Laptop Slowing Down!!!! ALOT!!!

  1. 10-05-2007  #1
    awjohnson2
    awjohnson2 is offline Full Member

    Laptop Slowing Down!!!! ALOT!!!

    My laptop has become slow over the last month or so; so I created a HijackThis log and DEAR LORD I have never seen this many things come up. There are so many that I could really use some help trying to figure out which ones are not needed or bad. Please help and thanks.

    Here is the HT Log:

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 8:11:15 PM, on 5/9/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\BigFix\bigfix.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\PROGRA~1\Grisoft\AVG7\avgw.exe
    C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
    C:\Program Files\Grisoft\AVG7\avgwb.dat
    C:\Program Files\SlimBrowser\sbrowser.exe
    C:\Documents and Settings\Owner.Apocaliptor\My Documents\HiJackThis_v2.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [ehTray] ---C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [Google Desktop Search] ---"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [SynTPLpr] ---C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] ---C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Reminder] ---
    O4 - HKLM\..\Run: [Recguard] ---
    O4 - HKLM\..\Run: [ATICCC] ---"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] ---stsystra.exe
    O4 - HKLM\..\Run: [SMSERIAL] ---C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] --C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] ---C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [ccApp] ---"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [QuickTime Task] ---"C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] ---C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [NeroFilterCheck] ---C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [CloneDVDElbyDelay] ---"C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
    O4 - HKLM\..\Run: [ElbyCheckAnyDVD] ---"C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
    O4 - HKLM\..\Run: [AnyDVD] ---C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [GrooveMonitor] ---"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKCU\..\Run: [Power2GoExpress] ---NA
    O4 - HKCU\..\Run: [MSMSGS] ---"C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Norton SystemWorks] ---"C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [updateMgr] ---C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
    O4 - HKCU\..\Run: [swg] -C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: bw+0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: offline-8876480 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
    O20 - Winlogon Notify: iifcaaa - iifcaaa.dll (file missing)
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe LM Service - Unknown owner - ---"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - ---"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" (file missing)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" (file missing)
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe" (file missing)
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" (file missing)
    O23 - Service: Google Updater Service (gusvc) - Unknown owner - -"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" (file missing)
    O23 - Service: LiveUpdate - Unknown owner - ---"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE" (file missing)
    O23 - Service: Microsoft Office Groove Audit Service - Unknown owner - ---"C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe" (file missing)
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - ---"C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe" (file missing)
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Unknown owner - ---"C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe" (file missing)
    O23 - Service: Norton Unerase Protection (NProtectService) - Unknown owner - ---C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE (file missing)
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: Office Source Engine (ose) - Unknown owner - ---"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (file missing)
    O23 - Service: PrismXL - Unknown owner - ---C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (file missing)
    O23 - Service: SAVScan - Unknown owner - ---"C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe" (file missing)
    O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - ---C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" (file missing)
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe" (file missing)
    O23 - Service: Speed Disk service - Unknown owner - ---C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE (file missing)
    O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - ---C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
    O23 - Service: Symantec Core LC - Unknown owner - ---C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
    O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

    --
    End of file - 23280 bytes

    Thanks
  2. 10-05-2007  #2
    awjohnson2
    awjohnson2 is offline Full Member
    Also....Here is the hardware scan:

    OS Information:
    Property Value
    OS Name Microsoft Windows XP Professional|C:\WINDOWS|\Device\Harddisk0\Partitio n1
    Service Pack 2.0
    OS Manufacturer Microsoft Corporation
    Windows Directory C:\WINDOWS


    Processor:
    Property Value
    Current Clock Speed 1595
    Description x86 Family 15 Model 72 Stepping 2
    Manufacturer AuthenticAMD
    Name AMD Turion(tm) 64 X2 Mobile Technology TL-52

    Current Clock Speed 1595
    Description x86 Family 15 Model 72 Stepping 2
    Manufacturer AuthenticAMD
    Name AMD Turion(tm) 64 X2 Mobile Technology TL-52


    Memory (RAM):
    Property Value
    Bank Label DIMM1
    Capacity 1073741824

    Bank Label DIMM2
    Capacity 1073741824

    Total Memory Deteced in Hardware: ~2048 MB
    Memory Reported to Operating System: 1918MB

    Disk Drives:
    Property Value
    Description Disk drive
    Manufacturer (Standard disk drives)
    Model ST9160821A
    Media Type Fixed hard disk media
    Size 160039272960 (~149 GB)
    Number of Partitions 2


    Installed Printers:
    Property Value
    Name Send To OneNote 2007
    Port Name Send To Microsoft OneNote Port:
    Default True
    Driver Name Send To Microsoft OneNote Driver


    Motherboard:
    Property Value
    Manufacturer Gateway
    Model
    Name Base Board
    Part Number
    Product
    Serial Number QTFDHJ64002941
    Version 84.03


    BIOS:
    Property Value
    Manufacturer Phoenix Technologies LTD
    Name Rev 1.0
    Release Date 20061013000000.000000+000
    Version GATEWA - 20061013


    Monitor:
    Property Value
    Description Generic Television
    Name Generic Television
    Screen Height 800
    Screen Width 1280


    Keyboard:
    Property Value
    Description Standard 101/102-Key or Microsoft Natural PS/2 Keyboard


    Pointing Device:
    Property Value
    Manufacturer (Standard system devices)
    Name USB Human Interface Device

    Manufacturer Synaptics
    Name Synaptics PS/2 Port TouchPad


    Sound Card:
    Property Value
    Manufacturer SigmaTel
    Description SigmaTel High Definition Audio CODEC
    Device ID HDAUDIO\FUNC_01&VEN_8384&DEV_7634&SUBSYS_107B0367& REV_1001\4&C38BD79&0&0001


    Video Card:
    Property Value
    Adapter Compatibility ATI Technologies Inc.
    Adapter RAM 268435456
    Description ATI RADEON XPRESS 200M Series
    Installed Display Drivers ati2dvag.dll
    Driver Version 6.14.10.6614
    Driver Date 4/5/2006 5:58:44 AM
    Video Mode Description 1280 x 800 x 4294967296 colors


    DirectX Installation:
    Property Value


    Modem:
    Property Value
    Model Motorola SM56 Data Fax Modem
    Name Motorola SM56 Data Fax Modem


    Network Adapters:
    Property Value
    Description Marvell Yukon 88E8038 PCI-E Fast Ethernet Controller - Packet Scheduler Miniport
    Description
    Description Broadcom 802.11g Network Adapter - Packet Scheduler Miniport
    Description
    Description

    External Ports:
    Property Value
    External Reference Designator CRT
    External Reference Designator USB 1
    External Reference Designator USB 2
    External Reference Designator USB 3
    External Reference Designator USB 4
    External Reference Designator Microphone In
    External Reference Designator Speaker Out

    Expansion Slots:
    Property Value
  3. 10-05-2007  #3
    VopThis
    VopThis is offline Senior Member (Canada)
    If you are running two (2) real-time, always on antivirus tools at the same time that could present a horrible problem thru conflicts, slowdowns, and incompatibilities. You should uninstall one of them in that case.

    Also, uninstall the current install for HijackThis so that we may get a proper install (not the BETA version) as per instructions below and to provide further diagnostics:



    Please download Deckard's System Scanner (DSS) to your desktop.
    • Close all applications and windows.
    • Double-click on dss.exe to run it, and follow the prompts.
    • When the scan is complete, a text file will open - Main.txt
    • Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of Main.txt in your thread in the HijackThis Log Help Forum.
    • An additional text file, Extra.txt,will also be available (by default) in the following FOLDER, C:\Deckard\System Scanner.
    • Please go to that FOLDER and also copy the contents of Extra.txt to your post as well.

    Note: some firewalls may warn that sigcheck.exe is trying to access the internet - please ensure that you allow sigcheck.exe permission to do so.

    What DSS will do:
    • Create a new System Restore point in Windows XP and Vista.
    • Clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
    • Check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have it installed.
    Post Logs:
    • DSS Scan Results: contents of:
      • 1) Main.txt
      • 2) Extra.txt
  4. 12-05-2007  #4
    awjohnson2
    awjohnson2 is offline Full Member
    Ok, so here is the crazy part. I removed the Norton software and left on the AVG and for some reason when I log onto D-A-L.com and log in I cannot post or reply or ANYTHING but read. I am having to update this from my desktop!!!

    Here are the two logs requested:
  5. 12-05-2007  #5
    awjohnson2
    awjohnson2 is offline Full Member
    Main.txt

    Deckard's System Scanner v20070426.43
    Run by Owner on 2007-05-10 at 14:05:44
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    36: 2007-05-10 18:05:50 UTC - RP56 - Deckard's System Scanner Restore Point
    35: 2007-05-10 07:00:55 UTC - RP55 - Software Distribution Service 2.0
    34: 2007-05-09 23:51:27 UTC - RP54 - System Checkpoint
    33: 2007-05-08 21:58:55 UTC - RP53 - System Checkpoint
    32: 2007-04-30 01:32:22 UTC - RP52 - Installed Windows XP Wdf01005.


    -- First Restore Point --
    1: 2007-02-11 08:03:49 UTC - RP21 - System Checkpoint


    Backed up registry hives.

    Performed disk cleanup.


    -- HijackThis (run as Owner.exe) -----------------------------------------------

    Logfile of HijackThis v1.99.1
    Scan saved at 2:08:06 PM, on 5/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
    C:\Program Files\BigFix\bigfix.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Owner.Apocaliptor\My Documents\dss.exe
    C:\PROGRA~1\HIJACK~1\Owner.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [ehTray] ---C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [Google Desktop Search] ---"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [SynTPLpr] ---C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] ---C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Reminder] ---
    O4 - HKLM\..\Run: [Recguard] ---
    O4 - HKLM\..\Run: [ATICCC] ---"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] ---stsystra.exe
    O4 - HKLM\..\Run: [SMSERIAL] ---C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] --C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] ---C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [QuickTime Task] ---"C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] ---C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [NeroFilterCheck] ---C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [CloneDVDElbyDelay] ---"C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
    O4 - HKLM\..\Run: [ElbyCheckAnyDVD] ---"C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
    O4 - HKLM\..\Run: [AnyDVD] ---C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [GrooveMonitor] ---"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKCU\..\Run: [Power2GoExpress] ---NA
    O4 - HKCU\..\Run: [MSMSGS] ---"C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [updateMgr] ---C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O18 - Protocol: bw+0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: offline-8876480 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
    O20 - Winlogon Notify: iifcaaa - iifcaaa.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Adobe LM Service - Unknown owner - ---"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - ---"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    O23 - Service: Google Updater Service (gusvc) - Unknown owner - -"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
    O23 - Service: LiveUpdate - Unknown owner - ---"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
    O23 - Service: Microsoft Office Groove Audit Service - Unknown owner - ---"C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (file missing)
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: Office Source Engine (ose) - Unknown owner - ---"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)
    O23 - Service: PrismXL - Unknown owner - ---C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (file missing)
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
    O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - ---C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
    O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE


    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R0 Vax347b - c:\windows\system32\drivers\vax347b.sys
    R0 Vax347s - c:\windows\system32\drivers\vax347s.sys
    R1 Cdr4_xp - c:\windows\system32\drivers\cdr4_xp.sys <Not Verified; Roxio; Drag-to-Disc>
    R1 Cdralw2k - c:\windows\system32\drivers\cdralw2k.sys <Not Verified; Roxio; Drag-to-Disc>
    R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.5.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.5.0>
    R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
    R2 CommSB96 - c:\windows\system32\drivers\commsb96.sys <Not Verified; Motorola; >
    R2 CommSBEP - c:\windows\system32\drivers\commsbep.sys <Not Verified; Motorola; >
    R2 ElbyCDIO (ElbyCDIO Driver) - c:\windows\system32\drivers\elbycdio.sys <Not Verified; Elaborate Bytes AG; CDRTools>
    R2 LBeepKE - c:\windows\system32\drivers\lbeepke.sys <Not Verified; Logitech, Inc.; Logitech SetPoint(TM)>
    R3 AnyDVD - c:\windows\system32\drivers\anydvd.sys <Not Verified; SlySoft, Inc.; AnyDVD>
    R3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes; CDRTools>
    R3 Pcouffin (Low level access layer for CD devices) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

    S2 CDRPDACC (Arrowkey Device Access) - ---\??\c:\program files\321studios\shared\cdrpdacc.sys (file missing)
    S3 SymEvent - ---\??\c:\program files\symantec\symevent.sys (file missing)
    S3 SYMIDSCO - c:\progra~1\common~1\symant~1\symcdata\ids-di~1\20070221.002\symidsco.sys (file missing)


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 O&O Defrag - c:\windows\system32\oodag.exe <Not Verified; O&O Software GmbH; O&O Defrag>

    S2 Automatic LiveUpdate Scheduler - ---"c:\program files\symantec\liveupdate\aluschedulersvc.exe" (file missing)
    S2 PrismXL - ---c:\program files\common files\new boundary\prismxl\prismxl.sys (file missing)
    S2 SNDSrvc (Symantec Network Drivers Service) - ---"c:\program files\common files\symantec shared\sndsrvc.exe" (file missing)
    S2 StarWindService (StarWind iSCSI Service) - ---c:\program files\alcohol soft\alcohol 120\starwind\starwindservice.exe (file missing)
    S3 Adobe LM Service - ---"c:\program files\common files\adobe systems shared\service\adobelmsvc.exe" (file missing)
    S3 gusvc (Google Updater Service) - -"c:\program files\google\common\google updater\googleupdaterservice.exe" (file missing)
    S3 LiveUpdate - ---"c:\progra~1\symantec\liveup~1\lucoms~1.exe" (file missing)
    S3 Microsoft Office Groove Audit Service - ---"c:\program files\microsoft office\office12\grooveauditservice.exe" (file missing)
    S3 ose (Office Source Engine) - ---"c:\program files\common files\microsoft shared\source engine\ose.exe" (file missing)


    -- Files created between 2007-04-10 and 2007-05-10 -----------------------------

    2007-05-10 03:04:33 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-04-25 02:00:56 0 dr-h----- C:\$VAULT$.AVG
    2007-04-25 00:32:40 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
    2007-04-25 00:31:20 0 d-------- C:\Documents and Settings\Owner.Apocaliptor\Application Data\AVG7
    2007-04-25 00:31:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-04-25 00:31:10 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7


    -- Find3M Report ---------------------------------------------------------------

    2007-05-10 14:05:39 0 d-------- C:\Documents and Settings\Owner.Apocaliptor\Application Data\SlimBrowser
    2007-05-10 14:02:05 0 d-------- C:\Program Files\Common Files\Symantec Shared
    2007-05-10 13:59:34 0 d-------- C:\Program Files\Symantec
    2007-05-08 16:26:49 0 d-------- C:\Program Files\World of Warcraft
    2007-04-29 21:31:10 0 d-------- C:\Program Files\Common Files\Logitech
    2007-04-20 01:22:55 0 d-------- C:\Documents and Settings\Owner.Apocaliptor\Application Data\U3
    2007-04-16 22:19:43 0 d--h----- C:\Program Files\InstallShield Installation Information
    2007-03-28 11:57:04 0 d-------- C:\Documents and Settings\Owner.Apocaliptor\Application Data\Logitech
    2007-03-28 11:12:47 0 d-------- C:\Program Files\Logitech
    2007-03-27 13:45:41 0 d-------- C:\Program Files\Gateway Games
    2007-03-26 16:41:32 931 --a------ C:\WINDOWS\system32\winpfz32.sys
    2007-03-22 15:53:46 0 d-------- C:\Program Files\Google
    2007-03-22 15:34:27 687592 --a------ C:\WINDOWS\system32\atmtd.dll
    2007-03-22 15:34:09 0 --a------ C:\wjjkktp.exe
    2007-03-22 15:33:53 0 --a------ C:\eghrbp.exe
    2007-03-22 15:33:36 0 --a------ C:\pmgxi.exe
    2007-03-22 15:33:20 0 --a------ C:\inprrnm.exe
    2007-03-22 15:33:03 0 --a------ C:\ifmkarh.exe
    2007-03-22 15:32:43 0 --a------ C:\tejdedqn.exe
    2007-03-22 15:32:29 8464 --a------ C:\WINDOWS\system32\sporder.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2007-03-22 15:32:26 0 --a------ C:\ccqpkwx.exe
    2007-03-22 15:32:10 0 --a------ C:\aqxrcxnf.exe
    2007-03-22 15:31:52 0 --a------ C:\1219496779
    2007-03-22 00:19:14 0 d-------- C:\Documents and Settings\Owner.Apocaliptor\Application Data\Google
    2007-03-16 22:51:13 0 d-------- C:\Documents and Settings\Owner.Apocaliptor\Application Data\CyberLink


    -- Registry Dump ---------------------------------------------------------------

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects]
    {53707962-6F74-2D53-2644-206D7942484F} C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    {72853161-30C5-4D22-B7F9-0BBC1D38A37E} C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    {AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar3.dll
    {CA6319C0-31B7-401E-A518-A07C3DB8F777} c:\windows\system32\BAE.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run]
    "ehTray"="---C:\\WINDOWS\\ehome\\ehtray.exe"
    "Google Desktop Search"="---\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
    "SynTPLpr"="---C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
    "SynTPEnh"="---C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
    "Reminder"="---"
    "Recguard"="---"
    "ATICCC"="---\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
    "SigmatelSysTrayApp"="---stsystra.exe"
    "SMSERIAL"="---C:\\Program Files\\Motorola\\SMSERIAL\\sm56hlpr.exe"
    "Broadcom Wireless Manager UI"="--C:\\WINDOWS\\system32\\WLTRAY.exe"
    "MSKDetectorExe"="---C:\\Program Files\\McAfee\\SpamKiller\\MSKDetct.exe /uninstall"
    "QuickTime Task"="---\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "Symantec NetDriver Monitor"="---C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
    "NeroFilterCheck"="---C:\\WINDOWS\\system32\\NeroCheck.exe"
    "CloneDVDElbyDelay"="---\"C:\\Program Files\\Elaborate Bytes\\CloneDVD\\ElbyCheck.exe\" /L ElbyDelay"
    "ElbyCheckAnyDVD"="---\"C:\\Program Files\\SlySoft\\AnyDVD\\ElbyCheck.exe\" /L AnyDVD"
    "AnyDVD"="---C:\\Program Files\\SlySoft\\AnyDVD\\AnyDVD.exe"
    "GrooveMonitor"="---\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""
    "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc. exe /STARTUP"
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run]
    "Power2GoExpress"="---NA"
    "MSMSGS"="---\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.ex e"
    "updateMgr"="---C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9"
    "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.546 2\\GoogleToolbarNotifier.exe"
    "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessen ger.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
    "InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4 f,57,53,5c,52,65,73,6f,75,72,\
    63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65 ,5c,52,6f,79,61,6c,65,2e,\
    6d,73,73,74,79,6c,65,73,00
    "InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,5 3,5c,52,65,73,6f,75,72,63,65,\
    73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74 ,68,65,6d,65,00

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
    "DisableTaskMgr"=dword:00000000
    "DisableRegistryTools"=dword:00000000

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
    "NoRun"=dword:00000000
    "NoClose"=dword:00000000

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook"
    "{DC5B2C9E-7845-4C90-873D-44742FB9ED66}"=""

    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf
    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifcaaa

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "appinit_dlls"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62 ~1.DLL"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa
    Authentication Packages REG_MULTI_SZ msv1_0\0\0
    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
    Notification Packages REG_MULTI_SZ scecli\0\0

    HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\safeboot\minimal\WdfLoadGroup

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnph ost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0


    [HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\F]
    Shell\AutoRun\command F:\LaunchU3.exe -a


    -- End of Deckard's System Scanner: finished at 2007-05-10 at 14:08:49 ---------




    Extra.txt

    Deckard's System Scanner v20070426.43
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Professional (build 2600) SP 2.0
    Architecture: X86; Language: English

    CPU 0: AMD Turion(tm) 64 X2 Mobile Technology TL-52
    CPU 1: AMD Turion(tm) 64 X2 Mobile Technology TL-52
    Percentage of Memory in Use: 25%
    Physical Memory (total/avail): 1918.04 MiB / 1437.86 MiB
    Pagefile Memory (total/avail): 3810.23 MiB / 3460.92 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1965.67 MiB

    C: is Fixed (NTFS) - 142.2 GiB total, 107.08 GiB free.
    D: is Fixed (FAT32) - 6.83 GiB total, 4.7 GiB free.
    E: is CDROM (No Media)
    G: is CDROM (No Media)


    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is disabled.

    FirstRunDisabled is set.

    FW: v (McAfee) Disabled
    FW: AVG Firewall 7.5.464 v7.5.464 (GRISOFT)
    AV: AVG 7.5.467 v7.5.467 (GRISOFT)
    AV: McAfee VirusScan v (McAfee)


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\Owner.Apocaliptor\Application Data
    CLIENTNAME=Console
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=APOCALIPTOR
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\Owner.Apocaliptor
    LOGONSERVER=\\APOCALIPTOR
    NUMBER_OF_PROCESSORS=2
    OS=Windows_NT
    Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\Sys tem32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\;C:\Program Files\Common Files\Adobe\AGL
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=4802
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\OWNER~1.APO\LOCALS~1\Temp
    TMP=C:\DOCUME~1\OWNER~1.APO\LOCALS~1\Temp
    USERDOMAIN=APOCALIPTOR
    USERNAME=Owner
    USERPROFILE=C:\Documents and Settings\Owner.Apocaliptor
    windir=C:\WINDOWS


    -- User Profiles ---------------------------------------------------------------

    Owner.Apocaliptor (admin)
    Administrator (admin)


    -- Add/Remove Programs ---------------------------------------------------------

    --> MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    µTorrent --> "C:\Program Files\uTorrent\uninstall.exe"
    Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
    Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
    Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
    Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
    Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
    Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
    Adobe Stock Photos 1.0 --> MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
    AnyDVD --> "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
    ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Catalyst Control Center --> MsiExec.exe /I{01C0CB1D-FF49-43F1-ADC5-65F05DB7BDD1}
    ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallI NFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
    AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
    BigFix --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll"
    Broadcom 802.11 Network Adapter --> "C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter"
    Browser Address Error Redirector --> regsvr32 /u /s "c:\windows\system32\BAE.dll"
    CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
    CDDRV_Installer --> MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
    CloneDVD --> "C:\Program Files\Elaborate Bytes\CloneDVD\CloneDVD-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD"
    DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
    DVD Solution --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
    DVD X Copy Platinum 4.0.3 --> "C:\Program Files\321Studios\Platinum\uninstall.exe"
    DVD X Rescue --> C:\PROGRA~1\321STU~1\DVDXRE~1\UNWISE.EXE C:\PROGRA~1\321STU~1\DVDXRE~1\INSTALL.LOG
    Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
    Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
    gtw_logo --> C:\WINDOWS\system32\gtw_logo.scr /UNINSTALL "C:\WINDOWS\system32\gtw_logo.log"
    High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\s puninst.exe"
    HijackThis 1.99.1 --> C:\PROGRA~1\HIJACK~1\HijackThis.exe /uninstall
    J2SE Runtime Environment 5.0 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
    KhalSetup --> MsiExec.exe /I{C89C8D86-4423-4A58-AA40-DD259ACE07C1}
    LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
    Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x9 UNINSTALL -removeonly
    Logitech SetPoint --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
    Microsoft Digital Image Starter Edition 2006 --> "C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=TRIAL VERSION=11
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spunins t.exe"
    Microsoft Money 2006 --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
    Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
    Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
    Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
    Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
    Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
    Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
    Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
    Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
    Motorola Professional Radio CPS-R04.00.01-LA --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Motorola\Professional Radio CPS R04.00.01\UnProRadLANTR04.00.01isu"
    Motorola SM56 Data Fax Modem --> rundll32.exe sm56coin.dll,SM56UnInstaller
    Napster Burn Engine --> MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
    Nero 6 Ultra Edition --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    O&O Defrag Professional Edition --> MsiExec.exe /I{53480370-6CA2-47EC-BC05-02B4B9271C31}
    Power2Go 4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
    PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
    QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
    RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Excel 2007 (KB934670) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD098537-8857-4065-B4B6-AC023CB2C48E}
    Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
    Security Update for Step By Step Interactive Training (KB898458) -->
    SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
    SlimBrowser (remove only) --> "C:\Program Files\SlimBrowser\uninst.exe"
    Sonic Encoders --> MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
    Sony Sound Forge 8.0d --> MsiExec.exe /X{5636E517-8100-4E2A-B69E-2B16AFFA2360}
    SPBBC --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
    Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUnin stall
    Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\ID river.exe /M{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A} /l1033
    Update for Office 2007 (KB932080) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
    Update for Office 2007 (KB933688) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F6E692F1-63C2-4760-94C6-C689DCD053F1}
    Update for Office 2007 (KB934393) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
    Update for Outlook 2007 Junk Email Filter (KB934655) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F7185592-E40D-476E-9BC4-38DF96EE176B}
    Update for Word 2007 (KB934173) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}
    Update Rollup 2 for Windows XP Media Center Edition 2005 --> C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst .exe
    VideoLAN VLC media player 0.8.4a --> C:\Program Files\VideoLAN\VLC\uninstall.exe
    Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
    Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6 A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_6FE44FCD212D4A0 86C7BC0C98B9A619782073FB7\amdk8.inf
    Windows XP Media Center Edition 2005 KB914548 --> "C:\WINDOWS\$NtUninstallKB914548$\spuninst\spunins t.exe"
    WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
    World of Warcraft --> C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe


    -- End of Deckard's System Scanner: finished at 2007-05-10 at 14:08:49 ---------
  6. 13-05-2007  #6
    VopThis
    VopThis is offline Senior Member (Canada)
    AV: AVG 7.5.467 v7.5.467 (GRISOFT)
    AV: McAfee VirusScan v (McAfee)
    You are still running two (2) real-time, always on antivirus tools at the same time that could present a horrible problem thru conflicts, slowdowns, and incompatibilities. You should uninstall all but one of them in that case.





    HIDDEN FILES: To make sure you can see any and all hidden files, please follow the directions here



    Submit the following file(s) to VirusTotal for their immediate evaluation and feedback. Use any of the following methods, as appropriate:
    • Locate FULL FILE PATH if not apparent. Use Start (BUTTON)>Search, [WINDOWS+F] keys, or F3 key (from desktop).
    • Copy & Paste the FULL FILE PATH in the input BOX
      -- OR --
    • Navigate to the file in question.

    Post those results in your next reply (if malware findings were indicated) for:
    2007-03-22 15:34:09 0 --a------ C:\wjjkktp.exe
    2007-03-22 15:33:53 0 --a------ C:\eghrbp.exe
    2007-03-22 15:33:36 0 --a------ C:\pmgxi.exe
    2007-03-22 15:33:20 0 --a------ C:\inprrnm.exe
    2007-03-22 15:33:03 0 --a------ C:\ifmkarh.exe
    2007-03-22 15:32:43 0 --a------ C:\tejdedqn.exe
    2007-03-22 15:32:26 0 --a------ C:\ccqpkwx.exe
    2007-03-22 15:32:10 0 --a------ C:\aqxrcxnf.exe
    2007-03-22 15:31:52 0 --a------ C:\1219496779
  7. 21-05-2007  #7
    awjohnson2
    awjohnson2 is offline Full Member
    I have tried to remove the McAfee but it does not show up with a way to take it off. When I go to add/remove programs it doesn't show up there. Is there a way to force is off of the computer. I ran those files through the site you suggested and I tried to post the results but I was unable to do it. That site said that those files were a worm of some sort and suggested a program to get rid of it. I downloaded the program and ran it but I didn't really notice a difference. Still I need to get rid of McAfee somehow and I don't know how to do it.
  8. 21-05-2007  #8
    VopThis
    VopThis is offline Senior Member (Canada)
    Try using the McAfee Consumer Products Removal tool (MCPR.exe):

    http://ts.mcafeehelp.com/displaydoc....egoryId=107187




    That site [VirusTotal] said that those files were a worm of some sort and suggested a program to get rid of it.
    Try deleting those files in SAFE MODE (gently tap the F8 key while rebooting).
  9. 21-05-2007  #9
    awjohnson2
    awjohnson2 is offline Full Member
    Wow, now I can post directly from my laptop. Here is the latest Hijack This log.


    Logfile of HijackThis v1.99.1
    Scan saved at 11:11:51 AM, on 5/21/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\BigFix\bigfix.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
    C:\Program Files\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wuauclt.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.h...s=PTB&M=MX6453
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
    O4 - HKLM\..\Run: [ehTray] ---C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [SynTPLpr] ---C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] ---C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Reminder] ---
    O4 - HKLM\..\Run: [Recguard] ---
    O4 - HKLM\..\Run: [ATICCC] ---"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] ---stsystra.exe
    O4 - HKLM\..\Run: [SMSERIAL] ---C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] --C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [QuickTime Task] ---"C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] ---C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [RegistrySmart] "C:\Program Files\RegistrySmart\RegistrySmart.exe" -boot
    O4 - HKLM\..\Run: [NeroFilterCheck] ---C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] ---C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [GrooveMonitor] ---"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [CloneDVDElbyDelay] ---"C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
    O4 - HKCU\..\Run: [Power2GoExpress] ---NA
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [updateMgr] ---C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
    O4 - HKCU\..\Run: [MSMSGS] ---"C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O18 - Protocol: bw+0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: offline-8876480 - {0BCB9B7B-7D12-4B7B-9701-8CF4AC63F34F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L
    O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
    O20 - Winlogon Notify: iifcaaa - iifcaaa.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Adobe LM Service - Unknown owner - ---"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - ---"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    O23 - Service: LiveUpdate - Unknown owner - ---"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
    O23 - Service: Microsoft Office Groove Audit Service - Unknown owner - ---"C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (file missing)
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: Office Source Engine (ose) - Unknown owner - ---"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)
    O23 - Service: PrismXL - Unknown owner - ---C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (file missing)
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
    O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - ---C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
    O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

    :::::::::::::
  10. 21-05-2007  #10
    VopThis
    VopThis is offline Senior Member (Canada)
    Save 20% on AVG Internet Security 2012 Suite!
    Were you able to remove the 'worm' infection items? How is your PC now performing?

    If there should no longer be any Norton/Symantec products on your PC there is another item that may need to be uninstalled in the Control Panel (Add/Remove Programs) - Liveupdate



    Fix the following (orphaned/clutter) items in HijackThis, as appropriate:

    O4 - HKLM\..\Run: [SYMANTEC NETDRIVER MONITOR] ---C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

    O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - ---"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: LiveUpdate - Unknown owner - ---"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - ---"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)



    Post a revised HijackThis LOG, please.
+ Reply to Thread
Page 1 of 3 1 2 3 LastLast
« Redirecting from google/yahoo searches | Annoying pop ups in IE(RESOLVED) »