Laptop Slowing Down!!!! ALOT!!!

**awjohnson2** · 10-05-2007

My laptop has become slow over the last month or so; so I created a HijackThis log and DEAR LORD I have never seen this many things come up. There are so many that I could really use some help trying to figure out which ones are not needed or bad. Please help and thanks.

Here is the HT Log:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 8:11:15 PM, on 5/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Grisoft\AVG7\avgwb.dat
C:\Program Files\SlimBrowser\sbrowser.exe
C:\Documents and Settings\Owner.Apocaliptor\My Documents\HiJackThis_v2.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] ---C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] ---"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SynTPLpr] ---C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] ---C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Reminder] ---
O4 - HKLM\..\Run: [Recguard] ---
O4 - HKLM\..\Run: [ATICCC] ---"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SigmatelSysTrayApp] ---stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] ---C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] --C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [MSKDetectorExe] ---C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [ccApp] ---"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] ---"C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] ---C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] ---C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] ---"C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [ElbyCheckAnyDVD] ---"C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
O4 - HKLM\..\Run: [AnyDVD] ---C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [GrooveMonitor] ---"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [Power2GoExpress] ---NA
O4 - HKCU\..\Run: [MSMSGS] ---"C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Norton SystemWorks] ---"C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] ---C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] -C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: bw+0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: iifcaaa - iifcaaa.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - ---"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - ---"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" (file missing)
O23 - Service: Symantec Password Validation (ccPwdSvc) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe" (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" (file missing)
O23 - Service: Google Updater Service (gusvc) - Unknown owner - -"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" (file missing)
O23 - Service: LiveUpdate - Unknown owner - ---"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE" (file missing)
O23 - Service: Microsoft Office Groove Audit Service - Unknown owner - ---"C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe" (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - ---"C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe" (file missing)
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Unknown owner - ---"C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe" (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Unknown owner - ---C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE (file missing)
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Office Source Engine (ose) - Unknown owner - ---"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (file missing)
O23 - Service: PrismXL - Unknown owner - ---C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (file missing)
O23 - Service: SAVScan - Unknown owner - ---"C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe" (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - ---C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" (file missing)
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe" (file missing)
O23 - Service: Speed Disk service - Unknown owner - ---C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - ---C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - ---C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 23280 bytes

Thanks

**awjohnson2** · 10-05-2007

Also....Here is the hardware scan:

OS Information:
Property Value
OS Name Microsoft Windows XP Professional|C:\WINDOWS|\Device\Harddisk0\Partitio n1
Service Pack 2.0
OS Manufacturer Microsoft Corporation
Windows Directory C:\WINDOWS

Processor:
Property Value
Current Clock Speed 1595
Description x86 Family 15 Model 72 Stepping 2
Manufacturer AuthenticAMD
Name AMD Turion(tm) 64 X2 Mobile Technology TL-52

Current Clock Speed 1595
Description x86 Family 15 Model 72 Stepping 2
Manufacturer AuthenticAMD
Name AMD Turion(tm) 64 X2 Mobile Technology TL-52

Memory (RAM):
Property Value
Bank Label DIMM1
Capacity 1073741824

Bank Label DIMM2
Capacity 1073741824

Total Memory Deteced in Hardware: ~2048 MB
Memory Reported to Operating System: 1918MB

Disk Drives:
Property Value
Description Disk drive
Manufacturer (Standard disk drives)
Model ST9160821A
Media Type Fixed hard disk media
Size 160039272960 (~149 GB)
Number of Partitions 2

Installed Printers:
Property Value
Name Send To OneNote 2007
Port Name Send To Microsoft OneNote Port:
Default True
Driver Name Send To Microsoft OneNote Driver

Motherboard:
Property Value
Manufacturer Gateway
Model
Name Base Board
Part Number
Product
Serial Number QTFDHJ64002941
Version 84.03

BIOS:
Property Value
Manufacturer Phoenix Technologies LTD
Name Rev 1.0
Release Date 20061013000000.000000+000
Version GATEWA - 20061013

Monitor:
Property Value
Description Generic Television
Name Generic Television
Screen Height 800
Screen Width 1280

Keyboard:
Property Value
Description Standard 101/102-Key or Microsoft Natural PS/2 Keyboard

Pointing Device:
Property Value
Manufacturer (Standard system devices)
Name USB Human Interface Device

Manufacturer Synaptics
Name Synaptics PS/2 Port TouchPad

Sound Card:
Property Value
Manufacturer SigmaTel
Description SigmaTel High Definition Audio CODEC
Device ID HDAUDIO\FUNC_01&VEN_8384&DEV_7634&SUBSYS_107B0367& REV_1001\4&C38BD79&0&0001

Video Card:
Property Value
Adapter Compatibility ATI Technologies Inc.
Adapter RAM 268435456
Description ATI RADEON XPRESS 200M Series
Installed Display Drivers ati2dvag.dll
Driver Version 6.14.10.6614
Driver Date 4/5/2006 5:58:44 AM
Video Mode Description 1280 x 800 x 4294967296 colors

DirectX Installation:
Property Value

Modem:
Property Value
Model Motorola SM56 Data Fax Modem
Name Motorola SM56 Data Fax Modem

Network Adapters:
Property Value
Description Marvell Yukon 88E8038 PCI-E Fast Ethernet Controller - Packet Scheduler Miniport
Description
Description Broadcom 802.11g Network Adapter - Packet Scheduler Miniport
Description
Description

External Ports:
Property Value
External Reference Designator CRT
External Reference Designator USB 1
External Reference Designator USB 2
External Reference Designator USB 3
External Reference Designator USB 4
External Reference Designator Microphone In
External Reference Designator Speaker Out

Expansion Slots:
Property Value

**VopThis** · 10-05-2007

If you are running two (2) real-time, always on antivirus tools at the same time that could present a horrible problem thru conflicts, slowdowns, and incompatibilities. You should uninstall one of them in that case.

Also, uninstall the current install for HijackThis so that we may get a proper install (not the BETA version) as per instructions below and to provide further diagnostics:

Please download Deckard's System Scanner (DSS) to your desktop.

Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, a text file will open - Main.txt
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of Main.txt in your thread in the HijackThis Log Help Forum.
An additional text file, Extra.txt,will also be available (by default) in the following FOLDER, C:\Deckard\System Scanner.
Please go to that FOLDER and also copy the contents of Extra.txt to your post as well.

Note: some firewalls may warn that sigcheck.exe is trying to access the internet - please ensure that you allow sigcheck.exe permission to do so.

What DSS will do:

Create a new System Restore point in Windows XP and Vista.
Clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
Check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have it installed.

Post Logs:

DSS Scan Results: contents of:
- 1) Main.txt
- 2) Extra.txt

**awjohnson2** · 12-05-2007

Ok, so here is the crazy part. I removed the Norton software and left on the AVG and for some reason when I log onto D-A-L.com and log in I cannot post or reply or ANYTHING but read. I am having to update this from my desktop!!!

Here are the two logs requested:

**awjohnson2** · 12-05-2007

Main.txt

Deckard's System Scanner v20070426.43
Run by Owner on 2007-05-10 at 14:05:44
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
36: 2007-05-10 18:05:50 UTC - RP56 - Deckard's System Scanner Restore Point
35: 2007-05-10 07:00:55 UTC - RP55 - Software Distribution Service 2.0
34: 2007-05-09 23:51:27 UTC - RP54 - System Checkpoint
33: 2007-05-08 21:58:55 UTC - RP53 - System Checkpoint
32: 2007-04-30 01:32:22 UTC - RP52 - Installed Windows XP Wdf01005.

-- First Restore Point --
1: 2007-02-11 08:03:49 UTC - RP21 - System Checkpoint

Backed up registry hives.

Performed disk cleanup.

-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 2:08:06 PM, on 5/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner.Apocaliptor\My Documents\dss.exe
C:\PROGRA~1\HIJACK~1\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] ---C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] ---"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SynTPLpr] ---C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] ---C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Reminder] ---
O4 - HKLM\..\Run: [Recguard] ---
O4 - HKLM\..\Run: [ATICCC] ---"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SigmatelSysTrayApp] ---stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] ---C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] --C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [MSKDetectorExe] ---C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [QuickTime Task] ---"C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] ---C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] ---C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] ---"C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [ElbyCheckAnyDVD] ---"C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
O4 - HKLM\..\Run: [AnyDVD] ---C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [GrooveMonitor] ---"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [Power2GoExpress] ---NA
O4 - HKCU\..\Run: [MSMSGS] ---"C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] ---C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O18 - Protocol: bw+0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: offline-8876480 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: iifcaaa - iifcaaa.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - ---"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - ---"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - -"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: LiveUpdate - Unknown owner - ---"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: Microsoft Office Groove Audit Service - Unknown owner - ---"C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (file missing)
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Office Source Engine (ose) - Unknown owner - ---"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: PrismXL - Unknown owner - ---C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - ---C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 Vax347b - c:\windows\system32\drivers\vax347b.sys
R0 Vax347s - c:\windows\system32\drivers\vax347s.sys
R1 Cdr4_xp - c:\windows\system32\drivers\cdr4_xp.sys <Not Verified; Roxio; Drag-to-Disc>
R1 Cdralw2k - c:\windows\system32\drivers\cdralw2k.sys <Not Verified; Roxio; Drag-to-Disc>
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.5.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.5.0>
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R2 CommSB96 - c:\windows\system32\drivers\commsb96.sys <Not Verified; Motorola; >
R2 CommSBEP - c:\windows\system32\drivers\commsbep.sys <Not Verified; Motorola; >
R2 ElbyCDIO (ElbyCDIO Driver) - c:\windows\system32\drivers\elbycdio.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R2 LBeepKE - c:\windows\system32\drivers\lbeepke.sys <Not Verified; Logitech, Inc.; Logitech SetPoint(TM)>
R3 AnyDVD - c:\windows\system32\drivers\anydvd.sys <Not Verified; SlySoft, Inc.; AnyDVD>
R3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes; CDRTools>
R3 Pcouffin (Low level access layer for CD devices) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

S2 CDRPDACC (Arrowkey Device Access) - ---\??\c:\program files\321studios\shared\cdrpdacc.sys (file missing)
S3 SymEvent - ---\??\c:\program files\symantec\symevent.sys (file missing)
S3 SYMIDSCO - c:\progra~1\common~1\symant~1\symcdata\ids-di~1\20070221.002\symidsco.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 O&O Defrag - c:\windows\system32\oodag.exe <Not Verified; O&O Software GmbH; O&O Defrag>

S2 Automatic LiveUpdate Scheduler - ---"c:\program files\symantec\liveupdate\aluschedulersvc.exe" (file missing)
S2 PrismXL - ---c:\program files\common files\new boundary\prismxl\prismxl.sys (file missing)
S2 SNDSrvc (Symantec Network Drivers Service) - ---"c:\program files\common files\symantec shared\sndsrvc.exe" (file missing)
S2 StarWindService (StarWind iSCSI Service) - ---c:\program files\alcohol soft\alcohol 120\starwind\starwindservice.exe (file missing)
S3 Adobe LM Service - ---"c:\program files\common files\adobe systems shared\service\adobelmsvc.exe" (file missing)
S3 gusvc (Google Updater Service) - -"c:\program files\google\common\google updater\googleupdaterservice.exe" (file missing)
S3 LiveUpdate - ---"c:\progra~1\symantec\liveup~1\lucoms~1.exe" (file missing)
S3 Microsoft Office Groove Audit Service - ---"c:\program files\microsoft office\office12\grooveauditservice.exe" (file missing)
S3 ose (Office Source Engine) - ---"c:\program files\common files\microsoft shared\source engine\ose.exe" (file missing)

-- Files created between 2007-04-10 and 2007-05-10 -----------------------------

2007-05-10 03:04:33 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-04-25 02:00:56 0 dr-h----- C:\$VAULT$.AVG
2007-04-25 00:32:40 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-04-25 00:31:20 0 d-------- C:\Documents and Settings\Owner.Apocaliptor\Application Data\AVG7
2007-04-25 00:31:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-04-25 00:31:10 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7

-- Find3M Report ---------------------------------------------------------------

2007-05-10 14:05:39 0 d-------- C:\Documents and Settings\Owner.Apocaliptor\Application Data\SlimBrowser
2007-05-10 14:02:05 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-05-10 13:59:34 0 d-------- C:\Program Files\Symantec
2007-05-08 16:26:49 0 d-------- C:\Program Files\World of Warcraft
2007-04-29 21:31:10 0 d-------- C:\Program Files\Common Files\Logitech
2007-04-20 01:22:55 0 d-------- C:\Documents and Settings\Owner.Apocaliptor\Application Data\U3
2007-04-16 22:19:43 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-03-28 11:57:04 0 d-------- C:\Documents and Settings\Owner.Apocaliptor\Application Data\Logitech
2007-03-28 11:12:47 0 d-------- C:\Program Files\Logitech
2007-03-27 13:45:41 0 d-------- C:\Program Files\Gateway Games
2007-03-26 16:41:32 931 --a------ C:\WINDOWS\system32\winpfz32.sys
2007-03-22 15:53:46 0 d-------- C:\Program Files\Google
2007-03-22 15:34:27 687592 --a------ C:\WINDOWS\system32\atmtd.dll
2007-03-22 15:34:09 0 --a------ C:\wjjkktp.exe
2007-03-22 15:33:53 0 --a------ C:\eghrbp.exe
2007-03-22 15:33:36 0 --a------ C:\pmgxi.exe
2007-03-22 15:33:20 0 --a------ C:\inprrnm.exe
2007-03-22 15:33:03 0 --a------ C:\ifmkarh.exe
2007-03-22 15:32:43 0 --a------ C:\tejdedqn.exe
2007-03-22 15:32:29 8464 --a------ C:\WINDOWS\system32\sporder.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
2007-03-22 15:32:26 0 --a------ C:\ccqpkwx.exe
2007-03-22 15:32:10 0 --a------ C:\aqxrcxnf.exe
2007-03-22 15:31:52 0 --a------ C:\1219496779
2007-03-22 00:19:14 0 d-------- C:\Documents and Settings\Owner.Apocaliptor\Application Data\Google
2007-03-16 22:51:13 0 d-------- C:\Documents and Settings\Owner.Apocaliptor\Application Data\CyberLink

-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects]
{53707962-6F74-2D53-2644-206D7942484F} C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar3.dll
{CA6319C0-31B7-401E-A518-A07C3DB8F777} c:\windows\system32\BAE.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run]
"ehTray"="---C:\\WINDOWS\\ehome\\ehtray.exe"
"Google Desktop Search"="---\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"SynTPLpr"="---C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="---C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"Reminder"="---"
"Recguard"="---"
"ATICCC"="---\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"SigmatelSysTrayApp"="---stsystra.exe"
"SMSERIAL"="---C:\\Program Files\\Motorola\\SMSERIAL\\sm56hlpr.exe"
"Broadcom Wireless Manager UI"="--C:\\WINDOWS\\system32\\WLTRAY.exe"
"MSKDetectorExe"="---C:\\Program Files\\McAfee\\SpamKiller\\MSKDetct.exe /uninstall"
"QuickTime Task"="---\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"Symantec NetDriver Monitor"="---C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"NeroFilterCheck"="---C:\\WINDOWS\\system32\\NeroCheck.exe"
"CloneDVDElbyDelay"="---\"C:\\Program Files\\Elaborate Bytes\\CloneDVD\\ElbyCheck.exe\" /L ElbyDelay"
"ElbyCheckAnyDVD"="---\"C:\\Program Files\\SlySoft\\AnyDVD\\ElbyCheck.exe\" /L AnyDVD"
"AnyDVD"="---C:\\Program Files\\SlySoft\\AnyDVD\\AnyDVD.exe"
"GrooveMonitor"="---\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc. exe /STARTUP"
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run]
"Power2GoExpress"="---NA"
"MSMSGS"="---\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.ex e"
"updateMgr"="---C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.546 2\\GoogleToolbarNotifier.exe"
"LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessen ger.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4 f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65 ,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,5 3,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74 ,68,65,6d,65,00

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"DisableTaskMgr"=dword:00000000
"DisableRegistryTools"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoRun"=dword:00000000
"NoClose"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook"
"{DC5B2C9E-7845-4C90-873D-44742FB9ED66}"=""

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifcaaa

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"appinit_dlls"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62 ~1.DLL"

HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\safeboot\minimal\WdfLoadGroup

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnph ost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\F]
Shell\AutoRun\command F:\LaunchU3.exe -a

-- End of Deckard's System Scanner: finished at 2007-05-10 at 14:08:49 ---------

Extra.txt

Deckard's System Scanner v20070426.43
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Turion(tm) 64 X2 Mobile Technology TL-52
CPU 1: AMD Turion(tm) 64 X2 Mobile Technology TL-52
Percentage of Memory in Use: 25%
Physical Memory (total/avail): 1918.04 MiB / 1437.86 MiB
Pagefile Memory (total/avail): 3810.23 MiB / 3460.92 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1965.67 MiB

C: is Fixed (NTFS) - 142.2 GiB total, 107.08 GiB free.
D: is Fixed (FAT32) - 6.83 GiB total, 4.7 GiB free.
E: is CDROM (No Media)
G: is CDROM (No Media)

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

FW: v (McAfee) Disabled
FW: AVG Firewall 7.5.464 v7.5.464 (GRISOFT)
AV: AVG 7.5.467 v7.5.467 (GRISOFT)
AV: McAfee VirusScan v (McAfee)

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner.Apocaliptor\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=APOCALIPTOR
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner.Apocaliptor
LOGONSERVER=\\APOCALIPTOR
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\Sys tem32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\;C:\Program Files\Common Files\Adobe\AGL
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4802
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\OWNER~1.APO\LOCALS~1\Temp
TMP=C:\DOCUME~1\OWNER~1.APO\LOCALS~1\Temp
USERDOMAIN=APOCALIPTOR
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner.Apocaliptor
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

Owner.Apocaliptor (admin)
Administrator (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uninstall.exe"
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
AnyDVD --> "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> MsiExec.exe /I{01C0CB1D-FF49-43F1-ADC5-65F05DB7BDD1}
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallI NFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class

ISPLAY -clean
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
BigFix --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll"
Broadcom 802.11 Network Adapter --> "C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter"
Browser Address Error Redirector --> regsvr32 /u /s "c:\windows\system32\BAE.dll"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer --> MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
CloneDVD --> "C:\Program Files\Elaborate Bytes\CloneDVD\CloneDVD-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD"
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
DVD Solution --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
DVD X Copy Platinum 4.0.3 --> "C:\Program Files\321Studios\Platinum\uninstall.exe"
DVD X Rescue --> C:\PROGRA~1\321STU~1\DVDXRE~1\UNWISE.EXE C:\PROGRA~1\321STU~1\DVDXRE~1\INSTALL.LOG
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
gtw_logo --> C:\WINDOWS\system32\gtw_logo.scr /UNINSTALL "C:\WINDOWS\system32\gtw_logo.log"
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\s puninst.exe"
HijackThis 1.99.1 --> C:\PROGRA~1\HIJACK~1\HijackThis.exe /uninstall
J2SE Runtime Environment 5.0 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
KhalSetup --> MsiExec.exe /I{C89C8D86-4423-4A58-AA40-DD259ACE07C1}
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x9 UNINSTALL -removeonly
Logitech SetPoint --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
Microsoft Digital Image Starter Edition 2006 --> "C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=TRIAL VERSION=11
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spunins t.exe"
Microsoft Money 2006 --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Motorola Professional Radio CPS-R04.00.01-LA --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Motorola\Professional Radio CPS R04.00.01\UnProRadLANTR04.00.01isu"
Motorola SM56 Data Fax Modem --> rundll32.exe sm56coin.dll,SM56UnInstaller
Napster Burn Engine --> MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
Nero 6 Ultra Edition --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
O&O Defrag Professional Edition --> MsiExec.exe /I{53480370-6CA2-47EC-BC05-02B4B9271C31}
Power2Go 4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Excel 2007 (KB934670) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD098537-8857-4065-B4B6-AC023CB2C48E}
Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
Security Update for Step By Step Interactive Training (KB898458) -->
SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
SlimBrowser (remove only) --> "C:\Program Files\SlimBrowser\uninst.exe"
Sonic Encoders --> MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sony Sound Forge 8.0d --> MsiExec.exe /X{5636E517-8100-4E2A-B69E-2B16AFFA2360}
SPBBC --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUnin stall
Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\ID river.exe /M{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A} /l1033
Update for Office 2007 (KB932080) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB933688) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F6E692F1-63C2-4760-94C6-C689DCD053F1}
Update for Office 2007 (KB934393) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
Update for Outlook 2007 Junk Email Filter (KB934655) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F7185592-E40D-476E-9BC4-38DF96EE176B}
Update for Word 2007 (KB934173) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}
Update Rollup 2 for Windows XP Media Center Edition 2005 --> C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst .exe
VideoLAN VLC media player 0.8.4a --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6 A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_6FE44FCD212D4A0 86C7BC0C98B9A619782073FB7\amdk8.inf
Windows XP Media Center Edition 2005 KB914548 --> "C:\WINDOWS\$NtUninstallKB914548$\spuninst\spunins t.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
World of Warcraft --> C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe

-- End of Deckard's System Scanner: finished at 2007-05-10 at 14:08:49 ---------

**VopThis** · 13-05-2007

AV: AVG 7.5.467 v7.5.467 (GRISOFT)
AV: McAfee VirusScan v (McAfee)

You are still running two (2) real-time, always on antivirus tools at the same time that could present a horrible problem thru conflicts, slowdowns, and incompatibilities. You should uninstall all but one of them in that case.

HIDDEN FILES: To make sure you can see any and all hidden files, please follow the directions here

Submit the following file(s) to VirusTotal for their immediate evaluation and feedback. Use any of the following methods, as appropriate:

Locate FULL FILE PATH if not apparent. Use Start (BUTTON)>Search, [WINDOWS+F] keys, or F3 key (from desktop).
Copy & Paste the FULL FILE PATH in the input BOX
-- OR --
Navigate to the file in question.

Post those results in your next reply (if malware findings were indicated) for:
2007-03-22 15:34:09 0 --a------ C:\wjjkktp.exe
2007-03-22 15:33:53 0 --a------ C:\eghrbp.exe
2007-03-22 15:33:36 0 --a------ C:\pmgxi.exe
2007-03-22 15:33:20 0 --a------ C:\inprrnm.exe
2007-03-22 15:33:03 0 --a------ C:\ifmkarh.exe
2007-03-22 15:32:43 0 --a------ C:\tejdedqn.exe
2007-03-22 15:32:26 0 --a------ C:\ccqpkwx.exe
2007-03-22 15:32:10 0 --a------ C:\aqxrcxnf.exe
2007-03-22 15:31:52 0 --a------ C:\1219496779

**awjohnson2** · 21-05-2007

I have tried to remove the McAfee but it does not show up with a way to take it off. When I go to add/remove programs it doesn't show up there. Is there a way to force is off of the computer. I ran those files through the site you suggested and I tried to post the results but I was unable to do it. That site said that those files were a worm of some sort and suggested a program to get rid of it. I downloaded the program and ran it but I didn't really notice a difference. Still I need to get rid of McAfee somehow and I don't know how to do it.

**VopThis** · 21-05-2007

Try using the McAfee Consumer Products Removal tool (MCPR.exe):

http://ts.mcafeehelp.com/displaydoc....egoryId=107187

That site [VirusTotal] said that those files were a worm of some sort and suggested a program to get rid of it.

Try deleting those files in SAFE MODE (gently tap the F8 key while rebooting).

**awjohnson2** · 21-05-2007

Wow, now I can post directly from my laptop. Here is the latest Hijack This log.

Logfile of HijackThis v1.99.1
Scan saved at 11:11:51 AM, on 5/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O4 - HKLM\..\Run: [ehTray] ---C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPLpr] ---C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] ---C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Reminder] ---
O4 - HKLM\..\Run: [Recguard] ---
O4 - HKLM\..\Run: [ATICCC] ---"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SigmatelSysTrayApp] ---stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] ---C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] --C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [QuickTime Task] ---"C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] ---C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [RegistrySmart] "C:\Program Files\RegistrySmart\RegistrySmart.exe" -boot
O4 - HKLM\..\Run: [NeroFilterCheck] ---C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSKDetectorExe] ---C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [GrooveMonitor] ---"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CloneDVDElbyDelay] ---"C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKCU\..\Run: [Power2GoExpress] ---NA
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] ---C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - HKCU\..\Run: [MSMSGS] ---"C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O18 - Protocol: bw+0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: offline-8876480 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: iifcaaa - iifcaaa.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - ---"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - ---"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: LiveUpdate - Unknown owner - ---"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: Microsoft Office Groove Audit Service - Unknown owner - ---"C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (file missing)
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Office Source Engine (ose) - Unknown owner - ---"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: PrismXL - Unknown owner - ---C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - ---C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

:::::::::::::

**VopThis** · 21-05-2007

Were you able to remove the 'worm' infection items? How is your PC now performing?

If there should no longer be any Norton/Symantec products on your PC there is another item that may need to be uninstalled in the Control Panel (Add/Remove Programs) - Liveupdate

Fix the following (orphaned/clutter) items in HijackThis, as appropriate:

O4 - HKLM\..\Run: [SYMANTEC NETDRIVER MONITOR] ---C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - ---"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: LiveUpdate - Unknown owner - ---"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)

Post a revised HijackThis LOG, please.

Laptop Slowing Down!!!! ALOT!!!

Laptop Slowing Down!!!! ALOT!!!

Similar Threads

Computer lags alot during game

Hijackthis Log/virus alot..

Log -wow there's alot going on

Errors + Crashs Alot

my computer is running slow and my browser is crashing alot