1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Removing virusbursters popups

Discussion in 'Malware and Virus Removal Archive' started by dummyplus, 2006/11/04.

Thread Status:
Not open for further replies.
  1. 2006/11/04
    dummyplus

    dummyplus Inactive Thread Starter

    Joined:
    2006/05/07
    Messages:
    10
    Likes Received:
    0
    Help Somebody!: Our home computer got infected with a malicious popup that redirects you to the virusbursters site. Without realizing it was a scam, my son installed the software. I removed manually through add/remove programs at the Control Panel. Nevertheless, the popups continue to appear. I run HJT and this is the log file. Please help!

    Logfile of HijackThis v1.99.1
    Scan saved at 02:23:06 p.m., on 11/04/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\Archivos de programa\Archivos comunes\McAfee\HackerWatch\HWAPI.exe
    C:\ARCHIV~1\McAfee\MSC\mclogsrv.exe
    C:\Archivos de programa\Intel\Modem Event Monitor\IntelMEM.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\WINDOWS\System32\DSentry.exe
    C:\Archivos de programa\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    C:\Archivos de programa\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
    C:\Archivos de programa\HP\HP Software Update\HPWuSchd.exe
    C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe
    C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Archivos de programa\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Archivos de programa\MessengerPlus! 3\MsgPlus1.exe
    C:\Archivos de programa\McAfee\MSK\MskAgent.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Archivos de programa\Logitech\Video\LogiTray.exe
    C:\Program Files\BPK\upgrade.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\ARCHIV~1\McAfee\MSC\mcupdmgr.exe
    c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
    C:\ARCHIV~1\McAfee\VIRUSS~1\mcods.exe
    C:\ARCHIV~1\McAfee\MSC\mcpromgr.exe
    c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
    c:\ARCHIV~1\ARCHIV~1\mcafee\redirsvc\redirsvc.exe
    C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
    C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\Archivos de programa\MSN Messenger\msnmsgr.exe
    C:\ARCHIV~1\McAfee\MSC\mctskshd.exe
    C:\ARCHIV~1\McAfee\MSC\mcusrmgr.exe
    C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
    C:\ARCHIV~1\mcafee.com\agent\mcagent.exe
    C:\Archivos de programa\McAfee\MSK\MskSrver.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Archivos de programa\Sound Snooper\service.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Archivos de programa\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\ARCHIV~1\McAfee\MPS\mps.exe
    C:\Archivos de programa\McAfee\MPS\mpsevh.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Archivos de programa\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Archivos de programa\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\ARCHIV~1\ARCHIV~1\McAfee\EmProxy\emproxy.exe
    C:\Archivos de programa\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Carlos\Escritorio\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edition.cnn.com/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn0\yt.dll (file missing)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Archivos de programa\SiteAdvisor\4144\SiteAdv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\archivos de programa\mcafee\virusscan\scriptsn.dll
    O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - C:\Archivos de programa\VidCodecs\isaddon.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
    O2 - BHO: CPub Object - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\archivos de programa\mcafee\mps\mcpopup.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Archivos de programa\SiteAdvisor\4144\SiteAdv.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar2.dll
    O3 - Toolbar: Protection Bar - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - C:\Archivos de programa\VidCodecs\iesplugin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [IntelMeM] C:\Archivos de programa\Intel\Modem Event Monitor\IntelMEM.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
    O4 - HKLM\..\Run: [OSS] c:\windows\system32\ossproxy.exe -boot
    O4 - HKLM\..\Run: [StorageGuard] "C:\Archivos de programa\Archivos comunes\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [CTSysVol] C:\Archivos de programa\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    O4 - HKLM\..\Run: [CTDVDDet] C:\Archivos de programa\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] "C:\Archivos de programa\HP\HP Software Update\HPWuSchd.exe "
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe "
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe "
    O4 - HKLM\..\Run: [ViewMgr] C:\Archivos de programa\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Archivos de programa\MessengerPlus! 3\MsgPlus1.exe "
    O4 - HKLM\..\Run: [MskAgentexe] C:\Archivos de programa\McAfee\MSK\MskAgent.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [upgrade] C:\Program Files\BPK\upgrade.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Archivos de programa\MessengerPlus! 3\MsgPlus1.exe" /WinStart
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Archivos de programa\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [swg] C:\Archivos de programa\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Archivos de programa\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Archivos de programa\Archivos comunes\Autodesk Shared\acstart16.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Archivos de programa\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Open in new background tab - res://C:\Archivos de programa\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/229?6a380cbc4b354eefad687eb33f3dc7d2
    O8 - Extra context menu item: Open in new foreground tab - res://C:\Archivos de programa\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/230?6a380cbc4b354eefad687eb33f3dc7d2
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,99/mcinsctl.cab
    O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
    O18 - Protocol: asp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\SYSTEM32\hsppp.dll
    O18 - Protocol: bw+0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\SYSTEM32\hsppp.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Archivos de programa\SiteAdvisor\4144\SiteAdv.dll
    O18 - Protocol: x-asp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\SYSTEM32\hsppp.dll
    O18 - Protocol: x-hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\SYSTEM32\hsppp.dll
    O18 - Protocol: x-mem1 - {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} - C:\WINDOWS\SYSTEM32\WowCtl2.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: detachments - {01d8d081-0f76-4ab5-b5e4-9b23a709670e} - C:\WINDOWS\system32\sacskza.dll
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskNetSrv.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\ARCHIV~1\ARCHIV~1\McAfee\EmProxy\emproxy.exe
    O23 - Service: MBackMonitor - - C:\Archivos de programa\McAfee\MBK\MBackMonitor.exe
    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Archivos de programa\Archivos comunes\McAfee\HackerWatch\HWAPI.exe
    O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mclogsrv.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\ARCHIV~1\ARCHIV~1\mcafee\redirsvc\redirsvc.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mctskshd.exe
    O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mcusrmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MPS\mps.exe
    O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Archivos de programa\McAfee\MSK\MskSrver.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Archivos de programa\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SndRecB.1.3 (SndRecA.1.3) - Unknown owner - C:\Archivos de programa\Sound Snooper\service.exe
     
    dummyplus,
    #1
  2. 2006/11/04
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Hello and welcome to WindowsBBS Forums.


    This is one of the many SmithFraud\Zlob infections. Please follow directions for the first part of the fix.

    Please download SmitfraudFix (by S!Ri)
    Extract the content (a folder named SmitfraudFix) to your Desktop.

    Open the SmitfraudFix folder and double-click smitfraudfix.cmd
    Select option #1 - Search by typing 1 and press "Enter "; a text file will appear, which lists infected files (if present).
    Please copy/paste the content of that report into your next reply.

    Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool "; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore you may get an alert.
     
    TeMerc,
    #2


  3. to hide this advert.

  4. 2006/11/04
    dummyplus

    dummyplus Inactive Thread Starter

    Joined:
    2006/05/07
    Messages:
    10
    Likes Received:
    0
    Thanks TeMerc: Here is the SmitFraudFix log:
    SmitFraudFix v2.119

    Scan done at 16:11:53.51, 11/04/2006
    Run from C:\Documents and Settings\Carlos\Escritorio\SmitfraudFix
    OS: Microsoft Windows XP [Versi¢n 5.1.2600] - Windows_NT
    Fix run in normal mode

    »»»»»»»»»»»»»»»»»»»»»»»» C:\


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

    C:\WINDOWS\system32\sacskza.dll FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Carlos


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Carlos\Application Data


    »»»»»»»»»»»»»»»»»»»»»»»» Start Menu


    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Carlos\FAVORI~1


    »»»»»»»»»»»»»»»»»»»»»»»» Desktop

    C:\DOCUME~1\ALLUSE~1\ESCRIT~1\Online Security Guide.url FOUND !
    C:\DOCUME~1\ALLUSE~1\ESCRIT~1\Security Troubleshooting.url FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Archivos de programa

    C:\Archivos de programa\eMedia Codec\ FOUND !
    C:\Archivos de programa\VidCodecs\ FOUND !
    C:\Archivos de programa\VirusBursters\ FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


    »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components



    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{01d8d081-0f76-4ab5-b5e4-9b23a709670e} "= "detachments "

    [HKEY_CLASSES_ROOT\CLSID\{01d8d081-0f76-4ab5-b5e4-9b23a709670e}\InProcServer32]
    @= "C:\WINDOWS\system32\sacskza.dll "

    [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{01d8d081-0f76-4ab5-b5e4-9b23a709670e}\InProcServer32]
    @= "C:\WINDOWS\system32\sacskza.dll "



    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, following keys are not inevitably infected!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs "=" "


    »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


    »»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


    »»»»»»»»»»»»»»»»»»»»»»»» End

    Now that I read this log I notice a line about corrupted keys. I have experienced in the last couple of days that my keyboard is not responding to the spanish characters for accented vowels (it shows 2 tildes, like ´´). I mention this just it has any relation with the problem I am facing. Thanks for your assistance
     
    dummyplus,
    #3
  5. 2006/11/04
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Second part of fix, removal:

    You should print out these instructions, or copy them to a Notepad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site. Please follow the instructions exactly in the order listed; this is very important!

    Please download, install, and update the free version of AVG Anti-Spyware 7.5 formerly Ewido Anti-Malware:
    1. When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu ".
    2. When you run Ewido for the first time, you will get a warning "Database could not be found! ". Click OK. We will fix this in a moment.
    3. From the main Ewido screen, click on update in the left menu, then click the Start update button.
    4. After the update finishes, the status bar at the bottom will display "Update successful "
    5. Exit Ewido. DO NOT run a scan yet.

    Reboot, into safe mode, this way:
    Turn on the computer
    Immediately begin tapping the F8 key.
    Use the arrow keys to highlight Safe Mode and press the Enter key.

    Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
    Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

    You will be prompted : "Registry cleaning - Do you want to clean the registry ? "; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

    The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter ".

    The tool may need to restart your computer to finish the cleaning process. A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.

    AFTER SmitfraudFix finishes (and after a reboot if required), please open Ewido. (If a reboot is required, please boot BACK into Safe Mode.)
    • Click on Scanner
    • Click on Complete System Scan and the scan will begin.
    • If ewido finds anything, it will pop up a notification. You can select "Remove" and check the boxes "Perform action with all infections" and "Create encrypted backup" before clicking on OK.
    • When the scan is finished, click the Save report button at the bottom of the screen.
    • Save the report to your desktop
    • Close Ewido
    Then please restart it into Normal Windows. Please post the contents of the SmitfraudFix log located at C:\rapport.txt into this thread, along with the Ewido (please edit out all cookie Recycler and restore\system volume folder references) report and a new HijackThis log.
     
    TeMerc,
    #4
  6. 2006/11/05
    dummyplus

    dummyplus Inactive Thread Starter

    Joined:
    2006/05/07
    Messages:
    10
    Likes Received:
    0
    I installed Ewido but I did not get the screen for "Additional Options" during the installation, neither I got the warning "Database could not be found! ". I did update it successfully though. Should I proceed with the reboot into safe mode?
     
    dummyplus,
    #5
  7. 2006/11/05
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Yes, please proceed.
     
    TeMerc,
    #6
  8. 2006/11/05
    dummyplus

    dummyplus Inactive Thread Starter

    Joined:
    2006/05/07
    Messages:
    10
    Likes Received:
    0
    OK, sorry for the delay, here are the log files. I edited the HJT log to shorten it by eliminating most of the Logitech\Desktop Messenger lines. The popups apparently were cleaned. Please advise if I need any additional action.Thanks again.

    SmitFraudFix v2.119

    Scan done at 17:26:41.50, 11/05/2006
    Run from C:\Documents and Settings\Carlos\Escritorio\SmitfraudFix
    OS: Microsoft Windows XP [Versi¢n 5.1.2600] - Windows_NT
    Fix run in safe mode

    »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{01d8d081-0f76-4ab5-b5e4-9b23a709670e} "= "detachments "

    [HKEY_CLASSES_ROOT\CLSID\{01d8d081-0f76-4ab5-b5e4-9b23a709670e}\InProcServer32]
    @= "C:\WINDOWS\system32\sacskza.dll "

    [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{01d8d081-0f76-4ab5-b5e4-9b23a709670e}\InProcServer32]
    @= "C:\WINDOWS\system32\sacskza.dll "


    »»»»»»»»»»»»»»»»»»»»»»»» Killing process


    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri

    C:\WINDOWS\system32\sacskza.dll -> Hoax.Win32.Renos.gen.i
    C:\WINDOWS\system32\sacskza.dll -> Deleted


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

    C:\DOCUME~1\ALLUSE~1\ESCRIT~1\Online Security Guide.url Deleted
    C:\DOCUME~1\ALLUSE~1\ESCRIT~1\Security Troubleshooting.url Deleted
    C:\Archivos de programa\eMedia Codec\ Deleted
    C:\Archivos de programa\VirusBursters\ Deleted

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

    Registry Cleaning done.

    »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» Reboot

    C:\Archivos de programa\VidCodecs Deleted

    »»»»»»»»»»»»»»»»»»»»»»»» End

    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 07:29:07 p.m. 11/05/2006

    + Scan result:



    HKLM\SOFTWARE\180solutions -> Adware.180Solutions : Cleaned.
    HKU\S-1-5-21-690394989-3969154423-3928719487-1007\Software\180solutions -> Adware.180Solutions : Cleaned.
    HKLM\SOFTWARE\Classes\TopSearch.TSLink -> Adware.Altnet : Error during cleaning.
    HKLM\SOFTWARE\Classes\TopSearch.TSLink.1 -> Adware.Altnet : Error during cleaning.
    C:\Documents and Settings\Carlitos\Configuración local\Temp\D1320\tbon.exe -> Adware.Bestofer : Cleaned.
    C:\Archivos de programa\TBONBin -> Adware.BetterInternet : Cleaned.
    C:\Archivos de programa\TBONBin\tboninst.cfg -> Adware.BetterInternet : Cleaned.
    C:\Documents and Settings\Carlitos\Configuración local\Temp\D3280\tbon.exe -> Adware.BetterInternet : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_0_0_105300.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_0_0_106800.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_0_0_107400.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_1_0_449200.gif -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_1_0_449200.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_1_0_449600.gif -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_1_0_449600.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_1_0_454300.gif -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_1_0_454300.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_2_0_105300.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_2_0_106800.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_2_0_107400.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_3_0_105300.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_3_0_106800.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_3_0_107400.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_4_0_111600.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_4_0_152400.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_4_0_155300.htm -> Adware.Cydoor : Cleaned.
    C:\WINDOWS\SYSTEM32\AdCache\B_329_4_0_164100.htm -> Adware.Cydoor : Cleaned.
    HKLM\SOFTWARE\Dsi -> Adware.Delfin : Cleaned.
    HKLM\SOFTWARE\picsvr -> Adware.Delfin : Cleaned.
    HKU\S-1-5-21-690394989-3969154423-3928719487-1007\Software\picsvr -> Adware.Delfin : Cleaned.
    HKLM\SOFTWARE\Classes\CLSID\{E1412445-4FF8-410e-8D24-F2CF86B171A4} -> Adware.Generic : Cleaned.
    C:\WINDOWS\SYSTEM32\CIC38760.exe -> Adware.IEDriver : Cleaned.
    HKLM\SOFTWARE\Classes\CLSID\{00027925-0017-4faf-9539-90E4AC0B9EC5} -> Adware.IEPlugin : Cleaned.
    HKU\S-1-5-21-690394989-3969154423-3928719487-1007\Software\INSTAFINK -> Adware.InstaFinder : Cleaned.
    HKU\S-1-5-21-690394989-3969154423-3928719487-1007\Software\INSTAFINK\Reports -> Adware.InstaFinder : Cleaned.
    HKU\S-1-5-21-690394989-3969154423-3928719487-1007\Software\INSTAFINK\Reports\38574 -> Adware.InstaFinder : Cleaned.
    HKU\S-1-5-21-690394989-3969154423-3928719487-1007\Software\INSTAFINK\Reports\38575 -> Adware.InstaFinder : Cleaned.
    HKU\S-1-5-21-690394989-3969154423-3928719487-1007\Software\INSTAFINK\Stat -> Adware.InstaFinder : Cleaned.
    C:\Archivos de programa\McAfee\MPS\IAEngine.dll -> Backdoor.VanBot.ah : Cleaned.
    C:\WINDOWS\SYSTEM32\ADRESC05.exe -> Downloader.Agent.adz : Cleaned.
    C:\Program Files\BPK\upgradehk.dll -> Not-A-Virus.Monitor.Win32.Perflogger.163 : Cleaned.
    C:\Archivos de programa\Sound Snooper\service.exe -> Not-A-Virus.Monitor.Win32.SoundSnooper.a : Cleaned.
    C:\Archivos de programa\Sound Snooper\uninst.exe -> Trojan.CuteSpy : Cleaned.


    ::Report end

    Logfile of HijackThis v1.99.1
    Scan saved at 07:35:37 p.m., on 11/05/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\Archivos de programa\Archivos comunes\McAfee\HackerWatch\HWAPI.exe
    C:\ARCHIV~1\McAfee\MSC\mclogsrv.exe
    C:\ARCHIV~1\McAfee\MSC\mcupdmgr.exe
    c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
    C:\ARCHIV~1\McAfee\VIRUSS~1\mcods.exe
    C:\ARCHIV~1\McAfee\MSC\mcpromgr.exe
    c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
    c:\ARCHIV~1\ARCHIV~1\mcafee\redirsvc\redirsvc.exe
    C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
    C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\ARCHIV~1\McAfee\MSC\mctskshd.exe
    C:\ARCHIV~1\McAfee\MSC\mcusrmgr.exe
    C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
    C:\Archivos de programa\McAfee\MSK\MskSrver.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\ARCHIV~1\McAfee\MPS\mps.exe
    C:\WINDOWS\Explorer.EXE
    C:\Archivos de programa\McAfee\MPS\mpsevh.exe
    C:\ARCHIV~1\mcafee.com\agent\mcagent.exe
    C:\Archivos de programa\Intel\Modem Event Monitor\IntelMEM.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\WINDOWS\System32\DSentry.exe
    C:\Archivos de programa\Archivos comunes\Sonic\Update Manager\sgtray.exe
    C:\Archivos de programa\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    C:\Archivos de programa\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
    C:\Archivos de programa\HP\HP Software Update\HPWuSchd.exe
    C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe
    C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Archivos de programa\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Archivos de programa\MessengerPlus! 3\MsgPlus1.exe
    C:\Archivos de programa\McAfee\MSK\MskAgent.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Archivos de programa\Logitech\Video\LogiTray.exe
    C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Archivos de programa\MSN Messenger\msnmsgr.exe
    C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Archivos de programa\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Documents and Settings\Carlos\Escritorio\HijackThis.exe
    C:\Archivos de programa\HP\hpcoretech\comp\hpdarc.exe

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn0\yt.dll (file missing)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Archivos de programa\SiteAdvisor\4144\SiteAdv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\archivos de programa\mcafee\virusscan\scriptsn.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
    O2 - BHO: CPub Object - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\archivos de programa\mcafee\mps\mcpopup.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Archivos de programa\SiteAdvisor\4144\SiteAdv.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [IntelMeM] C:\Archivos de programa\Intel\Modem Event Monitor\IntelMEM.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
    O4 - HKLM\..\Run: [OSS] c:\windows\system32\ossproxy.exe -boot
    O4 - HKLM\..\Run: [StorageGuard] "C:\Archivos de programa\Archivos comunes\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [CTSysVol] C:\Archivos de programa\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    O4 - HKLM\..\Run: [CTDVDDet] C:\Archivos de programa\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] "C:\Archivos de programa\HP\HP Software Update\HPWuSchd.exe "
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe "
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe "
    O4 - HKLM\..\Run: [ViewMgr] C:\Archivos de programa\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Archivos de programa\MessengerPlus! 3\MsgPlus1.exe "
    O4 - HKLM\..\Run: [MskAgentexe] C:\Archivos de programa\McAfee\MSK\MskAgent.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Archivos de programa\MessengerPlus! 3\MsgPlus1.exe" /WinStart
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Archivos de programa\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [swg] C:\Archivos de programa\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Archivos de programa\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Archivos de programa\Archivos comunes\Autodesk Shared\acstart16.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Archivos de programa\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Open in new background tab - res://C:\Archivos de programa\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/229?6a380cbc4b354eefad687eb33f3dc7d2
    O8 - Extra context menu item: Open in new foreground tab - res://C:\Archivos de programa\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/230?6a380cbc4b354eefad687eb33f3dc7d2
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,99/mcinsctl.cab
    O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
    O18 - Protocol: asp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\SYSTEM32\hsppp.dll
    O18 - Protocol: bw+0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} -

    "several lines were deleted "

    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\SYSTEM32\hsppp.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {1577A7D4-39E9-4D9E-9860-731E6130A4C2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Archivos de programa\SiteAdvisor\4144\SiteAdv.dll
    O18 - Protocol: x-asp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\SYSTEM32\hsppp.dll
    O18 - Protocol: x-hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\SYSTEM32\hsppp.dll
    O18 - Protocol: x-mem1 - {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} - C:\WINDOWS\SYSTEM32\WowCtl2.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskNetSrv.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\ARCHIV~1\ARCHIV~1\McAfee\EmProxy\emproxy.exe
    O23 - Service: MBackMonitor - - C:\Archivos de programa\McAfee\MBK\MBackMonitor.exe
    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Archivos de programa\Archivos comunes\McAfee\HackerWatch\HWAPI.exe
    O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mclogsrv.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\ARCHIV~1\ARCHIV~1\mcafee\redirsvc\redirsvc.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mctskshd.exe
    O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mcusrmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MPS\mps.exe
    O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Archivos de programa\McAfee\MSK\MskSrver.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Archivos de programa\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SndRecB.1.3 (SndRecA.1.3) - Unknown owner - C:\Archivos de programa\Sound Snooper\service.exe (file missing)
     
    dummyplus,
    #7
  9. 2006/11/06
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Well it certainly looks as tho the scans did their job and removed quite a bit.

    We have but one item left really. Good work.


    Run Hijackthis and look over the following entries I have listed, check the boxes next to them and press the "Fix Checked" button with HijackThis. When you are doing this, make sure you have No IE windows, or other browsers open, including this one. Reboot if I have specified below, and post a fresh HijackThis log.

    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)


    O4 - HKLM\..\Run: [OSS] c:\windows\system32\ossproxy.exe -boot

    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u


    ALL 018 LOGITECH RELATED LINES

    Reboot, into safe mode, this way:
    Turn on the computer
    Immediately begin tapping the <F8> key.
    Use the arrow keys to highlight Safe Mode and press the <Enter> key.

    Also, enable the 'Show Hidden Folders' option, like this:
    Click Start.
    Open My Computer.
    Select the Tools menu and click Folder Options.
    Select the View Tab. Under the Hidden files and folders heading select Show hidden files and folders.
    Uncheck the Hide protected operating system files (recommended) option.
    Click Yes to confirm.
    Click OK.

    And search for, then delete, if found, (some may not be present after previous steps) the following files/folders:
    c:\windows\system32\ossproxy.exe <<<--this file

    To exit Safe Mode, click the Start button, click Turn Off Computer, click Restart.

    Post a new HJT log back into this thread please.
     
    TeMerc,
    #8
  10. 2006/11/06
    dummyplus

    dummyplus Inactive Thread Starter

    Joined:
    2006/05/07
    Messages:
    10
    Likes Received:
    0
    Well, I think you did it! I certainly appreciate your help and especially the time you spend helping me and other dummies like me. Here is the latest HJT log:
    Logfile of HijackThis v1.99.1
    Scan saved at 09:41:49 a.m., on 11/06/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\Archivos de programa\Archivos comunes\McAfee\HackerWatch\HWAPI.exe
    C:\ARCHIV~1\McAfee\MSC\mclogsrv.exe
    C:\ARCHIV~1\McAfee\MSC\mcupdmgr.exe
    c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
    C:\ARCHIV~1\McAfee\VIRUSS~1\mcods.exe
    C:\ARCHIV~1\McAfee\MSC\mcpromgr.exe
    c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
    c:\ARCHIV~1\ARCHIV~1\mcafee\redirsvc\redirsvc.exe
    C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
    C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\ARCHIV~1\McAfee\MSC\mctskshd.exe
    C:\ARCHIV~1\McAfee\MSC\mcusrmgr.exe
    C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
    C:\Archivos de programa\McAfee\MSK\MskSrver.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\ARCHIV~1\McAfee\MPS\mps.exe
    C:\WINDOWS\Explorer.EXE
    C:\ARCHIV~1\mcafee.com\agent\mcagent.exe
    C:\Archivos de programa\Intel\Modem Event Monitor\IntelMEM.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\WINDOWS\System32\DSentry.exe
    C:\Archivos de programa\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    C:\Archivos de programa\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
    C:\Archivos de programa\McAfee\MPS\mpsevh.exe
    C:\Archivos de programa\HP\HP Software Update\HPWuSchd.exe
    C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe
    C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Archivos de programa\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Archivos de programa\MessengerPlus! 3\MsgPlus1.exe
    C:\Archivos de programa\McAfee\MSK\MskAgent.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Archivos de programa\Logitech\Video\LogiTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Archivos de programa\MSN Messenger\msnmsgr.exe
    C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Archivos de programa\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\ARCHIV~1\ARCHIV~1\McAfee\EmProxy\emproxy.exe
    C:\Documents and Settings\Carlos\Escritorio\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edition.cnn.com/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn0\yt.dll (file missing)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Archivos de programa\SiteAdvisor\4144\SiteAdv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\archivos de programa\mcafee\virusscan\scriptsn.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
    O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\archivos de programa\mcafee\mps\mcpopup.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Archivos de programa\SiteAdvisor\4144\SiteAdv.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [IntelMeM] C:\Archivos de programa\Intel\Modem Event Monitor\IntelMEM.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
    O4 - HKLM\..\Run: [StorageGuard] "C:\Archivos de programa\Archivos comunes\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [CTSysVol] C:\Archivos de programa\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    O4 - HKLM\..\Run: [CTDVDDet] C:\Archivos de programa\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] "C:\Archivos de programa\HP\HP Software Update\HPWuSchd.exe "
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe "
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe "
    O4 - HKLM\..\Run: [ViewMgr] C:\Archivos de programa\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Archivos de programa\MessengerPlus! 3\MsgPlus1.exe "
    O4 - HKLM\..\Run: [MskAgentexe] C:\Archivos de programa\McAfee\MSK\MskAgent.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Archivos de programa\MessengerPlus! 3\MsgPlus1.exe" /WinStart
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Archivos de programa\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [swg] C:\Archivos de programa\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Archivos de programa\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Archivos de programa\Archivos comunes\Autodesk Shared\acstart16.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Archivos de programa\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Open in new background tab - res://C:\Archivos de programa\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/229?6a380cbc4b354eefad687eb33f3dc7d2
    O8 - Extra context menu item: Open in new foreground tab - res://C:\Archivos de programa\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/230?6a380cbc4b354eefad687eb33f3dc7d2
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,99/mcinsctl.cab
    O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
    O18 - Protocol: asp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\SYSTEM32\hsppp.dll
    O18 - Protocol: hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\SYSTEM32\hsppp.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Archivos de programa\SiteAdvisor\4144\SiteAdv.dll
    O18 - Protocol: x-asp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\SYSTEM32\hsppp.dll
    O18 - Protocol: x-hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\SYSTEM32\hsppp.dll
    O18 - Protocol: x-mem1 - {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} - C:\WINDOWS\SYSTEM32\WowCtl2.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Archivos de programa\Archivos comunes\Autodesk Shared\Service\AdskNetSrv.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\ARCHIV~1\ARCHIV~1\McAfee\EmProxy\emproxy.exe
    O23 - Service: MBackMonitor - - C:\Archivos de programa\McAfee\MBK\MBackMonitor.exe
    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Archivos de programa\Archivos comunes\McAfee\HackerWatch\HWAPI.exe
    O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mclogsrv.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\ARCHIV~1\ARCHIV~1\mcafee\redirsvc\redirsvc.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mctskshd.exe
    O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mcusrmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MPS\mps.exe
    O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Archivos de programa\McAfee\MSK\MskSrver.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Archivos de programa\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SndRecB.1.3 (SndRecA.1.3) - Unknown owner - C:\Archivos de programa\Sound Snooper\service.exe (file missing)
     
    dummyplus,
    #9
  11. 2006/11/06
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Ok, everthing appears to be in order. Let me know if you have any other unwanted symptoms on the machine.

    We'll finish up with our recommendations for prevntion.

    We have 3 more things to do, to help ensure you have removed all the little 'leftovers' which may be hiding:

    Empty the TIF (Temporary Internet Files)
    Delete all the files in (and any subfolders of) the C:\Windows\Temp folder
    The app below will help with temp files.
    Index.dat Suite

    Also, delete all your cookies, and empty your recycle bin. But remember, by deleting your cookies, you will have to re-enter any passwords and log-in info for any sites you are usually required to do so with.

    This would also be a good time to set a new system restore point for your machine.
    Set New System Restore Point. Do not do this unless there are no other user accounts to be diagnosed.

    Also, as you are an XP user, if there are any other accounts on this machine, they too, must be cleaned with AdAware, Spybot S&D, then HJT. Not all infections are global, nor are all the HJT fixes global. You can post each user account here into this thread, but please, do only one at a time to avoid confusion.

    Here is a link which describes how security apps work with WIN XP machines.
    XP User Accts Security Apps Operation

    To further prevent the installation of ad/mal/spyware, DL the apps below, which are just as good the fight against ad/mal/spyware as AdAware & Spybot S&D:

    SpywareBlaster
    With SpywareBlaster v3.5.1 , just DL, install and check for updates, enable Internet Explorer protection, and your done! I don't recommend using IE restricted sites protection as it's not a very large database. Use IE-SPYADs below.

    To avoid known malware infested sites from loading in IE install IESPY ADS.
    And MVPS Hosts File will accomplish a similar tactic and provide another layer of protection.

    And to prevent unknown applications from being inserted to start up on your machine install WinPatrol v10.0.5.

    Links for tutorials for all the apps I mentioned can be found on my site as well.

    Confused about which apps are good or not? Read about Rogue/Approved Anti Security apps

    And just because you have security apps installed, they are useless unless updated regularly. Keep track of updates for ALL your security needs here:
    Calendar of Updates

    Subscribe to update alerts for all the above security apps here.

    You can also see my own ongoing security testing with all the above apps proving how securely you can safe with them installed.
    TeMerc Test Box Forum

    Happy surfing!!
    Tom :D
     
    TeMerc,
    #10
  12. 2006/11/06
    dummyplus

    dummyplus Inactive Thread Starter

    Joined:
    2006/05/07
    Messages:
    10
    Likes Received:
    0
    Thanks again, Tom, and I appreciate all the tips in your last message!
    Carlos
     
    dummyplus,
    #11
  13. 2006/11/06
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Glad we could be of assistance.

    Due to resolution this topic is closed.

    If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.
     
    TeMerc,
    #12
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...