Thread: Virus, Constant Popups, Rundll32.exe error, userinit.exe error
View Single Post
Old 06-09-2008, 09:58 PM   #1 (permalink)
greenoznic
Registered User
 
Join Date: Jun 2007
Posts: 27
OS: Windows XP


Virus, Constant Popups, Rundll32.exe error, userinit.exe error
I seem to have somehow contracted a virus that is giving me the following problems:

· Constant pop-ups from Internet Explorer;
· Rundll32.exe application error whenever I try to click on any of the icons in control panel;
· I am unable to download or install any windows updates, it won’t let me open my security centre or update from the Microsoft site;
· Whenever I try to log onto the computer I get a userinit.exe error and all that comes up is my background, it doesn’t seem to open Explorer at all. I have been able to access Explorer through the task manager though.

I followed all your steps, but was unable to complete step one due to not being able to access anything through control panel. I was also unable to update Windows fully due to the abovementioned problem.

I was also having problems running HiJack This through Deckards so I ran it separately.

Here is all the other info you require:

Deckards
Deckard's System Scanner v20071014.68
Run by Trish on 2008-06-10 13:29:17
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Trish.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:30:04 PM, on 10/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\BrmfBAgS.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
\Win2kserver\files\New Folder (2)\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Trish.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: testCPV6 - {15421B84-3488-49A7-AD18-CBF84A3EFAF6} - C:\Program Files\Spcron\Spc.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {BE838836-5A14-461D-B964-E63B8CA523E1} - C:\WINDOWS\system32\qoMfcaWp.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [28c2af21] rundll32.exe "C:\WINDOWS\system32\mxlmeacy.dll",b
O4 - HKLM\..\Run: [BM2bf19cbd] Rundll32.exe "C:\WINDOWS\system32\qmdwhovu.dll",s
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA2874] command /c del "C:\WINDOWS\system32\qoMfcaWp.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC508] cmd /c del "C:\WINDOWS\system32\qoMfcaWp.dll_old"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Documents and Settings\Administrator\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SharpTray] "C:\Program Files\Sharp\Sharpdesk\SharpTray.exe"
O4 - HKCU\..\Run: [JavaCore] C:\Program Files\\JavaCore\\JavaCore.exe
O4 - HKCU\..\Run: [Svconr] C:\Program Files\Svconr\Svconr.exe
O4 - HKCU\..\Run: [SpeedRunner] C:\Documents and Settings\Trish\Application Data\SpeedRunner\SpeedRunner.exe
O4 - HKCU\..\Run: [SfKg6wIP] C:\Documents and Settings\Trish\Application Data\Microsoft\Windows\wpbbxb.exe
O4 - HKCU\..\Run: [QdrPack16] "C:\Program Files\QdrPack\QdrPack16.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Start Network Scanner Tool.lnk = C:\Program Files\Sharp\Sharpdesk\sdFTP.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - https://www.hunterunited.com.au/smsx.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/.../GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O18 - Protocol: bw+0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c006283F.dat
O23 - Service: Brother BidiAgent Service for Resource manager (brmfbags) - Brother Industries, Ltd. - C:\WINDOWS\system32\BrmfBAgS.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 22486 bytes

-- Files created between 2008-05-10 and 2008-06-10 -----------------------------

2008-06-10 13:27:27 0 d-------- C:\Program Files\Trend Micro
2008-06-10 13:10:30 21312 --a------ C:\WINDOWS\choice.exe
2008-06-10 13:09:19 0 d-------- C:\ie-spyad
2008-06-10 13:07:30 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-10 13:03:11 0 d-------- C:\Program Files\SpywareBlaster
2008-06-10 09:03:47 51200 --a------ C:\WINDOWS\system32\__c006283F.dat
2008-06-10 09:03:45 51200 --a------ C:\WINDOWS\system32\hqwcdcmj.dll
2008-06-10 09:01:07 51200 --a------ C:\WINDOWS\system32\taysvcby.dll
2008-06-10 09:01:06 51200 --a------ C:\WINDOWS\system32\pgkojvsk.dll
2008-06-10 09:00:25 691545 --a------ C:\WINDOWS\unins000.exe
2008-06-10 09:00:24 2539 --a------ C:\WINDOWS\unins000.dat
2008-06-10 08:58:07 51200 --a------ C:\WINDOWS\system32\rotaysuk.dll
2008-06-10 08:58:06 51200 --a------ C:\WINDOWS\system32\bjpmwyvk.dll
2008-06-10 08:56:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-10 08:55:22 82944 --a------ C:\WINDOWS\system32\mxlmeacy.dll
2008-06-10 08:55:19 51200 --a------ C:\WINDOWS\system32\ljcckvei.dll
2008-06-10 08:54:38 91136 --a------ C:\WINDOWS\system32\qmdwhovu.dll
2008-06-10 08:51:46 51200 --a------ C:\WINDOWS\system32\mawealib.dll
2008-06-06 12:12:16 0 d-------- C:\Program Files\QdrPack
2008-06-06 12:12:15 0 d-------- C:\Program Files\ISM
2008-06-06 12:07:08 0 d-------- C:\Documents and Settings\Trish\Application Data\SpeedRunner
2008-06-06 12:02:10 0 d-------- C:\Program Files\Svconr
2008-06-06 11:57:09 0 d-------- C:\Program Files\Spcron
2008-06-06 11:57:02 0 d-------- C:\Program Files\Temporary
2008-06-06 11:51:59 0 d-------- C:\Program Files\JavaCore
2008-06-06 10:31:06 0 d-------- C:\Program Files\Panda Security
2008-06-06 08:37:44 51200 --a------ C:\WINDOWS\system32\__c00AA186.dat
2008-06-06 08:37:41 51200 --a------ C:\WINDOWS\system32\jsmnywsf.dll
2008-06-06 08:34:31 82944 --a------ C:\WINDOWS\system32\jtwsepvs.dll
2008-06-06 08:32:40 91136 --a------ C:\WINDOWS\system32\sxmxjrmc.dll
2008-06-05 11:32:32 403277 --ahs---- C:\WINDOWS\system32\pWacfMoq.ini2
2008-06-05 11:27:04 28160 --a------ C:\WINDOWS\system32\tuvWmnLe.dll
2008-06-05 11:22:49 0 d-------- C:\Documents and Settings\LocalService\Application Data\Softland
2008-06-05 11:20:00 0 d-------- C:\Program Files\Softland
2008-06-05 11:00:29 0 d-------- C:\Program Files\Jasc Software Inc
2008-06-05 10:55:52 0 d-------- C:\WINDOWS\system32\appmgmt
2008-06-05 10:40:03 72192 --a------ C:\WINDOWS\cadkasdeinst01e.exe
2008-05-27 15:28:08 1024 --a------ C:\WINDOWS\system32\winpdfstamp.dat
2008-05-26 08:44:09 139536 --a------ C:\WINDOWS\system32\javaee.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 12:23:21 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2008-05-22 12:16:09 0 d-------- C:\Documents and Settings\Trish\Application Data\RhinoSoft.com
2008-05-22 11:41:34 49664 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
2008-05-22 11:41:31 0 d-------- C:\Program Files\Active Ports
2008-05-22 11:03:31 0 d-------- C:\WINDOWS\IIS Temporary Compressed Files
2008-05-22 11:02:57 0 d-------- C:\WINDOWS\system32\Cache
2008-05-22 11:00:05 0 d-------- C:\Inetpub
2008-05-22 10:27:59 73728 --a------ C:\WINDOWS\system32\ZLIB.DLL
2008-05-22 10:27:38 49152 --a------ C:\WINDOWS\SDConfig.dll
2008-05-22 10:27:38 0 d-------- C:\Sharpdesk Desktop
2008-05-22 10:27:35 0 d-------- C:\Program Files\Common Files\Sharp Shared
2008-05-22 10:27:22 171280 --a------ C:\WINDOWS\system32\jit.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 10:27:22 46352 --a------ C:\WINDOWS\setdebug.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 10:27:21 6550 --a------ C:\WINDOWS\jautoexp.dat
2008-05-22 10:27:20 313856 --a------ C:\WINDOWS\system32\dx3j.dll <Not Verified; Microsoft Corporation; Microsoft® DirectX for Java>
2008-05-22 10:27:13 113 --a------ C:\WINDOWS\system32\zonedon.reg
2008-05-22 10:27:13 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2008-05-22 10:27:13 171792 --a------ C:\WINDOWS\system32\wjview.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 10:27:12 286992 --a------ C:\WINDOWS\system32\vmhelper.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 10:27:12 21264 --a------ C:\WINDOWS\system32\msjdbc10.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 10:27:12 947472 --a------ C:\WINDOWS\system32\msjava.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 10:27:11 154384 --a------ C:\WINDOWS\system32\msawt.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 10:27:11 172304 --a------ C:\WINDOWS\system32\jview.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 10:27:11 15120 --a------ C:\WINDOWS\system32\jdbgmgr.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 10:27:10 404752 --a------ C:\WINDOWS\system32\javart.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 10:27:10 63248 --a------ C:\WINDOWS\system32\javaprxy.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 10:27:09 187152 --a------ C:\WINDOWS\system32\javacypt.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 10:27:08 49424 --a------ C:\WINDOWS\system32\clspack.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-22 10:26:39 32768 --a------ C:\WINDOWS\wangimg.exe <Not Verified; Eastman Software, Inc., A Kodak Business; Imaging for Windows®>
2008-05-22 10:26:39 32768 --a------ C:\WINDOWS\kodakimg.exe <Not Verified; Eastman Software, Inc., A Kodak Business; Imaging for Windows®>
2008-05-22 10:25:54 0 d-------- C:\Program Files\Sharp
2008-05-22 10:24:16 0 d-------- C:\Documents and Settings\Trish\WINDOWS


-- Find3M Report ---------------------------------------------------------------

2008-06-06 12:31:32 0 d-------- C:\Program Files\GetRight
2008-05-22 10:27:35 0 d-------- C:\Program Files\Common Files
2008-05-06 08:59:39 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-05-06 08:52:06 0 d-------- C:\Program Files\WinPcap


-- Registry Dump ---------------------------------------------------------------



-- End of Deckard's System Scanner: finished at 2008-06-10 13:30:16 ------------

HiJack This

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:28:31 PM, on 10/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\BrmfBAgS.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: testCPV6 - {15421B84-3488-49A7-AD18-CBF84A3EFAF6} - C:\Program Files\Spcron\Spc.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {BE838836-5A14-461D-B964-E63B8CA523E1} - C:\WINDOWS\system32\qoMfcaWp.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [28c2af21] rundll32.exe "C:\WINDOWS\system32\mxlmeacy.dll",b
O4 - HKLM\..\Run: [BM2bf19cbd] Rundll32.exe "C:\WINDOWS\system32\qmdwhovu.dll",s
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA2874] command /c del "C:\WINDOWS\system32\qoMfcaWp.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC508] cmd /c del "C:\WINDOWS\system32\qoMfcaWp.dll_old"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Documents and Settings\Administrator\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SharpTray] "C:\Program Files\Sharp\Sharpdesk\SharpTray.exe"
O4 - HKCU\..\Run: [JavaCore] C:\Program Files\\JavaCore\\JavaCore.exe
O4 - HKCU\..\Run: [Svconr] C:\Program Files\Svconr\Svconr.exe
O4 - HKCU\..\Run: [SpeedRunner] C:\Documents and Settings\Trish\Application Data\SpeedRunner\SpeedRunner.exe
O4 - HKCU\..\Run: [SfKg6wIP] C:\Documents and Settings\Trish\Application Data\Microsoft\Windows\wpbbxb.exe
O4 - HKCU\..\Run: [QdrPack16] "C:\Program Files\QdrPack\QdrPack16.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Start Network Scanner Tool.lnk = C:\Program Files\Sharp\Sharpdesk\sdFTP.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - https://www.hunterunited.com.au/smsx.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/.../GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O18 - Protocol: bw+0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {EC3BBEDD-5050-4CD9-8802-81B9C0CC9E1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c006283F.dat
O23 - Service: Brother BidiAgent Service for Resource manager (brmfbags) - Brother Industries, Ltd. - C:\WINDOWS\system32\BrmfBAgS.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 22458 bytes

Thankyou very much for any help you provide.

Cheers
Attached Files
File Type: txt ActiveScan.txt (23.5 KB, 3 views)
File Type: txt extra.txt (6.9 KB, 5 views)
greenoznic is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here