bmp
C:\Program Files\MyWebSearch\bar\Cache\01410A28.bmp
C:\Program Files\MyWebSearch\bar\Cache\01410EFA.bmp
C:\Program Files\MyWebSearch\bar\Cache\01F4665B
C:\Program Files\MyWebSearch\bar\Cache\files.ini
C:\Program Files\MyWebSearch\bar\History\search
C:\Program Files\MyWebSearch\bar\History\search2
C:\Program Files\MyWebSearch\bar\Settings\prevcfg.htm
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm.bak
C:\Program Files\MyWebSearch\bar\Settings\settings.dat
C:\Program Files\MyWebSearch\bar\Settings\settings.dat.bak
C:\Program Files\MyWebSearch\bar\Settings\settings.htm
C:\Program Files\MyWebSearch\bar\Settings\settings.htm.bak
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
C:\Program Files\MyWebSearch\SrchAstt\2.bin\UNINSTAL.INF
C:\Program Files\MyWebSearch\SrchAstt\Cache\003F5C94
C:\Program Files\MyWebSearch\SrchAstt\Cache\00584E81
C:\Program Files\MyWebSearch\SrchAstt\Cache\files.ini
C:\Program Files\Screensavers.com
C:\Program Files\screensavers.com\Installer\bin\ScreensaversInst.dll
C:\Program Files\screensavers.com\Installer\bin\siuninst.exe
C:\Program Files\screensavers.com\Wallpaper\swpstart.exe
C:\WINDOWS\NDNuninstall6_38.exe
C:\WINDOWS\system32\drivers\fad.sys

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CBEVTSVC
-------\Service_CbEvtSvc
-------\Service_154b59b5


((((((((((((((((((((((((( Files Created from 2008-08-02 to 2008-09-02 )))))))))))))))))))))))))))))))
.

2067-02-24 15:21 . 2003-02-05 04:02 79,947 --a--c--- C:\WINDOWS\fw20.vxd
2008-08-31 21:47 . 2008-08-31 23:00 <DIR> d-------- C:\rsit
2008-08-30 00:02 . 2008-08-30 00:02 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-29 23:18 . 2003-04-22 22:48 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-08-29 23:18 . 2005-05-23 22:14 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Gtek
2008-08-29 23:18 . 2008-08-29 23:18 <DIR> d-------- C:\Documents and Settings\Administrator
2008-08-29 21:21 . 2008-08-29 21:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-27 01:36 . 2007-06-12 01:12 99,855 --a------ C:\WINDOWS\b122.exe._eac_qt_
2008-08-21 17:40 . 2008-08-21 17:40 1,152 --a------ C:\WINDOWS\SYSTEM32\windrv.sys
2008-08-20 18:46 . 2008-08-20 22:09 <DIR> d-------- C:\Program Files\Incomplete
2008-08-20 18:44 . 2008-08-20 22:13 <DIR> d-------- C:\Documents and Settings\Karen\Application Data\FrostWire
2008-08-20 18:37 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\SYSTEM32\javacpl.cpl
2008-08-20 18:28 . 2008-08-20 22:19 <DIR> d-------- C:\Program Files\FrostWire
2008-08-11 17:21 . 2008-08-29 23:40 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-11 17:20 . 2008-08-11 17:20 <DIR> d-------- C:\Program Files\Oberon Media
2008-08-04 08:23 . 2008-08-04 11:54 0 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\b11f2c43.sys
2008-08-03 19:51 . 2008-08-07 20:54 0 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\946b15ad.sys
2008-08-03 17:07 . 2008-08-03 20:09 94,208 --a------ C:\WINDOWS\SYSTEM32\b.tmp._eac_qt_
2008-08-03 17:07 . 2008-08-03 21:23 94,208 --a------ C:\WINDOWS\SYSTEM32\16.tmp._eac_qt_
2008-08-03 17:03 . 2008-08-06 09:42 0 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\597153f.sys
2008-08-03 16:57 . 2008-08-03 16:56 74,752 --a------ C:\WINDOWS\SYSTEM32\cbevtsvc.exe._eac_qt_
2008-08-03 16:56 . 2008-08-03 17:02 74,752 --a------ C:\WINDOWS\SYSTEM32\~.exe._eac_qt_

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-30 08:03 --------- d-----w C:\Program Files\Paint Shop Pro 5
2008-08-28 00:41 --------- d-----w C:\Program Files\Thegrideon Software
2008-08-27 08:59 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-27 08:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-27 08:03 --------- d-----w C:\Program Files\Acceleration Software
2008-08-27 08:00 --------- d-----w C:\Program Files\Common Files\eAcceleration
2008-08-27 05:42 --------- d-----w C:\Program Files\Y!Hook
2008-08-21 23:23 --------- d-----w C:\Program Files\Java
2008-08-09 00:33 374 ----a-w C:\Documents and Settings\Karen\Application Data\internaldb6334.dat
2008-08-07 04:37 --------- d-----w C:\Program Files\Google
2008-08-05 00:12 431,104 -c--a-w C:\WINDOWS\KATESU~1.SCR
2008-07-26 13:07 555 ----a-w C:\Documents and Settings\Karen\Application Data\internaldb8467.dat
2008-07-26 13:07 18,432 ----a-w C:\Documents and Settings\Karen\Application Data\internaldb41.dat
2008-07-11 06:52 --------- d-----w C:\Program Files\YahELite
2008-07-04 00:08 --------- d-----w C:\Program Files\eAcceleration
2007-01-09 00:12 24,576 ----a-w C:\Documents and Settings\.viv\1168301542718playershim1186.dll
2005-07-15 17:47 628 -c--a-w C:\Documents and Settings\Karen\293322.bin
2005-07-11 21:39 96 -c--a-w C:\Documents and Settings\Karen\31242705.dat
2004-02-19 00:21 208,927 -c--a-w C:\Program Files\INSTALL.LOG
.

------- Sigcheck -------

2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\svchost.exe
md5deep: C:\WINDOWS\SYSTEM32\svchost.exe: error at offset 0: Permission denied

2002-08-29 03:00 516608 2246d8d8f4714a2cedb21ab9b1849abb C:\WINDOWS\$NtUninstallKB840987$\winlogon.exe
2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\winlogon.exe
md5deep: C:\WINDOWS\SYSTEM32\winlogon.exe: error at offset 0: Permission denied

md5deep: C:\WINDOWS\explorer.exe: error at offset 0: Permission denied
2002-08-29 03:00 1004032 a82b28bfc2e4455fe43022a498c0ef0a C:\WINDOWS\$NtUninstallKB820291$\explorer.exe
2003-05-11 21:12 996352 a73bc66a95cf4f7b597fc8975778a889 C:\WINDOWS\Driver Cache\I386\explorer.exe
2004-08-04 00:56 1032192 a0732187050030ae399b241436565e64 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\explorer.exe

2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\services.exe
md5deep: C:\WINDOWS\SYSTEM32\services.exe: error at offset 0: Permission denied

2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\lsass.exe
md5deep: C:\WINDOWS\SYSTEM32\lsass.exe: error at offset 0: Permission denied

2005-06-10 16:53 57856 da81ec57acd4cdc3d4c51cf3d409af9f C:\WINDOWS\$hf_mig$\KB896423\SP2GDR\spoolsv.exe
2005-06-10 17:17 57856 ad3d9d191aea7b5445fe1d82ffbb4788 C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
2002-08-29 03:00 51200 9b4155ba58192d4073082b8fc5d42612 C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe
2004-08-04 00:56 57856 7435b108b935e42ea92ca94f59c8e717 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\spoolsv.exe
md5deep: C:\WINDOWS\SYSTEM32\spoolsv.exe: error at offset 0: Permission denied
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM "= "\Program\" [X]
"swg "= "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-21 20:20 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechGalleryRepair "= "C:\Program Files\Logitech\ImageStudio\ISStart.exe" [2002-12-10 18:32 155648]
"LogitechImageStudioTray "= "C:\Program Files\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 18:31 61440]
"IPInSightLAN 01 "= "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" [2003-06-11 02:52 380928]
"NeroFilterCheck "= "C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 03:50 155648]
"InCD "= "C:\Program Files\Ahead\InCD\InCD.exe" [2006-03-23 18:06 1398272]
"SoftwareStation "= "C:\Program Files\eAcceleration\Station\station.exe" [2008-04-15 16:30 173392]
"StopSignSsTsMon "= "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll" [2008-04-21 10:20 152976]
"webscan "= "C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" [2008-06-12 10:11 767328]
"Adobe Photo Downloader "= "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09 63712]
"QuickTime Task "= "C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24 286720]
"iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18 270648]
"StopSignSsSsMon "= "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll" [2008-04-21 10:20 140696]
"Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"StopSignSsFwMon "= "C:\Program Files\eAcceleration\Firewall\ssfwmon.dll" [2008-03-05 13:41 222544]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"vclnrun "= "C:\PROGRA~1\ACCELE~1\ANTI-V~1\vclnrun.exe" [2008-08-07 12:59 120144]
"StopSignSsTsMon "= "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll" [2008-04-21 10:20 152976]
"StopSignSsSsMon "= "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll" [2008-04-21 10:20 140696]
"StopSignSsFwMon "= "C:\Program Files\eAcceleration\Firewall\ssfwmon.dll" [2008-03-05 13:41 222544]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr "= "C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2005-02-12 21:16:24 450560]
SBC Self Support Tool.lnk - C:\Program Files\SBC Self Support Tool\bin\matcli.exe [2004-11-30 15:13:42 217088]
Yahoo Lag Killer.lnk - C:\Program Files\Yahoo Lag Killer\YahooLagKiller.exe [2006-08-06 04:32:00 221184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"BHkLCsbLsakY "= {F464DE03-5ECE-74A9-353C-2476C3C871D3} - C:\WINDOWS\System32\eub.dll [2006-07-05 03:46 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit "= "C:\\WINDOWS\\System32\\Userinit.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.mxmc "= MimicICM.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 8.0 Tray Icon.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 8.0 Tray Icon.lnk
backup=C:\WINDOWS\pss\America Online 8.0 Tray Icon.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Find Fast.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Find Fast.lnk
backup=C:\WINDOWS\pss\Microsoft Find Fast.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MyWebSearch Email Plugin.lnk
backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Office Startup.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk
backup=C:\WINDOWS\pss\Office Startup.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Karen^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
path=C:\Documents and Settings\Karen\Start Menu\Programs\Startup\MyWebSearch Email Plugin.lnk
backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
\Program\ [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
--a------ 2004-07-19 08:51 306688 C:\Program Files\Dell Support\DSAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPInSightMonitor 01]
--a------ 2003-06-11 02:52 122880 C:\Program Files\Visual Networks\Visual IP InSight\SBC\ipmon32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-07-10 09:18 270648 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
--a------ 2002-12-10 17:54 127022 C:\Program Files\Common Files\Logitech\QCDriver3\LVComS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
--a------ 2006-11-07 16:41 8192 C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2003-12-10 05:52 380928 C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QAGENT]
--a--c--- 2001-08-01 10:30 94208 C:\Program Files\QUICKENW\qagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 06:24 286720 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
--a------ 2006-07-01 15:19 26112 C:\Program Files\Real\RealPlayer\realplay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCMSMMSG]
--a------ 2003-08-29 04:59 122880 C:\WINDOWS\BCMSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe "=

R0 fwcore;Fwcore Filter;C:\WINDOWS\System32\drivers\fwcore.sys [2008-04-23 13:25]
R2 mrtRate;mrtRate;C:\WINDOWS\System32\drivers\mrtRate.sys [2001-02-28 08:42]
S1 52788a39;52788a39;C:\WINDOWS\System32\drivers\52788a39.sys []
S1 597153f;597153f;C:\WINDOWS\System32\drivers\597153f.sys [2008-08-06 09:42]
S1 946b15ad;946b15ad;C:\WINDOWS\System32\drivers\946b15ad.sys [2008-08-07 20:54]
S1 94f4ff55;94f4ff55;C:\WINDOWS\System32\drivers\94f4ff55.sys []
S1 b11f2c43;b11f2c43;C:\WINDOWS\System32\drivers\b11f2c43.sys [2008-08-04 11:54]
S2 eac_notifysvc;eAcceleration Notification Service;C:\Program Files\eAcceleration\Framework\eac_svc.exe [2008-03-24 16:46]
S2 eac_productsvc;eAcceleration Product Manager Service;C:\Program Files\eAcceleration\Framework\eac_productsvc.exe [2008-03-24 16:46]
S2 FWService;FWService;C:\Program Files\eAcceleration\Firewall\FWService.exe [2008-04-23 13:25]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;C:\WINDOWS\System32\drivers\screamingbdriver.sys []
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Ultimate Popup Killer - C:\Program Files\Ultimate Popup Killer\Popupkiller.exe
HKCU-Run-WebCamRT.exe - (no file)
HKCU-Run-EleFunAnimatedWallpaper - (no file)
HKLM-Run-SNM - C:\Program Files\SpyNoMore\SNM.exe
HKLM-Run-WINSTA~1.EXE - C:\WINDOWS\System\WINSTA~1.EXE
MSConfigStartUp-MyWebSearch Email Plugin - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
MSConfigStartUp-SunJavaUpdateSched - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
MSConfigStartUp-SweetIM - C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
MSConfigStartUp-swg - C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Karen\Application Data\Mozilla\Firefox\Profiles\eall0stg.default\
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-01 20:29:47
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Ahead\InCD\incdsrv.exe
C:\WINDOWS\SYSTEM32\LEXBCES.EXE
C:\WINDOWS\SYSTEM32\LEXPPS.EXE
C:\WINDOWS\SYSTEM32\ScsiAccess.EXE
C:\WINDOWS\SYSTEM32\wdfmgr.exe
C:\WINDOWS\SYSTEM32\fxssvc.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-09-01 20:45:41 - machine was rebooted [Karen]
ComboFix-quarantined-files.txt 2008-09-02 03:45:31

Pre-Run: 40,389,799,936 bytes free
Post-Run: 40,359,055,360 bytes free

451 --- E O F --- 2008-07-23 06:11:23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ON THE NEXT POST I WILL POST THE LOG FROM THE HIJACKTHIS LOG, AS IT IS TOO BIG TO POST ALL OF BOTH OF THEM HERE. THX.

 

Noahdfear,
I forgot to mention this on my last post. When I ran both the ComboFix and the HiJackThis, I had to run them both in SAFE MODE because I kept getting that blue screen that would freeze my computer (thought u might need to know that). And also, I tried to disable my Logitech Desk Manager but from scanning over the "logs" it doesn't look like I did it correctly. If there's anything more that I need to do please let me know, thx.

HiJackThis Log (from a few mins ago) below:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:22:40 PM, on 9/1/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: (no name) - {B753C7C5-0942-4b7f-BC27-942B52BDAC66} - C:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn5\yt.dll
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SoftwareStation] "C:\Program Files\eAcceleration\Station\station.exe" /b Startup
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll ",VerifyStatus
O4 - HKLM\..\Run: [webscan] "C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll ",VerifyStatus
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [StopSignSsFwMon] Rundll32.exe "C:\Program Files\eAcceleration\Firewall\ssfwmon.dll ",VerifyStatus
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
O4 - HKLM\..\RunOnce: [vclnrun] C:\PROGRA~1\ACCELE~1\ANTI-V~1\vclnrun.exe /clean
O4 - HKLM\..\RunOnce: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll ",VerifyStatus /ro
O4 - HKLM\..\RunOnce: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll ",VerifyStatus /ro
O4 - HKLM\..\RunOnce: [StopSignSsFwMon] Rundll32.exe "C:\Program Files\eAcceleration\Firewall\ssfwmon.dll ",VerifyStatus /ro
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: Yahoo Lag Killer.lnk = C:\Program Files\Yahoo Lag Killer\YahooLagKiller.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} - C:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O9 - Extra 'Tools' menuitem: Block This Page - {24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} - C:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {9239E4EC-C9A6-11D2-A844-00C04F68D538} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Netscape\Communicator\Program\AIM\aim.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at1_x.cab
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5445BE81-B796-11D2-B931-002018654E2E} (MeadCo Security Manager) - http://wcs00180.egain.net/wcsapp/weblib/Javascript/messaging/ie/SecMgr.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://mirror.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1128733974140
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} (WONWebLauncher Class) - http://www.flipside.com/cab/WONWebLauncherControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6us.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} (LycosMail Upload Control) - http://mail.lycos.com/hanmail-ax/AttachMail.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4861/mcfscan.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_2_3_0.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www5.incredimail.com/contents/setup/downloader_sp1/imloader.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O18 - Protocol: bw+0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {DB0F582A-7611-4AA1-B6CF-5AE9BBBDC854} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: BHkLCsbLsakY - {F464DE03-5ECE-74A9-353C-2476C3C871D3} - C:\WINDOWS\System32\eub.dll
O23 - Service: eAcceleration Notification Service (eac_notifysvc) - eAcceleration Corp - C:\Program Files\eAcceleration\Framework\eac_svc.exe
O23 - Service: eAcceleration Product Manager Service (eac_productsvc) - eAcceleration Corp - C:\Program Files\eAcceleration\Framework\eac_productsvc.exe
O23 - Service: FWService - eAcceleration Corp - C:\Program Files\eAcceleration\Firewall\FWService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O24 - Desktop Component 0: (no name) - http://www.d-web.com/karen-224/aj2.jpg

--
End of file - 24952 bytes

 

The Logitech Desktop Messenger software would actually have to be uninstalled in the Control Panel>Add/Remove programs list. It's not a big deal.

We need to get an online scan done before we proceed. It will take quite a while, and I need sleep, so I'll check it tomorrow evening.

Please do an online scan with Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.

• Click Run at the Security prompt.
• The program will then begin downloading and installing and will also update the database.
• Please be patient as this can take several minutes.
• Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
• Click View scan report at the bottom.
• Click the Save Report As... button.
• Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

**Note**

To optimize scanning time and produce a more sensible report for review:

• Close any open programs.
• Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.


Post the Kaspersky log here.

 

Ok, I've scanned my computer THREE TIMES now with that Kaspersky Scanner, and each time it's done, when I get to this part of ur instructions:

Click View scan report at the bottom.
Click the Save Report As... button.
Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.


I click on the Save Report as button and it "fades ", but nothing else happens, NOTHING -- it just sits there and there is no report, no way to save it. I don't get it.

Any advice would be appreciated, thx.

 

Well, I've had numerous similar reports, but I know of no workaround/fix. Excluding anything found in C:\qoobox, C:\System Volume Information, or your antivirus quarantine, what is being reported as infected, if anything?

 

Hi noahdfear,
I FINALLY got a report from that Kasperkey program.

I've posted the results below.

Thx for your help

My Virus Scanner is reporting the following:

Trojan.Starter.384: Virus
c:\windows\system32\lsass.exe is Infected.
c:\windows\system32\services.exe is Infected.
c:\windows\system32\svchost.exe is Infected.
c:\windows\explorer.exe is Infected.

The company I bought the virus scanner STILL doesn't have a clue how to fix it and it's been over a month now, so I hope this helps.

 

Kasperkey Scan FINALLY!!!

Hi Noahdfear,
I FINALLY got the Kasperkey Scan to work properly.....I have no idea how or why, but it just worked this time. Maybe it was because I haven't been on my computer for a few days LOL Results below:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Saturday, September 6, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Saturday, September 06, 2008 23:53:33
Records in database: 1199145
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\

Scan statistics:
Files scanned: 108898
Threat name: 46
Infected objects: 100
Suspicious objects: 0
Duration of the scan: 04:43:36


File name / Threat name / Threats count
C:\Documents and Settings\Karen\Desktop\ATT_SST_Installer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.b 2
C:\Documents and Settings\Karen\Desktop\Desktop Folders\PUTER PROTECTION\All Y-Fame Versions\YFame6\Y-Famev6.zip Infected: IM-Flooder.Win32.VB.di 1
C:\Documents and Settings\Karen\Desktop\Desktop Folders\PUTER PROTECTION\BOOT ****\+++ VENOM BOMBER +++.zip Infected: HackTool.Win32.VB.xc 1
C:\Documents and Settings\Karen\Desktop\Desktop Folders\PUTER PROTECTION\BOOT ****\B O T S by ALL\Y-Famev6.zip Infected: IM-Flooder.Win32.VB.di 1
C:\Documents and Settings\Karen\Desktop\Desktop Folders\PUTER PROTECTION\BOOT ****\B O T S by ALL\yfame7bylucif3r.zip Infected: IM-Flooder.Win32.YFame.a 1
C:\Documents and Settings\Karen\Desktop\Desktop Folders\PUTER PROTECTION\BOOT ****\Mortification Creation 3.0.zip Infected: HackTool.Win32.Agent.au 1
C:\Documents and Settings\Karen\Desktop\Desktop Folders\PUTER PROTECTION\BOOT ****\Y-Fame6\Y-Fame v6\Y-Fame v6.exe Infected: IM-Flooder.Win32.VB.di 1
C:\Documents and Settings\Karen\Desktop\Desktop Folders\PUTER PROTECTION\BOOT ****\Y-Fame6\Y-Famev6.zip Infected: IM-Flooder.Win32.VB.di 1
C:\Documents and Settings\Karen\Desktop\STB11.25\STB-07.exe Infected: HackTool.Win32.VB.vm 1
C:\Documents and Settings\Karen\Desktop\STB11.25\STB11.25.zip Infected: HackTool.Win32.VB.vm 1
C:\Documents and Settings\Karen\Local Settings\Application Data\Identities\{EE8D03D0-ADD5-4C4C-854F-D92500D50344}\Microsoft\Outlook Express\Inbox.dbx Infected: Trojan-Spy.HTML.Bayfraud.ib 14
C:\Documents and Settings\Karen\My Documents\My Received Files\black booting 2.zip Infected: Flooder.Win32.VB.ci 1
C:\Documents and Settings\Karen\My Documents\My Received Files\GMC--ChatClientBooterv.2.zip Infected: IM-Flooder.Win32.VB.el 1
C:\Documents and Settings\Karen\My Documents\My Received Files\Y account.zip Infected: HackTool.Win32.YBotReg.f 1
C:\Documents and Settings\Karen\My Documents\My Received Files\Y account.zip Infected: HackTool.Win32.YBotReg.g 1
C:\Documents and Settings\LocalService\Application Data\584289103.exe._eac_qt_ Infected: Trojan-Downloader.Win32.Small.aacs 1
C:\Documents and Settings\LocalService\Application Data\809353461.exe._eac_qt_ Infected: Trojan-Dropper.Win32.Agent.wcc 1
C:\Program Files\aaascreensavers\Keith Urban Active\VVSN_AAAS0741Inst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.z 1
C:\Program Files\Excite\PrvtMsgr\bin\x8Idle0.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax 1
C:\Program Files\FileSubmit\Love Somebody Like you\NNEZTX638.exe Infected: not-a-virus:AdWare.Win32.NewDotNet 1
C:\Program Files\Internet Explorer\setupapi.dll._eac_qt_ Infected: Trojan.Win32.Agent.abas 1
C:\Program Files\Mozilla Firefox\setupapi.dll._eac_qt_ Infected: Trojan.Win32.Agent.abas 1
C:\Program Files\MyEmoticons\VVSNI_S3_MYEM_Inst.exe Infected: not-a-virus:AdTool.Win32.WhenU.a 1
C:\Program Files\Netscape\Communicator\Program\Plugins\NPMyWay.dll Infected: not-a-virus:AdWare.Win32.MyWay.f 1
C:\Program Files\PestPatrol\Quarantine\20040824015343791\WINDOWS\system\bho001.dll Infected: not-a-virus:AdWare.Win32.IGetNet.b 1
C:\Program Files\PestPatrol\Quarantine\20040824015343791\WINDOWS\system\rsp001.dll Infected: not-a-virus:AdWare.Win32.IGetNet.a 1
C:\Program Files\PestPatrol\Quarantine\20040824015343791\WINDOWS\system\update_com.dll Infected: not-a-virus:AdWare.Win32.IGetNet.a 1
C:\QooBox\Quarantine\C\Documents and Settings\LocalService\Application Data\1588044899.exe.vir Infected: Trojan-Downloader.Win32.Small.aabc 1
C:\QooBox\Quarantine\C\Documents and Settings\LocalService\Application Data\665755322.exe.vir Infected: Trojan-Downloader.Win32.Small.aaaq 1
C:\QooBox\Quarantine\C\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL.vir Infected: not-a-virus:AdWare.Win32.FunWeb.b 1
C:\QooBox\Quarantine\C\Program Files\FunWebProducts\Installr\f3Setup1.exe.vir Infected: not-a-virusownloader.Win32.FunWeb 1
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.de 1
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL.vir Infected: not-a-virus:AdWare.Win32.MyWay.d 1
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch 1
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE_tobedeleted.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch 1
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch 1
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL_tobedeleted.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch 1
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL.vir Infected: not-a-virus:AdWare.Win32.MyWay.u 1
C:\QooBox\Quarantine\C\Program Files\Screensavers.com\Installer\bin\ScreensaversInst.dll.vir Infected: not-a-virus:AdWare.Win32.Comet.c 1
C:\QooBox\Quarantine\C\WINDOWS\NDNuninstall6_38.exe.vir Infected: not-a-virus:AdWare.Win32.NewDotNet 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\DRIVERS\154b59b5.sys.vir Infected: Rootkit.Win32.Agent.cmh 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033276.exe Infected: IM-Flooder.Win32.VB.di 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033278.exe Infected: HackTool.Win32.VB.vm 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033279.exe Infected: not-a-virus:AdWare.Win32.SaveNow.z 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033280.exe Infected: not-a-virus:AdWare.Win32.NewDotNet 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033281.dll Infected: not-a-virus:AdWare.Win32.MyWay.f 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033282.dll Infected: not-a-virus:AdWare.Win32.IGetNet.b 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033283.dll Infected: not-a-virus:AdWare.Win32.IGetNet.a 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033284.dll Infected: not-a-virus:AdWare.Win32.IGetNet.a 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033285.exe Infected: Flooder.Win32.VB.ci 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033286.exe Infected: IM-Flooder.Win32.VB.cs 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033287.exe Infected: IM-Flooder.Win32.VB.el 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033288.exe Infected: HackTool.Win32.VB.hp 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033289.exe Infected: HackTool.Win32.VB.xb 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033290.exe Infected: HackTool.Win32.Agent.au 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033291.exe Infected: Flooder.Win32.VB.de 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033292.exe Infected: IM-Flooder.Win32.VB.di 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033293.exe Infected: IM-Flooder.Win32.YFame.a 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033295.exe Infected: not-a-virus:AdWare.Win32.Exact.a 3
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0033296.exe Infected: not-a-virus:AdWare.Win32.EZula.z 1
C:\unzipped\black booting 2\BlackBooting v.2.6.exe Infected: Flooder.Win32.VB.ci 1
C:\unzipped\ChatKillerlimitedv1\Chat Killer limited.exe Infected: IM-Flooder.Win32.VB.cs 1
C:\unzipped\elite_bomber-140\elite_bomber_140\Elite Bomber.exe Infected: HackTool.Win32.VB.hp 1
C:\unzipped\GMC--ChatClientBooterv.2\GMC---Chat Client Booter v2.exe Infected: IM-Flooder.Win32.VB.el 1
C:\unzipped\makeashitloadofnamesnshit\Make A ShitLoad of Names N ****!!!!!!!.exe Infected: HackTool.Win32.VB.xb 1
C:\unzipped\Mortification Creation 3.0\Mortification Creation 3.0\Mortification_Creation.exe Infected: HackTool.Win32.Agent.au 1
C:\unzipped\Occ Bomber\Occ Bomber\Occ.exe Infected: Flooder.Win32.VB.de 1
C:\unzipped\Y-Famev6\Y-Fame v6\Y-Fame v6.exe Infected: IM-Flooder.Win32.VB.di 1
C:\unzipped\yfame7bylucif3r\yfame7bylucif3r\Y-Fame v7.exe Infected: IM-Flooder.Win32.YFame.a 1
C:\WINDOWS\b122.exe._eac_qt_ Infected: not-a-virus:AdWare.Win32.Rond.b 1
C:\WINDOWS\b122.exe._eac_qt_ Infected: not-a-virus:AdWare.Win32.Mostofate.u 1
C:\WINDOWS\Downloaded Program Files\imloader.exe Infected: not-a-virusownloader.Win32.ImLoader.c 1
C:\WINDOWS\eSearchBar\exactSetup.exe Infected: not-a-virus:AdWare.Win32.Exact.a 3
C:\WINDOWS\iLookup\ezStub22.exe Infected: not-a-virus:AdWare.Win32.EZula.z 1
C:\WINDOWS\SYSTEM32\16.tmp._eac_qt_ Infected: not-a-virus:FraudTool.Win32.MalwareProtector.d 1
C:\WINDOWS\SYSTEM32\b.tmp._eac_qt_ Infected: not-a-virus:FraudTool.Win32.MalwareProtector.d 1
C:\WINDOWS\SYSTEM32\cbevtsvc.exe._eac_qt_ Infected: Trojan-Downloader.Win32.Agent.ytu 1
C:\WINDOWS\SYSTEM32\~.exe._eac_qt_ Infected: Trojan-Downloader.Win32.Agent.ytu 1
C:\~IntelliMover Files\Go!Zilla Downloads\morph20.exe.GZPT Infected: not-a-virus:AdWare.Win32.WurldMedia.d 1
C:\~IntelliMover Files\Go!Zilla Downloads\morph20.exe.GZPT Infected: not-a-virus:AdWare.Win32.WurldMedia.a 1
C:\~IntelliMover Files\Go!Zilla Downloads\morph20.exe.GZPT Infected: not-a-virus:AdWare.Win32.Gator.3210 1
C:\~IntelliMover Files\Go!Zilla Downloads\morph20.exe.GZPT Infected: Trojan-Downloader.Win32.Stubby.b 1

The selected area was scanned.

 

Highlight and copy the contents of the code box below to a blank notepad. Save it to the desktop as;

Filename: check.bat
Save as type: All Files (*.*)

Code:

@echo off
echo ~~winlogon backups~~>check.txt
echo.>>check.txt
dir %Systemdrive%\winlogon.exe /a h /s >>check.txt
echo.>>check.txt
echo ~~services backups~~>>check.txt
echo.>>check.txt
dir %Systemdrive%\services.exe /a h /s >>check.txt
echo.>>check.txt
echo ~~lsass backups~~>>check.txt
echo.>>check.txt
dir %Systemdrive%\lsass.exe /a h /s >>check.txt
echo.>>check.txt
echo ~~svchost backups~~>>check.txt
echo.>>check.txt
dir %Systemdrive%\svchost.exe /a h /s >>check.txt
echo.>>check.txt
echo ~~explorer backups~~>>check.txt
echo.>>check.txt
dir %Systemdrive%\explorer.exe /a h /s >>check.txt
echo.>>check.txt
echo ~~spoolsv backups~~>>check.txt
echo.>>check.txt
dir %Systemdrive%\spoolsv.exe /a h /s >>check.txt
start notepad check.txt
cls
exit

Double click check.bat to run it. It will open check.txt when it completes. Please post it's contents here.


Looks as though you have a number of Instant Messenger utils that appear to be less than safe. Are you willing to part with them to get your machine cleaned up?

 

Hi Noahdfear,
I just read your response, and I have to tell you, I don't know HOW or WHY, but by doing all the things you told me to do, somehow my computer is CLEAN!!!! wooooo hoooo!!!
I ran a scan on it all night last night with the virus scanner I have on my computer and it picked up a few things, but that Trojan.Starter.384 was GONE!!
I'm going to go ahead right now and run another scan, just to be "safe" and I'll post the results here when it finishes (about 2 hrs. or so).

Is there anything else you think I should remove, even though my computer feels like it's back to normal at this point?

Please let me know, and thx so much for your help. This has been a looooonnnggg road, but it was worth it.

Be back in awhile to post anything that comes up in my scan that I'm starting right now