Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 


Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads
Reload this Page CPU peaking 100% freeze
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read


Resolved HJT Threads Resolved spyware and popup issues.

 
 
LinkBack Thread Tools
Old 04-03-2006, 11:58 PM   #1 (permalink)
I helped the forums.
 
prsings's Avatar
 
Join Date: Oct 2005
Location: Colorado
Posts: 120
OS: WinXP Home

My System

Send a message via Yahoo to prsings
Cry CPU peaking 100% freeze
MY Problems:

CPU peaking 100% freeze...
----------------
New sound card (Asrdvark LX6) won't register right. In System Information I/O, it does not appear. The same in IRQs. BUT in Sys info\Components\sound devices, it DOES show.
(Name, Manufacturer, and Driver are correct)
Status: OK
Memory adress: 0xFCFF0000-0xFCFFFFFF
IRQ Channel: IRQ 21
---------------
I made another user profile (PRMusic) to specificly run MUSIC apps, but my security (Zero Knowledge's Freedom Suite) won't load.
-------------------
Frequent freezes.

________________________________
During HIJACK prep: Using keyboard in SAFE mode freezes all. While running recommended scans , could not repair/delete "ADW_SE.108715" (found by McAfee Freescan) and searching did not find it.

MY SYSTEM: Pentium 4, 2400 Mhz - 1024 MB RAM - Win XP serv pac 2- HDs C: 40GB D: + E: (partiton) 150GB - Creative Sound Blaster Audigy 2Zs - NEC DVD RW ND3540A (DVD+R9:8x, DVD-R9:4x, DVD=RW:16x/8x...) - Samsung CD-R/RW SW-248F (48x/24x/48x CD-RW)
(detailed sys report available)

After I checked all boxes in Sysconfig\startup (as instructed) I got a new error message:per Yahoo Messenger
szAppName : YPager.exe szAppVer : 7.0.0.437 szModName : hungapp
szModVer : 0.0.0.0 offset : 00000000
details:
C:\DOCUME~1\PRMERR~1\LOCALS~1\Temp\WERfb78.dir00\YPager.exe.mdmp
C:\DOCUME~1\PRMERR~1\LOCALS~1\Temp\WERfb78.dir00\appcompat.txt

Also got error box with:Java Virtual Machine launcher could not find 'mainclass
NOTE: in Sysconfig\startup, I had previously disabled everything after MemTurbo..

Logfile of HijackThis v1.99.1
Scan saved at 11:52:40 PM, on 4/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Aardvark\aardvark.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Lithic\HalfMoon\halfmoon.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MemTurbo30\MemTurbo.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\PROGRA~1\Logitech\Video\FxSvr2.exe
C:\Hijack\hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=???
??? ???
?
? ?????
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O1 - Hosts: 72.36.156.164 view.atdmt.com
O1 - Hosts: 72.36.156.164 us.a1.yimg.com
O1 - Hosts: 72.36.156.164 ad.n2434.doubleclick.net
O1 - Hosts: 72.36.156.164 n3349ad.doubleclick.net
O1 - Hosts: 72.36.156.164 altfarm.mediaplex.com
O1 - Hosts: 72.36.156.164 ad.doubleclick.net
O1 - Hosts: 72.36.156.164 z1.adserver.com
O1 - Hosts: 72.36.156.164 ar1.atwola.com
O1 - Hosts: 72.36.156.164 disney.go.com
O1 - Hosts: 72.36.156.164 rcm.amazon.com
O1 - Hosts: 72.36.156.164 familyfun.go.com
O1 - Hosts: 72.36.156.164 dist.belnk.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HalfMoonAutoStart] C:\Program Files\Lithic\HalfMoon\halfmoon.exe -minimized
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [WebSavingsfromEbates] javaw -cp "C:\Program Files\WebSavingsfromEbates\System\Code" Main lp: "C:\Program Files\WebSavingsfromEbates"
O4 - HKLM\..\Run: [vscvol.exe] c:\music programs\roland\vscvol.exe
O4 - HKLM\..\Run: [vsc32cnf.exe] c:\music programs\roland\vsc32cnf.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Startup: MemTurbo.lnk = C:\Program Files\MemTurbo30\MemTurbo.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdcc...d/tgctlins.cab
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/...1/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://scan.safety.live.com/resourc...scbase3401.cab
O16 - DPF: {70522FA2-4656-11D5-B0E9-0050DAC24E8F} - http://download.iwon.com/ct/pm3/iwonpm_8_1,0,2,5.cab
O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} - http://a14.g.akamai.net/f/14/7141/1d...0_SILENT_2.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole...rcadeRdxIE.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/...19/mcgdmgr.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...29/mcfscan.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15021/CTPID.cab
O18 - Protocol: bw+0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: avldr - avldr.dll (file missing)
O23 - Service: Aardvark Professional Audio Manager (aardvarkpm) - Aardvark Computer Systems, Inc. - C:\Program Files\Aardvark\aardvark.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
__________________
PR
My system is in my profile.
prsings is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here

Old 04-04-2006, 01:41 PM   #2 (permalink)
Moderator, Microsoft Support
 
POADB's Avatar
 
Join Date: Jul 2004
Location: United Kingdom
Posts: 6,482
OS: XP SP2


Welcome to TSF

Please subscribe to this thread to be notified of fixes as soon as they are posted by our Team. To do this, please click the "Thread Tools" button located in the original thread line and selecting "Subscribe to this Thread".

Before you begin, take a read through these instructions and download the programs that I've advised. Save the below instructions in notepad or wordpad, because you also have to work in safe mode without networking support, so this page wouldn't be available then. You should not have any browsers open during the cleaning process unless otherwise prompted.

If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are carrying out the procedures below.

Please allow yourself a few spare hours. Below are instructions for a virus scan(s) that can take longer then 2 hours.

It is also important you don't miss a step and perform everything in the right order!! .

********************************DOWNLOADS********************************

Please download these additional files/programs. Do not run them unless instructed to do so.
Unless otherwise stated, they should be stored in the same directory as the HiJackThis program.

Please download CleanUp! and install it. Do not run it yet!

Download Ewido Security Suite - Install & Update it's database but do not run it yet.

Unplug your computer from the Internet when you have finished downloading.

********************************PURGE/CLEANUP*********************************

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
  • Click "Options..."
  • Set the slider to "Standard CleanUp!"
  • Uncheck the following:
    • Delete Newsgroup cache
    • Delete Newsgroup Subscriptions
    • Scan local drives for temporary files
  • Click OK
Press the CleanUp! button to start the program. Reboot/logoff when prompted.

WARNING - CleanUp! will delete all files and folders contained within Temporary Directories. If you knowingly have items you would like to keep that are stored in these locations; Move Them Now!!!

********************************SAFE MODE*********************************

REBOOT TO SAFE MODE
  1. Restart the computer. The computer begins processing a set of instructions known as BIOS.
  2. As soon as the BIOS has finished loading, begin tapping the F8 key on your keyboard.
  3. Continue to do so until the 'Windows Advanced Options' menu appears.
  4. Using the arrow keys on the keyboard, scroll to and select the menu item - Safe Mode.

*********************************SETTING UP********************************

Enable the viewing of Hidden files
  1. From Windows Explorer, go to Tools>Folder Options>View tab.
  2. Enable the option for `Show hidden files and folder´
  3. Disable the option for `Hide file extensions for known types´
  4. Disable the option for `Hide protected operating system files´
  5. Click Yes to confirm & then click OK

********************************ADD/REMOVE********************************

Uninstall the following programs, if present, using Control Panel > Add/Remove Programs :
  • WebSavingsfromEbates

*********************************HJT FIXES**********************************

Run a scan with HiJackThis & select(tick) the following & click [Fix checked] :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=???
??? ???
?
? ?????

O4 - HKLM\..\Run: [WebSavingsfromEbates] javaw -cp "C:\Program Files\WebSavingsfromEbates\System\Code" Main lp: "C:\Program Files\WebSavingsfromEbates

FIX ALL BUT THE FIRST OF THESE 018'S

O18 - Protocol: offline-8876480 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

*****************************MANUAL DELETIONS*****************************

Locate and delete the following folder(s), if present:
  • C:\Program Files\WebSavingsfromEbates
********************************EWIDO SCAN********************************

** Please disable all other antivirus programs before proceeding.**

Run Ewido:
  • Click Scanner
  • Click Complete System Scan to begin scanning.
  • Click OK when prompted to clean files
  • With the first file it prompts to clean, select the option - "Perform action on all infections" - & choose clean and click OK
  • Once finished, click the Save report button
  • Save the report to your desktop
Close Ewido
* Ewido scan would require at least an hour. I suggest that you go grab a cup of coffee & do something else while you wait for it to complete.

********************************ONLINE SCAN********************************

REBOOT TO NORMAL MODE

Perform an online scan with Internet Explorer with Panda ActiveScan
** click on "Free use ActiveScan" located on the top right hand corner
  1. Click Check Now & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
  2. Enter your e-mail address, country, and state & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls
Begin the scan by selecting My Computer
  • If it finds any malware, it will offer you a report.
  • Please ignore any entry it finds and wants you to buy the program for removal as we will address this later.
  • Click on see report. Then click Save report
Please post that log in your next reply.

********************************CHECK LIST********************************

In your next post, please include fresh logs from:
  1. HiJackThis
  2. Online scan
  3. Ewido Results
Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now
__________________


Last edited by POADB; 04-04-2006 at 01:42 PM.
POADB is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 04-04-2006, 02:01 PM   #3 (permalink)
I helped the forums.
 
prsings's Avatar
 
Join Date: Oct 2005
Location: Colorado
Posts: 120
OS: WinXP Home

My System

Send a message via Yahoo to prsings
I am not sure how to do this, will it be evident?

"FIX ALL BUT THE FIRST OF THESE 018'S"

O18 - Protocol: offline-8876480 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
__________________
PR
My system is in my profile.
prsings is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 04-04-2006, 05:54 PM   #4 (permalink)
I helped the forums.
 
prsings's Avatar
 
Join Date: Oct 2005
Location: Colorado
Posts: 120
OS: WinXP Home

My System

Send a message via Yahoo to prsings
Pin Finished next step as instructed
Thank you for you help, I am afraid we are not quite finished, although things are already better.

I had a problem with Panda:
2. Online scan << >>provide details of any problems:
Panda Active scan:
ERROR on Page
Line: 94
Char:10
Error: Object doesn't support this property or method
Code:0

I also get error messages upon boot. They seem to be two entries I checked when checking all in msconfig as instructed. Can I now uncheck the entries that have nothing, or boxes in the command line? There are several other items in there that I don't want to run on startup. (Yahoo messenger etc.)

In your next post, please include fresh logs from:

1. HiJackThis

Logfile of HijackThis v1.99.1
Scan saved at 2:59:43 PM, on 4/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Hijack\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://mail.yahoo.com/?.redir=ymmapi...cldefstat=Def1
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost;
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O1 - Hosts: 72.36.156.164 view.atdmt.com
O1 - Hosts: 72.36.156.164 us.a1.yimg.com
O1 - Hosts: 72.36.156.164 ad.n2434.doubleclick.net
O1 - Hosts: 72.36.156.164 n3349ad.doubleclick.net
O1 - Hosts: 72.36.156.164 altfarm.mediaplex.com
O1 - Hosts: 72.36.156.164 ad.doubleclick.net
O1 - Hosts: 72.36.156.164 z1.adserver.com
O1 - Hosts: 72.36.156.164 ar1.atwola.com
O1 - Hosts: 72.36.156.164 disney.go.com
O1 - Hosts: 72.36.156.164 rcm.amazon.com
O1 - Hosts: 72.36.156.164 familyfun.go.com
O1 - Hosts: 72.36.156.164 dist.belnk.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HalfMoonAutoStart] C:\Program Files\Lithic\HalfMoon\halfmoon.exe -minimized
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdcc...d/tgctlins.cab
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/...1/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://scan.safety.live.com/resourc...scbase3401.cab
O16 - DPF: {70522FA2-4656-11D5-B0E9-0050DAC24E8F} - http://download.iwon.com/ct/pm3/iwonpm_8_1,0,2,5.cab
O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} - http://a14.g.akamai.net/f/14/7141/1d...0_SILENT_2.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole...rcadeRdxIE.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/...19/mcgdmgr.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...29/mcfscan.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15021/CTPID.cab
O18 - Protocol: bw+0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: avldr - avldr.dll (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe


2. Online scan << >>provide details of any problems:
Panda Active scan:
ERROR on Page
Line: 94
Char:10
Error: Object doesn't support this property or method
Code:0

3. Ewido Results
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 4:37:19 PM, 4/4/2006
+ Report-Checksum: 56209203

+ Scan result:

HKLM\SOFTWARE\2020Search -> Adware.2020Search : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup
C:\data -> Downloader.IstBar.ja : Cleaned with backup
:mozilla.13:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Ad-logics : Cleaned with backup
:mozilla.50:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.51:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.52:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.53:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.54:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.55:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.56:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.57:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.58:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.59:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.60:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.61:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.62:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.63:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.64:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.73:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.74:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.75:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.76:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.77:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.107:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup
:mozilla.202:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.203:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.204:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.205:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.309:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.310:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.311:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.312:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.331:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.332:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.352:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.353:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.354:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.355:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.370:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.371:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.477:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Popuptraffic : Cleaned with backup
:mozilla.478:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Popuptraffic : Cleaned with backup
:mozilla.479:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Popuptraffic : Cleaned with backup
:mozilla.480:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\9samun7s.PRsings\cookies.txt -> TrackingCookie.Popuptraffic : Cleaned with backup
:mozilla.8:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Specificpop : Cleaned with backup
:mozilla.9:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Specificpop : Cleaned with backup
:mozilla.30:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.55:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.56:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.57:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.193:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.194:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.195:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.210:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Abetterinternet : Cleaned with backup
:mozilla.211:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Abetterinternet : Cleaned with backup
:mozilla.212:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Abetterinternet : Cleaned with backup
:mozilla.227:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.291:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.339:C:\Documents and Settings\PR Merrill\Application Data\Mozilla\Firefox\Profiles\xycal7kq.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.26:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.27:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.28:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.29:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.30:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.31:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.32:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.33:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.34:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.35:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.61:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.64:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.68:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.69:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.70:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.80:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.81:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.82:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.83:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.84:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.85:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.117:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.124:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.134:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.135:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.136:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.137:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.138:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.139:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.140:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.141:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.142:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.194:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.195:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.207:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.208:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.209:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.210:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.211:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.221:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.224:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.236:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.237:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.239:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Ne : Cleaned with backup
:mozilla.240:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.254:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.255:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.256:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.258:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.263:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.264:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.265:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.282:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.283:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.284:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.285:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.286:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.328:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.329:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.330:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.331:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.332:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.333:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.334:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.335:C:\Documents and Settings\PR Merrill\My Documents\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup


::Report End
__________________
__________________
PR
My system is in my profile.
prsings is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 04-05-2006, 01:17 AM   #5 (permalink)
Moderator, Microsoft Support
 
POADB's Avatar
 
Join Date: Jul 2004
Location: United Kingdom
Posts: 6,482
OS: XP SP2


Hi, you can uncheck thos msconfig programs again, and we'll take care of any startup programs you dont want with HJT.

Download Hoster

Run Hoster.exe. Choose the Restore Original Hosts button and press OK.


Meanwhile, I need you to run through the HJT steps again, as per my previous instructions. Post a new HJT log when you're done.

Establish an internet connection & perform an online scan with Internet Explorer at Kaspersky Online Scanner

Answer Yes, when prompted to install an ActiveX component.
  • The program will then begin downloading the latest definition files.
  • Once the files have been downloaded click on NEXT
  • Locate the Scan Settings button & configure to:
    • Scan using the following Anti-Virus database:
      • Extended
    • Scan Options:
      • Scan Archives
      • Scan Mail Bases
  • Click OK & have it scan My Computer
  • Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  • Click the Save as Text button to save the file to your desktop so that you may post it in your next reply
* Turn off the real time scanner of any existing antivirus program while performing the online scan
__________________
POADB is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 04-05-2006, 08:54 PM   #6 (permalink)
I helped the forums.
 
prsings's Avatar
 
Join Date: Oct 2005
Location: Colorado
Posts: 120
OS: WinXP Home

My System

Send a message via Yahoo to prsings
Post Kaspersky found 2
I ran through it all again, ran Hoster, followed by Hijack Ewido, and Kaspersky. I am posting Hijack log file Ewido and Kaspersky .txt files.


Logfile of HijackThis v1.99.1
Scan saved at 10:45:08 AM, on 4/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Hijack\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://mail.yahoo.com/?.redir=ymmapi...cldefstat=Def1
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost;
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HalfMoonAutoStart] C:\Program Files\Lithic\HalfMoon\halfmoon.exe -minimized
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdcc...d/tgctlins.cab
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/...1/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://scan.safety.live.com/resourc...scbase3401.cab
O16 - DPF: {70522FA2-4656-11D5-B0E9-0050DAC24E8F} - http://download.iwon.com/ct/pm3/iwonpm_8_1,0,2,5.cab
O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} - http://a14.g.akamai.net/f/14/7141/1d...0_SILENT_2.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole...rcadeRdxIE.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/...19/mcgdmgr.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...29/mcfscan.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15021/CTPID.cab
O18 - Protocol: bw+0 - {01CF5A62-74CA-4EC8-9FD1-88F05A7D440C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: avldr - avldr.dll (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 12:24:36 PM, 4/5/2006
+ Report-Checksum: 310FAE15

+ Scan result:

No infected objects found.


::Report End

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Wednesday, April 05, 2006 20:35:45
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 6/04/2006
Kaspersky Anti-Virus database records: 186465
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 103507
Number of viruses found: 2
Number of infected objects: 5
Number of suspicious objects: 0
Duration of the scan process: 4815 sec

Infected Object Name - Virus Name
C:\WINDOWS\SYSTEM32\2020setup.exe/2020search2.dll Infected: not-a-virus:AdWare.Win32.PowerSearch.c
C:\WINDOWS\SYSTEM32\2020setup.exe Infected: not-a-virus:AdWare.Win32.PowerSearch.c
D:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP401\A0066067.exe/stream/data0002 Infected: not-a-virus:RiskTool.Win32.PsKill.n
D:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP401\A0066067.exe/stream Infected: not-a-virus:RiskTool.Win32.PsKill.n
D:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP401\A0066067.exe Infected: not-a-virus:RiskTool.Win32.PsKill.n

Scan process completed.
__________________
PR
My system is in my profile.
prsings is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 04-06-2006, 01:04 AM   #7 (permalink)
Moderator, Microsoft Support
 
POADB's Avatar
 
Join Date: Jul 2004
Location: United Kingdom
Posts: 6,482
OS: XP SP2


Please delete this file:

C:\WINDOWS\SYSTEM32\2020setup.exe

Are you experieincing any problems now? Please describe them in your next post.
__________________
POADB is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 04-06-2006, 08:06 AM   #8 (permalink)
I helped the forums.
 
prsings's Avatar
 
Join Date: Oct 2005
Location: Colorado
Posts: 120
OS: WinXP Home

My System

Send a message via Yahoo to prsings
Thanks so much, I hope this does it. I read the KASPERSKY report and saw some other System Information\_restore ~ files that are infected. Is there a way to remove them? My computer won't let me access them. I am still seeing 100% CPU usage spikes but less frequently, and don't seem to notice any hiccups. Is this normal?
__________________
PR
My system is in my profile.
prsings is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 04-06-2006, 11:02 AM   #9 (permalink)
Moderator, Microsoft Support
 
POADB's Avatar
 
Join Date: Jul 2004
Location: United Kingdom
Posts: 6,482
OS: XP SP2


Your system is clean. Kindly follow these simple steps in order to keep your computer clean and secure:

  1. CLEAR & RESET SYSTEM RESTORE'S CACHE - (System Volume Information folder)
    Go to Start >> Run - type control sysdm.cpl,,4 & press Enter
    • Tick on the checkbox - Turn off System Restore on all drives
    • Click Apply
    Turn it back 'On' by unticking the same checkbox & click OK


  2. DISABLE THE VIEWING OF SYSTEM FILES
    From Windows Explorer, go to Tools>Folder Options> View tab.
    • Untick - Show hidden files and folder
    • Tick - Hide file extensions for known types
    • Tick - Hide protected operating system files
    Click Yes to confirm & then click OK


  3. SECURING INTERNET EXPLORER
    From within Internet Explorer click on the Tools menu and then click on Internet Options.
    • Select the Security tab
      • Click once on the Internet icon so it becomes highlighted.
      • Select Custom Level .
        • Change 'Download signed ActiveX controls' to Prompt
        • Change 'Download unsigned ActiveX controls' to Disable
        • Change 'Initialize and script ActiveX controls not marked as safe' to Disable
        • Change 'Installation of desktop items' to Prompt
        • Change 'Launching programs and files in an IFRAME' to Prompt
        • Change 'Navigate sub-frames across different domains' to Prompt
        • When all these changes have been made, click on the OK button.
      • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    • Select OK to exit the Internet Properties page.


  4. ANTIVIRUS SOFTWARE
    It is very important that you have anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

    See this link for a listing of some online & their stand-alone antivirus programs:

    Virus, Spyware, and Malware Protection and Removal Resources

    It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.


  5. FIREWALL
    Without a firewall your computer is succeptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. A tutorial on Firewalls and a listing of some available ones can be found here.


  6. Microsoft Windows Update
    Visit windowsupdate.com regularly. This will ensure your computer always has the latest security updates. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


  7. SPYBOT - SEARCH & DESTROY
    Download and install Spybot - Search & Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with the program on a regular basis just as you would an antivirus software. A tutorial on installing & using this product can be found here


  8. AD-AWARE
    Download and install Ad-Aware. You should use this program to scan your computer on a regular basis just as you would an antivirus software in conjunction with Spybot. A tutorial on installing & using this product can be found here


  9. SPYWAREBLASTER
    SpywareBlaster prevents the installation of malicious ActiveX, adware, browser hijackers, dialers, and other potentially unwanted software. Blocks spyware/tracking cookies & restricts the actions of potentially unwanted sites.

    Unlike other programs, SpywareBlaster does not have to remain running in the background. A tutorial on installing & using this product can be found here


  10. IE-SPYAD
    IE/Spyad places more than 4000 dubious websites and domains in the IE Restricted list. This severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites. A tutorial on installing this product can be found here


  11. MVPS HOST FILE
    The MVPS Hosts file replaces your current HOSTS file with one that will restrict known ad sites form serving you unsolicited advertisements. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is the IP of your local computer. It can be downloaded here - MVPS Hosts file

Update all these programs regularly. Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically. Here are some additional utilities that will further enhance your safety.
  • Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)

  • Firefox - Use this alternate browser. Whilst Internet Explorer is not a bad browser, almost every exploit crafted is targeted to take advantage of an IE weakness.

  • Sun's Java - It's much more secure than Microsoft's Java Virtual Machine.

  • Google Toolbar - Get the free google toolbar to help stop pop up windows.

  • CleanUP! - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.

  • ERUNT - A useful freeware utility for users of Windows 2000/XP. It's made up of two parts - ERUNT & NTREGOPT.

    ERUNT will create daily complete backups of your computer's Registry. Whilst System Restore does the same thing, a corrupt registry file may prevent Windows from booting & this effectively renders disables System Restore. With ERUNT, you're able to restore the damaged Registry.

    NTREGOPT works by recreating each registry hive "from scratch", thus removing any slack space that may be left from previously modified or deleted keys. In other words, it compacts the Registry to a small size which allows Windows to load & perform faster.

  • Winpatrol - Download and install the free version of Winpatrol.
    A tutorial for this product is located here:
    Using Winpatrol to protect your computer from malicious software

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein

After doing all these, your system will be optimised against future threats.

It's okay to delete the Hijack This folder in a couple weeks if everything is working okay.
Have a safe & happy computing day.

Please respond to this thread one more time so we can mark this thread as resolved.
__________________
POADB is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 04-06-2006, 07:02 PM   #10 (permalink)
I helped the forums.
 
prsings's Avatar
 
Join Date: Oct 2005
Location: Colorado
Posts: 120
OS: WinXP Home

My System

Send a message via Yahoo to prsings
Thumbs Up Case closed!
Thanks a bunch, My machine is now faster than I am again. The suggested programs make me feel like I am surrounded by guardogs. I will contribute again soon... streatched a bit thin right now. Hat's off to all. Case closed!
__________________
PR
My system is in my profile.
prsings is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
 

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 09:44 PM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2009, Tech Support Forum
Home Tips Plus | Outdoor Basecamp | Automotive Support Forum

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85