Tech Support Forum banner
Status
Not open for further replies.
1 - 1 of 1 Posts

·
Registered
Joined
·
1 Posts
Discussion Starter · #1 · (Edited)
OS:Vista SP1
ASUS G1 Laptop


Hello,

Glad to be here and hope I can get some help with. Not completely sure I have something going on but I had one of my computers on my network get a very bad Virus or some sort of logger .It ran so slow and when I tried to scan it it would reboot. Now one of my other computers is running slow but it will let me scan it with Webroot and AVG. I have ran through your 5 steps and wanted to see what you think :
Deckard's System Scanner v20071014.68
Run by Chester on 2008-05-24 11:48:30
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
13: 2008-05-24 16:10:38 UTC - RP529 - Windows Update
12: 2008-05-24 08:00:50 UTC - RP528 - Windows Update
11: 2008-05-23 15:32:03 UTC - RP527 - Windows Update
10: 2008-05-22 06:28:00 UTC - RP526 - Windows Update
9: 2008-05-21 08:07:53 UTC - RP525 - Windows Update


-- First Restore Point --
1: 2008-05-15 18:43:44 UTC - RP516 - Installed AVG Free 8.0


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Chester.exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:52:05 AM, on 5/24/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ASUS Direct Console\LCMP.exe
C:\Program Files\PowerForPhone\PowerForPhone\PowerForPhone.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Users\Chester\Desktop\dss.exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Chester.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] "C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [DirectMessenger] "C:\Program Files\ASUS\ASUS Direct Console\LCMP.EXE"
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\PowerForPhone\PowerForPhone\PowerForPhone.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [RunSpySweeperScheduleAtStartup] "C:\Windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{48A8F01C-02A4-4990-9EB7-8D4232FF8E0B}
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [LDM] "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON Stylus CX7800 Series] "C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE" /FU "C:\Users\Chester\AppData\Local\Temp\E_S12C7.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files\PdaNet 4.10\PdaNet.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: MultiFrame.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {DE0FB644-C59B-46D1-B650-88BA945BC98F} - http://entriq.vo.llnwd.net/o1/NBCUniversal/cabs/NBCUniversal_1_0_0_9.cab
O18 - Protocol: bw+0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E02C9404-25AD-4223-B9F5-DE593A3C1AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll,avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Unknown owner - C:\Program Files\Kontiki\KService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MPICH2 Process Manager, Argonne National Lab (mpich2_smpd) - Unknown owner - C:\Windows\system32\smpd.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 22356 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 ghaio - \??\c:\program files\asus\nb probe\spm\ghaio.sys
R3 WCPU - \??\c:\program files\p4g\wcpu.sys

S3 NETw4v32 (Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit) - c:\windows\system32\drivers\netw4v32.sys <Not Verified; Intel Corporation; Intel® Wireless WiFi Link Adapter>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 ASLDRService (ASLDR Service) - c:\program files\atk hotkey\asldrsrv.exe <Not Verified; ; ADSMSrv>
R2 mpich2_smpd (MPICH2 Process Manager, Argonne National Lab) - c:\windows\system32\smpd.exe
R2 RegSrvc (Intel(R) PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel(R) PROSet/Wireless Registry Service>
R2 spmgr - c:\program files\asus\nb probe\spm\spmgr.exe <Not Verified; ; spmgr Module>
R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>

S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S3 NMIndexingService - "c:\program files\common files\ahead\lib\nmindexingservice.exe" <Not Verified; Nero AG; Nero Home>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-05-23 16:26:12 422 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{48A8F01C-02A4-4990-9EB7-8D4232FF8E0B}.job
2008-05-22 00:15:21 1492 --a------ C:\Windows\Tasks\wrSpySweeperTrialSweep.job
2007-08-18 13:12:36 286 --a------ C:\Windows\Tasks\WBid 3.1 Updates.job


-- Files created between 2008-04-24 and 2008-05-24 -----------------------------

2008-05-24 11:51:21 0 d-------- C:\Program Files\Trend Micro
2008-05-24 00:08:15 0 d-------- C:\Windows\BDOSCAN8
2008-05-18 20:41:36 0 d-------- C:\Program Files\KeePass Password Safe
2008-05-17 12:32:15 0 d-------- C:\Windows\system32\drivers\Avg
2008-05-15 12:42:31 0 d-------- C:\Program Files\AVG
2008-05-11 17:20:09 315392 --a------ C:\Windows\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-05-11 14:57:19 90112 --a------ C:\Windows\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
2008-05-11 14:57:10 0 d-------- C:\Program Files\NGO NVIDIA Optimized Driver v1.16925
2008-05-10 21:53:11 0 d------c- C:\Windows\system32\DRVSTORE
2008-05-09 00:28:10 0 d-------- C:\Program Files\Panda Security
2008-05-05 19:27:09 0 d-------- C:\Program Files\Purple Ghost
2008-05-04 16:10:49 0 d-------- C:\Program Files\Cablenut
2008-05-04 15:10:06 0 d-------- C:\Program Files\CCleaner
2008-05-04 11:28:29 0 d-------- C:\Program Files\Sun
2008-05-03 15:21:28 0 d-------- C:\Program Files\Joost
2008-05-03 10:09:00 0 d-------- C:\joust
2008-05-02 21:25:54 0 d--h----- C:\Windows\msdownld.tmp
2008-05-02 21:25:47 0 d-------- C:\Windows\system32\directx
2008-04-27 00:57:00 155648 --a------ C:\Windows\system32\ACEngSvr.exe <Not Verified; ASUSTeK; ACEngSvr Module>
2008-04-26 16:48:07 0 d-------- C:\Program Files\Common Files\Skype


-- Find3M Report ---------------------------------------------------------------

2008-05-24 11:34:46 0 d-------- C:\Program Files\CureROM
2008-05-24 10:05:03 111918 --a------ C:\Users\Chester\AppData\Roaming\nvModes.001
2008-05-24 03:18:13 1280 --a------ C:\Windows\bthservsdp.dat
2008-05-23 22:59:38 0 d-------- C:\Users\Chester\AppData\Roaming\SystemRequirementsLab
2008-05-23 22:59:29 0 d-------- C:\Program Files\SystemRequirementsLab
2008-05-19 18:52:25 0 d-------- C:\Program Files\World of Warcraft
2008-05-19 12:28:31 0 d-------- C:\Program Files\EPSON
2008-05-18 20:51:14 0 d-------- C:\Program Files\Mozilla Firefox 3 Beta 5
2008-05-17 21:21:17 111918 --a------ C:\Users\Chester\AppData\Roaming\nvModes.dat
2008-05-16 17:14:23 0 d-------- C:\Program Files\Windows Mail
2008-05-15 12:49:28 45056 --a------ C:\Windows\system32\acovcnt.exe
2008-05-12 22:22:16 0 d-------- C:\Users\Chester\AppData\Roaming\NeroDCTemplates
2008-05-11 22:28:21 0 d-------- C:\Users\Chester\AppData\Roaming\Skype
2008-05-11 22:02:06 0 d-------- C:\Users\Chester\AppData\Roaming\Auslogics
2008-05-11 21:45:21 0 d-------- C:\Program Files\Auslogics
2008-05-11 18:10:52 0 d-------- C:\Users\Chester\AppData\Roaming\skypePM
2008-05-11 17:20:57 0 d-------- C:\Program Files\Realtek
2008-05-11 14:35:50 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-11 14:35:50 0 d-------- C:\Program Files\ASUS
2008-05-05 19:28:24 0 d-------- C:\Users\Chester\AppData\Roaming\Purple Ghost Software, Inc
2008-05-04 23:33:02 0 d-------- C:\Program Files\Replay Music 2
2008-05-04 11:26:37 0 d-------- C:\Program Files\Java
2008-05-03 15:22:17 0 d-------- C:\Users\Chester\AppData\Roaming\Joost
2008-05-02 21:07:32 0 d-------- C:\Program Files\Microsoft Silverlight
2008-05-01 18:54:27 0 d-------- C:\Program Files\InfraRecorder
2008-04-30 17:03:34 546 --a------ C:\Windows\system32\ABG1.DAT
2008-04-26 16:48:07 0 d-------- C:\Program Files\Common Files
2008-04-19 23:36:01 0 d-------- C:\Program Files\Safari
2008-04-19 23:30:54 0 d-------- C:\Program Files\Apple Software Update
2008-04-12 20:19:55 0 d-------- C:\Users\Chester\AppData\Roaming\Mozilla
2008-04-12 19:08:49 0 d-------- C:\Program Files\DAEMON Tools
2008-04-12 18:24:23 164 --a------ C:\install.dat
2008-04-12 16:39:52 174 --ahs---- C:\Program Files\desktop.ini
2008-04-12 16:28:34 0 d-------- C:\Program Files\Windows Calendar
2008-04-12 16:28:32 0 d-------- C:\Program Files\Windows Sidebar
2008-04-12 16:28:29 0 d-------- C:\Program Files\Movie Maker
2008-04-12 16:28:09 0 d-------- C:\Program Files\Windows Collaboration
2008-04-12 16:28:07 0 d-------- C:\Program Files\Windows Journal
2008-04-12 16:28:01 0 d-------- C:\Program Files\Windows Photo Gallery
2008-04-12 16:27:13 0 d-------- C:\Program Files\Windows Defender
2008-04-12 12:54:31 0 d-------- C:\Users\Chester\AppData\Roaming\Webroot
2008-04-12 12:54:31 0 d-------- C:\Program Files\Webroot
2008-04-06 01:48:06 0 d-------- C:\Program Files\Stardock
2008-04-06 01:04:53 0 d-------- C:\Program Files\Common Files\Stardock
2008-04-05 18:00:09 0 d-------- C:\Program Files\iTunes
2008-04-05 18:00:03 0 d-------- C:\Program Files\iPod
2008-04-05 17:57:56 0 d-------- C:\Program Files\QuickTime
2008-03-30 02:39:49 0 d-------- C:\Users\Chester\AppData\Roaming\Winamp
2008-03-10 14:19:45 6473 --a------ C:\Users\Chester\AppData\Roaming\Replay Music 3 Setup Log.txt
2008-03-10 14:19:09 737280 --a------ C:\Windows\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown



-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8120 more entries in hosts file.
Thanks again I will attach the extra.ext to my post.
I did not install spyblaster .I have webroot spyware but if you still think I should please let me know.

BackBowl


-- End of Deckard's System Scanner: finished at 2008-05-24 11:55:00 ------------
 

Attachments

1 - 1 of 1 Posts
Status
Not open for further replies.
Top